cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css
104.17.25.14200 OK 38 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css
IP 104.17.25.14:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9a547188fa485f8ca9b2cc7d6d2524ef
7893335159a1f637eb24cd05aaba96ac156c7f65
897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433
GET /ajax/libs/vant/2.12.48/index.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css; charset=utf-8
content-length: 38108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-94dc"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 11379
expires: Mon, 28 Apr 2025 04:48:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBPNkiftSC6Dqu5%2FO%2BMOfeDfsLuV4ES5zO5X%2B%2FDSCBD6UT3z8qH80RIVtTJ4gTtJszjozNSVJnahd6eUf2N0FPAk2p9RlQs5CLqAqZbBqi3KMF8XFvG8G%2F%2FgPXO7C3ey9oOj5hQ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8806d1fecb90b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css
104.17.25.14200 OK 3.9 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css
IP 104.17.25.14:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (16213)
Hash 951eae8c8a442c2940c54d180301ed41
771518669a370d915adf0d207f2a22092a768cd1
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d
GET /ajax/libs/Swiper/8.3.2/swiper-bundle.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css; charset=utf-8
content-length: 3945
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-f69"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1900
expires: Mon, 28 Apr 2025 04:48:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jG2kIbibj59WYNTpnLVWDs7S76YXyLZeAporHRa7MPDrteFPWnNj4brTdmDswDOCy0jMYc5HPIRp%2BRi9R4t%2Fy2%2Fj%2BXlP%2F3WDsrRrartNbLc325enrnPcQX%2FiskyyoJWAioRMd%2Bj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8806d1feebaab4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js
104.17.25.14200 OK 4.9 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js
IP 104.17.25.14:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (14957)
Hash 5f4a59735ca9517d0478f395439bd517
f820c08cf114da8ec451e8eedc0da51dfcba5e02
ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9
GET /ajax/libs/vue-resource/1.5.3/vue-resource.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 4866
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c785b9-1302"
last-modified: Mon, 14 Jun 2021 16:37:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 17533
expires: Mon, 28 Apr 2025 04:48:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QACzEKII9gMQN1l1BY%2Bmx9ieP8qvgBLHCRbuBruIfTUIkHBGTWMXhm1CYoKH197gtnZY0%2FnFd1ty9fY2ys0mU%2F8sAkxZHULEU6gGnnd9C%2FuL9EBiGRob9b2J4x2cXNunHu8NSRRP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8806d1feebacb4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js
104.17.25.14200 OK 68 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js
IP 104.17.25.14:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (57307)
Hash 0292da744fb4f768ae77370f868a674e
6dbafd633d187d11e2ef0a9a47044fd5646c70fb
068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468
GET /ajax/libs/vant/2.12.48/vant.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 67811
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-108e3"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 546848
expires: Mon, 28 Apr 2025 04:48:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdc8WKcYBP1QcuCNhpbINtqdw5ugtyfoI7XlCzWJRAmr9gX9hBFe22Xr8%2BT2TkwB6gSkxgGnw1msuK%2BxFvhUrOlJlEGMQmrCi%2FLbHzF4vSJc%2Fmlwl8FVzkFdWnphRTMJlq%2BgMzAo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8806d1feebafb4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
salenzvs.live/static/market/img/payment.png
172.67.162.143200 OK 15 kB URL GET HTTP/3 salenzvs.live/static/market/img/payment.png
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type PNG image data, 342 x 26, 8-bit/color RGBA, non-interlaced
Hash d9e27afb8d07e73a5d78c58219db8284
2c8e0b0821ae555b66a6d9ad9d3f3a97d8164f99
1567d764b3ee71f11f52d807789d9a970c60dd195b39f2b295d476308d76aeb3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/market/img/payment.png HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: image/png
content-length: 14874
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "3a1a-613961329bc31"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SRyvRBO5sffddt5sZOYN3IBTz3yPE48myAIs3n1Qj%2BXqMrM4vvLiYnih%2FUr7FWhd54w0m3sfQyKCKpSGdpJVcUCMmxirxehd7%2FBMcdNVRno0haqbHnu1QM8l8aefXF6E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806d1fe8d8256c0-OSL
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/logo.png
172.67.162.143200 OK 4.5 kB URL GET HTTP/3 salenzvs.live/static/logo.png
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type PNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced
Hash f9b9bde166706066a075e3ee6a597c31
9a0c872fb02fa22a5c238c9b85be38bae248e8be
dd4f65653bcceaa18f31ca082d38acc569b6c4c9f8f992655a8a497f9c6a0eb9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/logo.png HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: image/png
content-length: 4523
last-modified: Mon, 29 Apr 2024 05:48:29 GMT
etag: "11ab-61735cd8e644c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FBuCLMGelb%2F5vrWJEicvcGdIG4exsLQaju6dy2disHjvefLhmwm6BbdJ1tqAgQzSUVPJNzNn4wPojaRqel4VNPLqZMTOHtvnwSROkp3vuS4%2BCQkA5Qf18N0pd5vTl4ZF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806d1fe8d8056c0-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js
104.17.25.14200 OK 50 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js
IP 104.17.25.14:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text
Hash de581e420bf52d70e353080a13094ea8
7e727d99fea8c31c2f2e3173105d585ee3289d31
4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5
GET /ajax/libs/Swiper/8.3.2/swiper-bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 49876
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-c2d4"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 17533
expires: Mon, 28 Apr 2025 04:48:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JUgRZ8wc7s1C%2F6LsfR903FuFBCUp4zsYxcxD7fMMTLwi2xNcrzYQu3bGf5qjP3GVjjyvkXBIwTYOAhR2zzYIwTM55%2FgsUoKStI0BX2d%2F%2BC6wQyHcW1AtP0VtKCDxRZFrDGExB9sR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8806d1feebadb4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
salenzvs.live/api/cart/index
172.67.162.143200 OK 605 B URL GET HTTP/3 salenzvs.live/api/cart/index
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Hash 5e0f617f8c9758900c9eb72462e10207
269f6f9af785b3f29997b3241d8653a1340b01a4
af9632a94de6f3759c550ed97d55ca1b54ee125dd13863105e8aeb528f2dd1d4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/cart/index HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
Authorization:
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Iko1a2h0U0ZVY09jenA2bDhpRVBXN0E9PSIsInZhbHVlIjoiSnNWWmVNSGNzWVZpZXQ5dE0wbXlDcDJRUXRhYzJSeUhZZkVQY2U3UFVXKytIeVJBSEU1SHFLcmczZWYvS3F4MHB2RVpUbzU1d0JZUnN0MGE5Q0JRU2dad2d6a2NWQ3AvTHExL1ZzNmZSRno4S1h1TCsrTVB1Vzd1d2MxUnhwTWUiLCJtYWMiOiIzY2M1MjA1NzQ4ZmFmMzA2ZjMxZjIyOTE2NzJiNDY3YzY3ZDhlM2U5ZDBmNTE2MDdkMDU1YTMzZDFjYmE5MjNjIiwidGFnIjoiIn0%3D; expires=Wed, 08-May-2024 06:48:56 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8X%2FBMJqmprzm%2FHR9nVwX1E3joY4j7iT%2FzkGfsRy0V3Ag5QSLKqAdYgEg8YglTLd7Hih04X1bJb0R0x0wRmuq%2Bu3ikqGI0i%2Fo9bQgqhLgFgYh6z4MQPkJ07TzvpawnEy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d2019fc556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/default/js/vue.min.js
172.67.162.143200 OK 46 kB URL GET HTTP/3 salenzvs.live/static/default/js/vue.min.js
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type JavaScript source, ASCII text, with very long lines (65449)
Hash b21b8531847604ab5f2f5caaef51ba31
da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/default/js/vue.min.js HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: application/javascript
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"16fc7-613961327b4a8-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xwoi4pDl%2BkVfF8nlREgrxI%2BADWA7Z3Lmt%2BVQPsauutHZ89oUX4D9niLePEaOhVAt0QP%2FO%2Bf%2BC4tyTvoc%2ByiqvtXgExGJP9AlBQCqSOgqaV6bJrucUHDRyAJu%2BAtsY%2BaR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe6d7256c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/default/js/delighters.js
172.67.162.143200 OK 25 kB URL GET HTTP/3 salenzvs.live/static/default/js/delighters.js
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Hash cc31823856831d96acd96628fe1bc12c
4441d2792dc7fb9f54cde379cd6dd5085ae7af33
0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/default/js/delighters.js HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: application/javascript
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"a4b-613961327a120-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Evys62TpAXiQPIR1E3TOwcN%2FNojvc%2BRNsA8nhPC%2FrAlF1EVT0ThjINbxfDvY%2FLKfPFdGhvRSV1xyFpiqYyzUgKNS7wEn%2BO%2F4VPdQLxp5txLDIbpsa4KipR1KjEb690Pf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d2015f9056c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
res.cloudinary.com/liaison-inc/image/upload/f_auto/q_auto,w_1200/v1654709836/content/homeguide/homeguide-masonry-contractor-laying-concrete-block-wall_lzzcwr.jpg
104.19.166.65200 OK 126 kB URL GET HTTP/2 res.cloudinary.com/liaison-inc/image/upload/f_auto/q_auto,w_1200/v1654709836/content/homeguide/homeguide-masonry-contractor-laying-concrete-block-wall_lzzcwr.jpg
IP 104.19.166.65:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerGoDaddy.com, Inc.
Subject*.cloudinary.com
FingerprintF8:54:70:A6:3D:D6:0A:BD:5E:7A:14:E6:56:4C:42:23:56:BB:E6:7C
ValidityThu, 14 Dec 2023 11:11:09 GMT - Sat, 22 Jun 2024 11:52:01 GMT
Size 126 kB (125648 bytes)
Hash 1d315bebdbb74ea0b2c4ec7b3d6ac5bc
cbc96f0ae3c8d400df36911104ef2bb93c57f431
0347759cf1863cc38277995c3a91741f6736efb47d41ab900839c5986560b5ac
GET /liaison-inc/image/upload/f_auto/q_auto,w_1200/v1654709836/content/homeguide/homeguide-masonry-contractor-laying-concrete-block-wall_lzzcwr.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:48:59 GMT
content-type: image/avif
content-length: 125648
cf-ray: 8806d20def5c56c5-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: private, no-transform, immutable, max-age=2592000
etag: "1d315bebdbb74ea0b2c4ec7b3d6ac5bc"
last-modified: Thu, 28 Sep 2023 19:34:40 GMT
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data, Accept-Encoding
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
server-timing: cld-cloudflare;dur=459;start=2024-05-08T04:48:58.549Z;desc=miss,rtt;dur=1,content-info;desc="width=1200,height=800,bytes=125648,owidth=1200,oheight=800,obytes=244844;";cloudinary;dur=107;start=2024-05-08T04:48:58.644Z
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
salenzvs.live/static/mall/css/bg-4.css
172.67.162.143200 OK 603 B URL GET HTTP/3 salenzvs.live/static/mall/css/bg-4.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Hash ddd5868b8bc8895f74c8448a702ebb68
2bab173d02433fea076b802c46ee3b4f53751657
bb41701246e353c366eec1e0feae6871d1f056749f5055302be15fbe42ed126a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/bg-4.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"1c4-613961328e171-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aj7QYc8ZM%2FXgJUC%2F1Ee514dfgbCaELx6cCrg%2F4NsAK2qEdm1FVogq3eA7tpLU7w%2FFkn1hjvm7YTDg6ShvJ4WT%2BFAoja%2FQW5%2BnEStwt6cLuJxtkuFiRIkzfaLHhS1PtlV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe6d6756c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/api/item/info?id=98831427
172.67.162.143200 OK 520 kB URL GET HTTP/3 salenzvs.live/api/item/info?id=98831427
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Size 520 kB (519735 bytes)
Hash 88e58adb7efb8be9e089777133e27a02
a0edbb5982acaeb854a2b8384e635f7007ba9964
5ccbb6fa0f559f97d47442b07b010297ae35f8feed92beee193b7840ffb708b2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/item/info?id=98831427 HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:58 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IlpaenNPaWtYMG82R0M5Y3ZobGo1SlE9PSIsInZhbHVlIjoiMFNKNE1WN0ExVXNydERlR2NCWVR5czJJTWtmNU92anZLLzlhckE1Z2V4ek1YS3BPVW5CeUQ2MEFFaGtXQkdvV2l3WDl1SzNaVjZWNk5oRks0TjlaamFZbHhHMk5qQUZ0azlFMS8ybWE4MEF4RDVIVnhjWnFsMjRDSm50SVh5REkiLCJtYWMiOiI4NjJiMzYwNDk0MzFjOTE4YjM2YzI4MDI4ZWQ3ODM1MmQzMGQ2NDE5ZmU2ZWE1MGMxODFjYmE1ZTM5Y2ZiY2Q3IiwidGFnIjoiIn0%3D; expires=Wed, 08-May-2024 06:48:58 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q92V9V4cXxiuk%2Fx9C9as0HYHM5QS3Z1z0QQ8lnk07kAP9A1YGpxVf9%2FkeJT8wixabV8XoJFkY1lhA4PjuwXPWaNphUfVX4ndTt5bc8HeOjv4DENsXYzPlVn1ygus1EZr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d202185656c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.rebrickable.com/media/thumbs/sets/75311-1/89521.jpg/1000x800p.jpg?1656167107.6216483
194.242.11.186200 OK 145 kB URL GET HTTP/2 cdn.rebrickable.com/media/thumbs/sets/75311-1/89521.jpg/1000x800p.jpg?1656167107.6216483
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectcdn.rebrickable.com
Fingerprint8E:E4:02:72:38:9E:B5:1E:E6:A4:DA:AF:C2:A3:D5:B9:8F:6C:07:1E
ValidityFri, 03 May 2024 05:09:13 GMT - Thu, 01 Aug 2024 05:09:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x800, components 3
Size 145 kB (145244 bytes)
Hash 87a524ca5a31ae0dcb2001bf0a24d140
b4e3383b07b0d956d4ba4978d4179c5b5366eb97
35dfeac8aea4195e7d57e67c711af7415ca723e56d3131a37269769c19a7251d
GET /media/thumbs/sets/75311-1/89521.jpg/1000x800p.jpg?1656167107.6216483 HTTP/1.1
Host: cdn.rebrickable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:49:00 GMT
content-type: image/jpeg
content-length: 145244
server: BunnyCDN-NO1-830
cdn-pullzone: 1598642
cdn-uid: 6da4f1bc-6767-419a-a919-46d8d6d47bc6
cdn-requestcountrycode: NO
cache-control: public, max-age=31536000
etag: "62b71ac3-2375c"
expires: Thu, 08 May 2025 04:49:00 GMT
last-modified: Sat, 25 Jun 2022 14:25:07 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/08/2024 04:49:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1ea02626becd5888a5a0ecd91a148e10
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
preview.redd.it/land-rover-defender-42110-v0-f82uhnga7amb1.jpg?width=640&crop=smart&auto=webp&s=f027244f771ad49ca5b83811447c04fd1531daab
151.101.1.140200 OK 94 kB URL GET HTTP/2 preview.redd.it/land-rover-defender-42110-v0-f82uhnga7amb1.jpg?width=640&crop=smart&auto=webp&s=f027244f771ad49ca5b83811447c04fd1531daab
IP 151.101.1.140:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerDigiCert Inc
Subject*.redd.it
Fingerprint33:78:3E:06:F8:D9:1E:16:2B:2C:23:83:A1:19:F9:33:C7:B8:88:33
ValidityTue, 16 Jan 2024 00:00:00 GMT - Sat, 13 Jul 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x429, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 05c124983fd01798c797b6c929d2a230
d1b8086167346563004f5a0653aaecefeb6b95d6
8c267f0e2d3c6d7b81f932ad5d4174d31947f7264d33da7e7bb4d03f3d6784f3
GET /land-rover-defender-42110-v0-f82uhnga7amb1.jpg?width=640&crop=smart&auto=webp&s=f027244f771ad49ca5b83811447c04fd1531daab HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
content-type: image/webp
reddit-io-info: ifsz=195797 idim=1118x750 ifmt=jpg ofsz=94252 odim=640x429 ofmt=webp
reddit-stats: io=1
x-envoy-upstream-service-time: 292
x-imo-features: auto=webp&crop=smart&width=640
x-reddit-backend: 19c9ef79748590ad9aa38d61e4619c670768a73193aec6424a9f9b913b91
x-reddit-pod-ip: 10.102.81.45:8080
x-canonical-filename-image-generation: 1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Wed, 08 May 2024 04:49:00 GMT
vary: Accept,X-Imo-Features,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 94252
X-Firefox-Spdy: h2
images.offerup.com/fPBNIjr9HwQyKLaMHUod7WM7dQM=/2016x1512/3daf/3daf7c4e5e824f868ec23e12c5a80226.jpg
54.239.142.24200 OK 574 kB URL GET HTTP/1.1 images.offerup.com/fPBNIjr9HwQyKLaMHUod7WM7dQM=/2016x1512/3daf/3daf7c4e5e824f868ec23e12c5a80226.jpg
IP 54.239.142.24:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerAmazon
Subject*.offerup.com
Fingerprint5E:ED:22:9E:8C:26:BC:50:8F:A3:83:3C:A4:BE:92:C3:6F:CD:FD:14
ValiditySun, 26 Nov 2023 00:00:00 GMT - Tue, 24 Dec 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2016x1512, components 3
Size 574 kB (573951 bytes)
Hash a5c95ad6742c6eea82f9e1b4ad53d92c
a2e5aaf4b11637955705c17a02564d80990e7cb9
9cf00fdde7084c1c37e299ce90f36c38b1a0a63d8c9bc05f6057c12cb53b7482
GET /fPBNIjr9HwQyKLaMHUod7WM7dQM=/2016x1512/3daf/3daf7c4e5e824f868ec23e12c5a80226.jpg HTTP/1.1
Host: images.offerup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 573951
Connection: keep-alive
Cache-Control: max-age=31536000,public
Date: Wed, 08 May 2024 04:49:01 GMT
ETag: "a2e5aaf4b11637955705c17a02564d80990e7cb9"
Expires: Thu, 08 May 2025 04:49:01 GMT
Server: nginx/1.12.1
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gl4IxkdlOmHwTfPzeS6B9fDVtOa1hqnTj5vCZnBMoSblS-1CT_yrcA==
salenzvs.live/traffic_statistics?gurl=
172.67.162.143200 OK 143 kB URL GET HTTP/3 salenzvs.live/traffic_statistics?gurl=
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Size 143 kB (143405 bytes)
Hash 2d7b7787079fde8c671535209e732406
137f4e9621da52d36fb8318f8b0b73ab0ac0f7a0
d98d78d61d87b6c76ebc8f1ac322a5535367b982a36499169a22f710a304523e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /traffic_statistics?gurl= HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:57 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkhoRVF0WTVmdlp6M1lQWlVVL0VFbEE9PSIsInZhbHVlIjoidGo4ZUhXNlpzekF1ZVViZ2IxTlJYUDNPc1BFNWRlcXF4M2VaeWY5N2FKK2RxUFJ4dkxZWkljZHRINlRxbjJlMk5uNnh6RXVudVRpVmNHbTIxZ09KajhGSmZ0WE1vanhnZzZ1Z1NrZHJrT29pb043c211R3EvZXg2cVhybnFpbXYiLCJtYWMiOiI1ZGE0NTRmZjhiYzIwZjMwYWFlNTQ2NTlmMjg4YjUwMGFlOTU5MjhjMThjOGViYWJmODViMTQ3OTE3MWFkYTIxIiwidGFnIjoiIn0%3D; expires=Wed, 08-May-2024 06:48:57 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IlJRRkZodUdFQS84bmNDTUw5OXkxK3c9PSIsInZhbHVlIjoiZnNCSXgvTVRJZ3NGVWpCQWlnZ2hUaFJ4RmxIMGw1c2F2eXpPUUFIWktTOG1ITkJJajBCNEtNTGtoTldwMlBaVUkrMnEzYnA5V1JTaml4UzFvSVMxWm1DUkxrckFiT1R2TndrWnNsZ1EvVnduc3pZczhzdnhKVjdwU2N1VkhDcE4iLCJtYWMiOiI5NDNjYTdkNDEwM2M1OTY1NmIwZTcxMWYzYzc4NzZiOGY0ZjY0NzljYTMyYjljNTUyYzIxMjFiNTNkY2I1MWYyIiwidGFnIjoiIn0%3D; expires=Wed, 08-May-2024 06:48:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xpj2t4WYgkvFT7%2FXZBuHXZUAzfTM5NTeACidBkjT4zcFOB2T5nvgFKWeQdchRQ4DnmKyTChLAfCxmngLFto08gba%2FkvERON5HtTMAu%2BvehevmRVkzYxaFmyup4SA1zXH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d202b8ca56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
minifig.biz/ming/wp-content/uploads/2022/01/Minifig-Logo-2-e1641063940259.png
172.67.151.97200 OK 232 kB URL GET HTTP/2 minifig.biz/ming/wp-content/uploads/2022/01/Minifig-Logo-2-e1641063940259.png
IP 172.67.151.97:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectminifig.biz
Fingerprint7B:FC:11:90:33:8D:6C:9A:91:77:63:DC:DD:CA:FB:EE:90:AA:AF:39
ValidityMon, 15 Apr 2024 05:29:28 GMT - Sun, 14 Jul 2024 05:29:27 GMT
File type PNG image data, 1000 x 797, 8-bit colormap, non-interlaced
Size 232 kB (231931 bytes)
Hash 35a8daf6674a19970bd1000ad26febda
92592cb77f9de2ace585f5b6ea9b80bbc3e078da
da33e5e993c3868efdf1abb9a01e520ef66c37921437328b8772ec1e9761ebe6
GET /ming/wp-content/uploads/2022/01/Minifig-Logo-2-e1641063940259.png HTTP/1.1
Host: minifig.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:49:01 GMT
content-type: image/png
content-length: 231931
last-modified: Wed, 03 Jan 2024 08:36:27 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTcOCAEffHmHrrqlXnQK4XQ%2Bw35Wq6jqwE6fSrMgYNXuSbGqyZvxxnslfN7kl3OqvuCgYKa2KGR%2BUkfsRSYQROaD9VJYZVvAfFKpve2RIJ1oUn%2FlEJfqe3xsk6E9Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806d219bbd4b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
salenzvs.live/api/item/randomByKeyword
172.67.162.143200 OK 2.7 kB URL POST HTTP/3 salenzvs.live/api/item/randomByKeyword
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type troff or preprocessor input, ASCII text, with very long lines (3015), with no line terminators
Hash 42f8162f3862fd31e5a763a3399bd0b1
fb20484a0de6904d7d9da0f9843dbce507518c40
6d021f7b9fc3f1f845e4ff2584b412b22f2303eda4e2c6c3c63173a6b58b9087
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /api/item/randomByKeyword HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 61
Origin: https://salenzvs.live
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkhoRVF0WTVmdlp6M1lQWlVVL0VFbEE9PSIsInZhbHVlIjoidGo4ZUhXNlpzekF1ZVViZ2IxTlJYUDNPc1BFNWRlcXF4M2VaeWY5N2FKK2RxUFJ4dkxZWkljZHRINlRxbjJlMk5uNnh6RXVudVRpVmNHbTIxZ09KajhGSmZ0WE1vanhnZzZ1Z1NrZHJrT29pb043c211R3EvZXg2cVhybnFpbXYiLCJtYWMiOiI1ZGE0NTRmZjhiYzIwZjMwYWFlNTQ2NTlmMjg4YjUwMGFlOTU5MjhjMThjOGViYWJmODViMTQ3OTE3MWFkYTIxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlpaenNPaWtYMG82R0M5Y3ZobGo1SlE9PSIsInZhbHVlIjoiMFNKNE1WN0ExVXNydERlR2NCWVR5czJJTWtmNU92anZLLzlhckE1Z2V4ek1YS3BPVW5CeUQ2MEFFaGtXQkdvV2l3WDl1SzNaVjZWNk5oRks0TjlaamFZbHhHMk5qQUZ0azlFMS8ybWE4MEF4RDVIVnhjWnFsMjRDSm50SVh5REkiLCJtYWMiOiI4NjJiMzYwNDk0MzFjOTE4YjM2YzI4MDI4ZWQ3ODM1MmQzMGQ2NDE5ZmU2ZWE1MGMxODFjYmE1ZTM5Y2ZiY2Q3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:49:00 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6ImIwSnJnK2lRMjdJdWlMMHI2R2lRVkE9PSIsInZhbHVlIjoidDl0SmFvSmRtU0g5ZUdXS3Izb3JlcUdLYWVSUFVwd0dCSHhhTjZBUXdTcElPZTBFRTFSREI2VTRKYVRxdUdiUEVuVTFEUExtZ2Z1NE1qdlF0VHQ5ajlqMUV4T3duelorbE5HVmVaVlVleVV0cWZESFVKRzFtY1R2dUluWVdJaXQiLCJtYWMiOiIzZTUxOTM2OTEwOWYzNDc0M2EwMmEwN2UwNzYwY2YxNTg3YmJiMWUyN2U5NmE4NjI4NjhlMTVjMGQzZGVmNDNmIiwidGFnIjoiIn0%3D; expires=Wed, 08-May-2024 06:49:00 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3Bc9spYEEh%2FVEbv9a4Acop7xOtYI0keJE0V0ZUOKJY73Wx0eVJUanNpI784cbU9FPDVRMrX5pDZH81xy%2BUFb6hIQLEKTp1G%2FgLlJTX8t7NUj4MbGmwFq8QIEALki45K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d20dd8d356c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/font/Poppins-Regular.ttf
172.67.162.143200 OK 158 kB URL GET HTTP/3 salenzvs.live/static/mall/css/font/Poppins-Regular.ttf
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 17 names, Microsoft, language 0x409, Copyright 2020 The Poppins Project Authors (https://github.com/itfoundry/Poppins)PoppinsRegularI
Size 158 kB (158192 bytes)
Hash 8b6af8e5e8324edfd77af8b3b35d7f9c
01d319c533f62ea29f03b5df8adfd4d93d2d2a38
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/font/Poppins-Regular.ttf HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/demo1.css
Cookie: XSRF-TOKEN=eyJpdiI6IkhoRVF0WTVmdlp6M1lQWlVVL0VFbEE9PSIsInZhbHVlIjoidGo4ZUhXNlpzekF1ZVViZ2IxTlJYUDNPc1BFNWRlcXF4M2VaeWY5N2FKK2RxUFJ4dkxZWkljZHRINlRxbjJlMk5uNnh6RXVudVRpVmNHbTIxZ09KajhGSmZ0WE1vanhnZzZ1Z1NrZHJrT29pb043c211R3EvZXg2cVhybnFpbXYiLCJtYWMiOiI1ZGE0NTRmZjhiYzIwZjMwYWFlNTQ2NTlmMjg4YjUwMGFlOTU5MjhjMThjOGViYWJmODViMTQ3OTE3MWFkYTIxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImIwSnJnK2lRMjdJdWlMMHI2R2lRVkE9PSIsInZhbHVlIjoidDl0SmFvSmRtU0g5ZUdXS3Izb3JlcUdLYWVSUFVwd0dCSHhhTjZBUXdTcElPZTBFRTFSREI2VTRKYVRxdUdiUEVuVTFEUExtZ2Z1NE1qdlF0VHQ5ajlqMUV4T3duelorbE5HVmVaVlVleVV0cWZESFVKRzFtY1R2dUluWVdJaXQiLCJtYWMiOiIzZTUxOTM2OTEwOWYzNDc0M2EwMmEwN2UwNzYwY2YxNTg3YmJiMWUyN2U5NmE4NjI4NjhlMTVjMGQzZGVmNDNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:49:00 GMT
content-type: font/ttf
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"269f0-61396132927c1-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t7p1uYYNI%2F88U3Yr2PzVfE%2BF9qMk4mQm%2Bfvjfs5ugRuok6XaPpGhF0kWOUXrAGITLNauloXQBpWzWc%2F0BK3xgN2YKE6vyOBp55LRs4%2F43qxRAbrqOP1YDn1Y2VM%2Fm3pk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d219495a56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D698287280731280
172.67.162.143200 OK 84 kB URL GET HTTP/3 salenzvs.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D698287280731280
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Hash 78c5cac240cf93ef9dba4fa39958febe
5f014569bc432ddbe340868cd5c53baecaf7305f
e578a47674dbdab5e8226d01abff61a3d156505ec509f6a9b486cf92efdf420a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D698287280731280 HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkhoRVF0WTVmdlp6M1lQWlVVL0VFbEE9PSIsInZhbHVlIjoidGo4ZUhXNlpzekF1ZVViZ2IxTlJYUDNPc1BFNWRlcXF4M2VaeWY5N2FKK2RxUFJ4dkxZWkljZHRINlRxbjJlMk5uNnh6RXVudVRpVmNHbTIxZ09KajhGSmZ0WE1vanhnZzZ1Z1NrZHJrT29pb043c211R3EvZXg2cVhybnFpbXYiLCJtYWMiOiI1ZGE0NTRmZjhiYzIwZjMwYWFlNTQ2NTlmMjg4YjUwMGFlOTU5MjhjMThjOGViYWJmODViMTQ3OTE3MWFkYTIxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImIwSnJnK2lRMjdJdWlMMHI2R2lRVkE9PSIsInZhbHVlIjoidDl0SmFvSmRtU0g5ZUdXS3Izb3JlcUdLYWVSUFVwd0dCSHhhTjZBUXdTcElPZTBFRTFSREI2VTRKYVRxdUdiUEVuVTFEUExtZ2Z1NE1qdlF0VHQ5ajlqMUV4T3duelorbE5HVmVaVlVleVV0cWZESFVKRzFtY1R2dUluWVdJaXQiLCJtYWMiOiIzZTUxOTM2OTEwOWYzNDc0M2EwMmEwN2UwNzYwY2YxNTg3YmJiMWUyN2U5NmE4NjI4NjhlMTVjMGQzZGVmNDNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:49:04 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IjVZT21WWHVnZmNlSjRZcUdIN3hKK3c9PSIsInZhbHVlIjoiZlFEZWJidkpsN0hPd3dFOS9OZjRsakhKNEJTNGRrbUs0WEh2UHZsN2wrRTJXTU1IbGFtcHVLbjVERkxBa1p0MWk5M2E2Y1UrNVdGOTJ6cHFranVkR3pzaW5uKzVXOFM2SzJXMXRuR2ZNYWZOVWkwUmhyVlgyUUJGemRvZXd2VHAiLCJtYWMiOiI0NjkzNGQxMDRiNzFjNDEwMjRhOTAxMmUxN2JiNDY0ZTJkZTc5MzJiMjNlZmJhYjk3M2RlOWU0MWU2OGRiY2ZjIiwidGFnIjoiIn0%3D; expires=Wed, 08-May-2024 06:49:04 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W91%2B2w5RzcJVv5xD7eZZnbmKZFwnGsVbYJ%2Fn8rzzj5GzcnW0HWN05%2Fuv0dbjyMMNv56DY471QfwXzDDozicpjoPSAXt%2B9UQtAKuKlYrrLfMI0TJV0XpeO8rzR6kGFkQT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d219495e56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/ecicons.min.css
172.67.162.143200 OK 38 kB URL GET HTTP/3 salenzvs.live/static/mall/css/ecicons.min.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Hash abf739a4f700786a4e2d6abf4c81e3a0
aafb0578ed47df30cc871bc161db5f7d7cd6d444
9eef72c0a2fc38e6190244cfed729e9b9667529b47eabe2f446373d8958a968c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/ecicons.min.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"9531-613961328e941-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GdE0bBTPjMu27UwM6R6b9yURZxx1%2BMlXZ%2F6EY8MsaNGr%2FTd8Q4Y3k%2BTh%2FmfBS2IYWa8sj%2Ffh2L%2FjNJgeKF0Hi12fHL03F%2FosgQ9m8Tg1lMvpbAo8AuoXPKNAqmP2elht"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe5d5556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/swiper-bundle.min.css
172.67.162.143200 OK 14 kB URL GET HTTP/3 salenzvs.live/static/mall/css/swiper-bundle.min.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type ASCII text, with very long lines (13428)
Hash 91a0424bb56d373b12fa509e49fa86d2
39087ce17748c48a5218767af371e2aabb576a49
665d1995ba3fd0f5caf431866b89bdfaf36debae2f1c07d8187bc559c41fadc7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/swiper-bundle.min.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"357e-6139613294319-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1%2FgmufwrZ7NXu77t5eAhXYbRIIrSozHhUlLq6eURVUDm%2FvZ1zUwACGKT0qfJPzzcEM2xXsdpiFGwrqMo5mPT57xvDYTXYqsBS84Bc2dZ1U9P3HlU8nYPUSmC7JxgmdX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe5d5756c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/countdownTimer.css
172.67.162.143200 OK 1.3 kB URL GET HTTP/3 salenzvs.live/static/mall/css/countdownTimer.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type ASCII text, with very long lines (1372), with no line terminators
Hash 36b9ffeb0997351e58582be74a0853fe
e66064b1787ba78b5ef95c5897fe8fb2f5ae84af
85faf4717d7ebc4252891062420945090a46763a4891e0706581a19e5fc27ddb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/countdownTimer.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"4fc-613961328e559-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w01jCjIda3SQeOJHUvN%2BZlPJCPeq%2Fyl63cXm9%2B6WQujv6wC0EGkzzzcuxfXI7fYoA%2BaujB8ReZS8P%2BgwMx5tw6EhWX4MYKfj0tWQMz6S9g%2Bfdss%2BRBGfRbWz1vexpR9w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe5d5b56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/demo1.css
172.67.162.143200 OK 439 kB URL GET HTTP/3 salenzvs.live/static/mall/css/demo1.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Size 439 kB (438856 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/demo1.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"6b248-613961328e941-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egD3XpcV8vjbhOuNYawQ1mVytvfYPDRntyxTw3SMg8N5lElonRkzjOWwtmEhdXMxCe1yonaXlfFjM7bHUF1%2BXC6WjVaC%2FuQb8j89vNTd5W0qwwdeFVjlLIdgPI0E03BG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe6d6456c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/responsive.css
172.67.162.143200 OK 62 kB URL GET HTTP/3 salenzvs.live/static/mall/css/responsive.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Hash 5a0f0223020c05a39623fee1527a2b81
07468c1803b6ec9d1c47b051d099815d98618307
5ced93256785d0fc2aed667d047221aea1e152189227f76c0c5c5dd5b6798d60
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/responsive.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"f2c8-6139613294319-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGR5otcC6vJe1PSiIqHiNL11mlkcvshol0iGq03%2F5wLskq8KfxxDyeYd81hoHoePEBsfMwkA%2FkIwM0DjfR7DpnXFMxFAuXE2hCBqY%2BfVREQ3niF1T%2BrDlaE1ctMJhPf5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe6d6556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/font/Montserrat-SemiBold.ttf
172.67.162.143200 OK 244 kB URL GET HTTP/3 salenzvs.live/static/mall/css/font/Montserrat-SemiBold.ttf
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr
Size 244 kB (243816 bytes)
Hash c641dbee1d75892e4d88bdc31560c91b
f829de4c176fb2ccf5e33360920f48de6794434e
f227901ef48ac4d1fe4cc6ed0dbce99e6b38969babe5e05da2dfb33521b02944
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/font/Montserrat-SemiBold.ttf HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/demo1.css
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: font/ttf
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"3b868-61396132900b1-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1W8SMg85BKX15O5Xhnfas9D4g8rx7UjAEX0WEioaMvdDRzBt9gWr4ZjNJhvkSVQRnkwFNkEHFFZ4VEYdviKQbRTOaeAlhuvp4pTAAlu7orb80b6z0lGjb%2BBiemfBSxo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d202d8ed56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/product_details/98831427.html
172.67.162.143200 OK 75 kB URL User Request GET HTTP/2 salenzvs.live/product_details/98831427.html
IP 172.67.162.143:443
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /product_details/98831427.html HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 04:48:55 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; expires=Wed, 08-May-2024 06:48:55 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D; expires=Wed, 08-May-2024 06:48:55 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YouCzg9yO4Q68PyqZANbAYZy2Bg4NdQ13nv0bvwxAti60iZ3HawuvWk8ozVLnkTOdqJKOhRrfCCziSewMemCs5G2esep3hwmduAZJf0H%2FCE9yB4p8APA4nZ%2BQCcxKfz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1f9d89ab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
salenzvs.live/static/mall/css/animate.css
172.67.162.143200 OK 72 kB URL GET HTTP/3 salenzvs.live/static/mall/css/animate.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type ASCII text, with very long lines (65343)
Hash a2debeb6012c56100f1180d3de887927
b49fa74ae3abff550dc4beff7e6e540ec1f37029
fee5e34c63f9527f33c78381943de33789c521a12f8ec151991bc5247d5f7bc0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/animate.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"1184b-613961328e171-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHpyx0DnLXCuKjIrCzgBbC9FfmpLwdRoj6pozqCXghmoB47gtH%2BQqXAVdN%2F0kcvcS0LV5JdiUjGdwwnvCi30yExA7sm9EVh6YSeDgnpkBWoE4TI0w80ftPHzqdlB%2BCT0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe5d5656c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/jquery-ui.min.css
172.67.162.143200 OK 34 kB URL GET HTTP/3 salenzvs.live/static/mall/css/jquery-ui.min.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type ASCII text, with very long lines (2363)
Hash bd2605faa1a82b81a3499b489ed5fb22
dab30edbfa1758f8a150148675a4758822986c05
541607bcce7ec5803b0dfc7b0565deec6605b5f7e9f464420b530ffd75015db9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/jquery-ui.min.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"865d-6139613294319-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDM%2Ber8CKNIDx%2FjYd3doJcIv8kus0Nc91LAdz9NTuX7sJ%2BhNCyfuvxFfZW8Pal%2F8P7xzr57uRhRuWe1BW7gbzIfJUVXktfbYzACLaYUF9TVcq27VAw1bGBNOidXtw5hP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe5d5a56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
live.staticflickr.com/6113/6239648026_e55f23e4ec_b.jpg
143.204.48.75200 OK 109 kB URL GET HTTP/2 live.staticflickr.com/6113/6239648026_e55f23e4ec_b.jpg
IP 143.204.48.75:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerAmazon
Subjectstatic.flickr.com
FingerprintB7:FC:2C:15:BB:C9:CF:45:BD:07:E2:9B:55:CA:4F:BE:AC:65:5E:C8
ValidityMon, 13 Nov 2023 00:00:00 GMT - Tue, 10 Dec 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1024x532, components 3
Size 109 kB (108988 bytes)
Hash d4a777e93c960497023545a3ea1efe1d
c229407ecb55b33e565ee672eca053e52acd21b5
7b59cf10d8bf316ad0faeea4d0773b6506ef7ae7415ddd5b871644042b4ebdcd
GET /6113/6239648026_e55f23e4ec_b.jpg HTTP/1.1
Host: live.staticflickr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 08 May 2024 04:49:01 GMT
edge-control: public, max-age=31536000
surrogate-control: public, max-age=31536000
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 04:49:01 GMT
imagewidth: 1024
imageheight: 532
last-modified: Mon, 18 Feb 2019 08:11:42 GMT
etag: "db7e22387e9d4f6f369308a8770eb828.1"
streaming: false
origintype: D
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
powered-by: Mutation/1.0
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
ourvalues: Thrill Our Customers (#2 of 5)
x-request-id: 4d135d16
x-frame-options: DENY
p3p: CP="This is not a P3P policy. We respect your privacy."
x-env: a=live, b=jubilee, c=21738c41, e=5e619966f463269b8b69e93562f43b3e64b1c917
x-ttfb: 0.1281
x-ttdb-l: 108988
mib: 2
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2kFeOtW8retXZqINWrQCreCP3i-Gyv1I8Mmk0yzRK9SdYeNaYbI9oQ==
X-Firefox-Spdy: h2
salenzvs.live/static/store/css/checkout.css
172.67.162.143200 OK 4.8 kB URL GET HTTP/3 salenzvs.live/static/store/css/checkout.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type ASCII text, with very long lines (5046), with no line terminators
Hash 78004bf5e334b836b476f48fcb42d6b2
1b118f3acfd8329b2219397946fbdcdd2eb8a8a1
36ec4ba8f16410525a9046d41eab8c0acb179340bed5d10a795edb52fc899bb0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/store/css/checkout.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"12d8-61396132b006a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V1qdsSAFXz%2F1x1GbLrkAr3gHzOHjO5lzikwqCyoa0CzoeHy5qWcOiBlzSlXmsNSM04o2rEn%2BeCB2M%2FAZoNJCR1sF1XURljODslQ03ijyGyhexTeTm%2Fdeklz87rbA1xn5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe6d6a56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/favicon.ico
172.67.162.143200 OK 61 B URL GET HTTP/3 salenzvs.live/favicon.ico
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 2d963171282c4de9d6969472b23e47e3
1ea3d4ba9fe4b01b4edf5b7dcd20ac246d2187d8
87ed5a5a37969aa977d6f4fc16ae7a094bc1abc454307e011b65036646b4d3ab
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkhoRVF0WTVmdlp6M1lQWlVVL0VFbEE9PSIsInZhbHVlIjoidGo4ZUhXNlpzekF1ZVViZ2IxTlJYUDNPc1BFNWRlcXF4M2VaeWY5N2FKK2RxUFJ4dkxZWkljZHRINlRxbjJlMk5uNnh6RXVudVRpVmNHbTIxZ09KajhGSmZ0WE1vanhnZzZ1Z1NrZHJrT29pb043c211R3EvZXg2cVhybnFpbXYiLCJtYWMiOiI1ZGE0NTRmZjhiYzIwZjMwYWFlNTQ2NTlmMjg4YjUwMGFlOTU5MjhjMThjOGViYWJmODViMTQ3OTE3MWFkYTIxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlJRRkZodUdFQS84bmNDTUw5OXkxK3c9PSIsInZhbHVlIjoiZnNCSXgvTVRJZ3NGVWpCQWlnZ2hUaFJ4RmxIMGw1c2F2eXpPUUFIWktTOG1ITkJJajBCNEtNTGtoTldwMlBaVUkrMnEzYnA5V1JTaml4UzFvSVMxWm1DUkxrckFiT1R2TndrWnNsZ1EvVnduc3pZczhzdnhKVjdwU2N1VkhDcE4iLCJtYWMiOiI5NDNjYTdkNDEwM2M1OTY1NmIwZTcxMWYzYzc4NzZiOGY0ZjY0NzljYTMyYjljNTUyYzIxMjFiNTNkY2I1MWYyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:57 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2F22BARl8Ij5lrrkLcIsnkeOuKQwDG0bVFcjuodD1BixlxNkfmPCLlyhlz7rsty7sLnzwvBFl%2FETg%2Fda360ZzD0YvcU8aBmzCfpN3rY7%2FcszgZeeR0bUynjsasic6yAb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d2064b2456c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/market/js/jquery.min.js
172.67.162.143200 OK 84 kB URL GET HTTP/3 salenzvs.live/static/market/js/jquery.min.js
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type JavaScript source, ASCII text, with very long lines (32061)
Hash e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/market/js/jquery.min.js HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: application/javascript
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"14915-613961329d3a1-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCmdCrbzKr0llpNz%2FtuIyh5PejCL9hJqEU%2BmW2UmLaaKdJxJnn0KXTeOYgwKene20uAffEmCUVoUso69Eh1NzCkO7dW1aHLjd4NL2Mg265nqaR9eO5S73GRJlaxipHXh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe6d6d56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/font/ecicons.woff2?v=4.7.0
172.67.162.143200 OK 77 kB URL GET HTTP/3 salenzvs.live/static/mall/css/font/ecicons.woff2?v=4.7.0
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/font/ecicons.woff2?v=4.7.0 HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/ecicons.min.css
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: font/woff2
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"12d68-6139613294319-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HG9INqrARHTQqEkaREgPxYyn7xuHyv%2BgkuDyK0XR%2FX7wxu%2F0LMNZU2icx496SvwlHyZVbbLcLMLo4gctJIVbyRsSPXTYljutpE9JHJtQT9yynX0Xf%2FGI4UtCPmp9W%2BDp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d202d8f056c0-OSL
alt-svc: h3=":443"; ma=86400
toyphotographers.com/wp-content/uploads/2020/05/image0.jpeg
209.182.202.254200 OK 143 kB URL GET HTTP/2 toyphotographers.com/wp-content/uploads/2020/05/image0.jpeg
IP 209.182.202.254:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuercPanel, Inc.
Subjecttoyphotographers.com
Fingerprint9B:F8:17:F2:1F:E0:CD:89:BC:90:97:7F:B8:C9:D5:61:39:37:7D:13
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1200x676, components 3
Size 143 kB (143340 bytes)
Hash 6cd6c4b3944ab23a4fac1842b843dd2b
4f1286c74de19ffb96c386d37b05c2f915aa654b
7de577de05313ca82653dd8696fdd270eec90b2af67f6684ccff2b6a45f585eb
GET /wp-content/uploads/2020/05/image0.jpeg HTTP/1.1
Host: toyphotographers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 04:49:01 GMT
content-type: image/jpeg
content-length: 143340
last-modified: Sun, 10 May 2020 00:47:03 GMT
etag: "5eb74f07-22fec"
expires: Wed, 15 May 2024 04:49:01 GMT
cache-control: max-age=604800, public, must-revalidate
x-proxy-cache: STATIC/PATH
accept-ranges: bytes
X-Firefox-Spdy: h2
salenzvs.live/static/mall/css/bootstrap.css
172.67.162.143200 OK 205 kB URL GET HTTP/3 salenzvs.live/static/mall/css/bootstrap.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Size 205 kB (205443 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/bootstrap.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"32283-613961328e559-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRBpf5GcGQp2ZmlEcypjC7dek3fV19%2FPcXwcQ%2F8lRa29S480TjGNmXb1VpwgMWAzG6QCjsWcfxd6V7LvBeT%2BqVrpL2CKYRjROgX0wbqpM7IGCbjo0z6bKFhmqyTWDg8H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe6d6356c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/default/js/public.js
172.67.162.143200 OK 1.9 kB URL GET HTTP/3 salenzvs.live/static/default/js/public.js
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (1900), with no line terminators
Hash 51c8cad5196fedebda08621dea5c6405
5edaf17734119cf9985a4c1474bbde7eb801de35
13d077ad8e2e39537edac3359ea189cc9dd414f7a939e19950e22d7f7bcb1d34
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/default/js/public.js HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: application/javascript
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"76f-613961327a8f0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xvh9c5KiPr6MnMvLGBhol%2FXJfCT63eN5jbcu6ecXrX4dDWS0mWP6NEFMwp7E44exahrYSSaeZTCCdbrcNwGPFfQXOTiYCYtBA411cmO5rf7UeSDNjLbnBBRTdEV0VqgR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe7d7756c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/font/Poppins-SemiBold.ttf
172.67.162.143200 OK 155 kB URL GET HTTP/3 salenzvs.live/static/mall/css/font/Poppins-SemiBold.ttf
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type TrueType Font data, 13 tables, 1st "GDEF", 19 names, Microsoft, language 0x409, Copyright 2020 The Poppins Project Authors (https://github.com/itfoundry/Poppins)Poppins SemiBol
Size 155 kB (155192 bytes)
Hash 4cdacb8f89d588d69e8570edcbe49507
20b39c8b480c946b084d6aa09f12bf10b2ec5aa6
bf9c1ff640acc8bb5441a9b564360943f9db90969742aa33a36329b2828d2759
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/font/Poppins-SemiBold.ttf HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/demo1.css
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: font/ttf
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"25e38-6139613292ba9-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FfDiShWl%2BspSYXFLSdZ0fQKXNpNGBwiE7aw5P8xzuoGCLXe4Zu3x2E0zpc%2F0RhcOfELA90Ci8MTx8kw5fPgxCh56CewhUXGJkCGANsIxU556DOU3D2GpNtdbLFv0AXA%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d201f83556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/slick.min.css
172.67.162.143200 OK 1.3 kB URL GET HTTP/3 salenzvs.live/static/mall/css/slick.min.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type ASCII text, with very long lines (1327), with no line terminators
Hash da4e146913da6966d85a6b8686886edb
03a28dac9dfc6c33e6175c9c185911c56525d31b
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/slick.min.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"52f-6139613294319-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RlM21bck2g8vBuOuqidyv4SMfD4WQlByTR0d7C%2By54JuFbs7jv8dX6iW7HyRVoSuJ9Zd%2F7qsoL0NKbVu5xAuBSPaJZ8CD31vv6uFUBOSF7eo04TRdZkAaEygkH%2B0nzmq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe6d6156c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
static.wikia.nocookie.net/lego/images/c/cf/7977_alt1.png/revision/latest?cb=20120126174106
74.120.188.204200 OK 518 kB URL GET HTTP/2 static.wikia.nocookie.net/lego/images/c/cf/7977_alt1.png/revision/latest?cb=20120126174106
IP 74.120.188.204:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subject*.wikia.nocookie.net
Fingerprint07:BC:B9:0E:F9:E6:36:F7:50:1E:5F:A5:AF:68:26:54:FD:4F:78:80
ValidityMon, 22 Apr 2024 12:02:34 GMT - Sun, 21 Jul 2024 12:02:33 GMT
File type RIFF (little-endian) data, Web/P image
Size 518 kB (517796 bytes)
Hash 48a2f5d4f57377880ba0f7516d8cefb6
f59c01781ff2ddf30c2a4a681aa862e196780778
4d661c568fac438f5f53b3c3dfe0c5a1b0b011c9253022190c1d9a47bee51834
GET /lego/images/c/cf/7977_alt1.png/revision/latest?cb=20120126174106 HTTP/1.1
Host: static.wikia.nocookie.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 21:59:11 GMT
surrogate-key: 60182798a82326dd6435aa120727b22016cbbb09 wiki-lego thumblr original v:597a9d3
content-disposition: inline; filename="7977_alt1.webp"; filename*=UTF-8''7977_alt1.webp
content-type: image/webp
etag: "CLz22eyY0f0CEAE="
x-thumbnailer: Thumblr
access-control-allow-origin: *
access-control-allow-headers: Range
cache-control: public, max-age=31536000
content-length: 517796
x-envoy-upstream-service-time: 114
server: envoy
x-cacheable: YES
age: 30264588
accept-ranges: bytes
vary: Accept
x-cache: ORIGIN, HIT
timing-allow-origin: *
x-served-by: thumblr-d84d8bb48-vmc2h, wk-cdn-f5
x-cache-hits: ORIGIN, 204
X-Firefox-Spdy: h2
salenzvs.live/static/default/css/iconfont.css
172.67.162.143200 OK 1.4 kB URL GET HTTP/3 salenzvs.live/static/default/css/iconfont.css
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type ASCII text, with very long lines (1543), with no line terminators
Hash 090f72d902afd1175acf4cad9f14c475
570ba183720b7f40f15601d0d4321a6ad819fcf2
29b84aaf9a3d5b98b8f77db96a21f11fd83bf97cc140f3e7ff41735aba555187
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/default/css/iconfont.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"55c-6139613276a70-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GluGTGnZ6aUfZG9XodH0nZVaRIcFwAg3p%2BbNiuUf2Mws%2B4WPK9sIiATHKnorbwAVXa5TWwmVClUzdLwEIfSQ9ZZEt3C0eamy6RoomYceEUYxUQUE5ChokKB%2Bj9os7YU8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d1fe6d6f56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/api/item/secondCate
172.67.162.143200 OK 105 kB URL GET HTTP/3 salenzvs.live/api/item/secondCate
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
Size 105 kB (105151 bytes)
Hash 0f6eb50a0e462ce99c859937f98d1631
1379fe41a7264432d9d4c95b35fdff97a532e58b
28493e1fb974bc45eb0e57bcd9bd09b0e6b43c94714c21bab08903a5f7b2b5af
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/item/secondCate HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/98831427.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:57 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IllLRUd3YWZTak1najN0WUN1aE5salE9PSIsInZhbHVlIjoid1NMSGVLa0JUYnhGMXFBUzNQSzIwQklBaWZiRWR0aW43WkQzM1pZSnJjRUdUUHNjWWc1THZlVlNnbnhaZGVOQ1Z0YUVFRzNlZmtLR0toMzBjVm93Sk5LckJCS1hrOXN1TWxkd2ZLWTRHa0QwNDZFWUNKOE05WSs1MU5nYTRXZVgiLCJtYWMiOiJkYWE2OGE2YjY2MGEwYjllMGU4YWJjNDJhMmI0NDg0OWQ4YWQ2ZGRhNmNjNzUwZjViZDU3OTkxNmViMjJhMmMyIiwidGFnIjoiIn0%3D; expires=Wed, 08-May-2024 06:48:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTwOwPbXsNEQd94qsEMiJ7fmS2D2mCILyzKEhH7RaNNMC9SRifRzO00PB09m0oOPUkjGtkZxJ8Xp9k4XXD2g%2B0W3vLeTwybyQgjJQCvurXwBgFNgwOUjTWOW5upxHQ16"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d2018fbd56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
salenzvs.live/static/mall/css/font/Montserrat-Regular.ttf
172.67.162.143200 OK 246 kB URL GET HTTP/3 salenzvs.live/static/mall/css/font/Montserrat-Regular.ttf
IP 172.67.162.143:443
Requested by https://salenzvs.live/product_details/98831427.html
Certificate IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr
Size 246 kB (245708 bytes)
Hash ee6539921d713482b8ccd4d0d23961bb
d25b35242deb1c6ff888b8162ca2aacc356d3899
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/mall/css/font/Montserrat-Regular.ttf HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/demo1.css
Cookie: XSRF-TOKEN=eyJpdiI6ImJRbFlIbDNYTUhyQ2JobzNJc1dLMlE9PSIsInZhbHVlIjoiZjVJNUFxTDFDZXVCK2puYjIzMVRNekRHYTVHQWJYaE55YTdCdHpiQnBqWGV4UHdpQ21VNGk5b1JrL2RVQ0g3ZGJldk1aMTBwall4c3B4M3BBRXdLZ2gvSEV3NVpZenRRdWhMNGxpaVdyL3llUERPSkp5Y3JDU0REVHNIWjdacVEiLCJtYWMiOiIzY2MwMDFiZDRjY2Q0MjI1MTU4NTM3ZTc4MGQzOTA1ZjIxYjgzMmVhYmViMGQyNTFiNjM0N2I0NDBiOWViOWI5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndJNkwxQ1cyQzZzbm02TFdDVWpvRVE9PSIsInZhbHVlIjoiMnprRVA0UjJRcFZpR0xhdXZNc0xRZGJoNSsvRlVQMU1hemhRSjRuYVlyRncvaCtlWjFybTNLNWJwSVUyZUNRdnJiYXhHaUt4MmlZSmtQK3RDQ2VQUEQ1bldraDlQZ3h5anpYZDBEUXZXcFRUY2N5TEx2Nk1lbm1raTY5Z1FzNFUiLCJtYWMiOiI5MDI3YmY4ZWUxNjJkODFiY2EyNjg1N2ZlNzJmMGFjYjk4NjhlOTZlYWI4YThmMDljODZjNmNkNjQzNTY2YzU1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 04:48:56 GMT
content-type: font/ttf
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"3bfcc-613961328fcc9-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRSc9z%2FhfdoGhay2M56M4n9k201dV54dUcvbHxG77kpCUu5JRJiGW7ROGNPXYcKZDMVEptHgm2SE9yNTZMePibt9wf4Ekt6FXPHh%2BrHxFJHbLZwTuLsSDv%2FQnvrFhpvZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806d202d8e756c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400