Report - downgoodsk.live/product_details/50324830.html

Report Overview

Submitted URL
downgoodsk.live/product_details/50324830.html
IP
172.67.157.76
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-05 03:12:47
Access
public
Website Title
Riding Mower 42-inch Deck Belt 954-04060C MTD Parts - Online Store
Final URL
downgoodsk.live/product_details/50324830.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-04	2.0 kB	170 kB	104.17.25.14
photos.yesterdaystractors.com	unknown	unknown	2017-02-06	2022-09-04	416 B	77 kB	134.195.13.20
www.mtdparts.com	unknown	2002-06-06	2013-05-26	2023-07-24	527 B	51 kB	104.19.152.81
rvpartsexpress.com	unknown	unknown	No data	No data	420 B	137 kB	172.67.158.125
www.muttonpower.com	unknown	1999-02-08	2013-11-12	2023-12-19	444 B	0 B	0.0.0.0
downgoodsk.live	unknown	2024-04-06	2024-04-11	2024-04-18	37 kB	1.5 MB	172.67.157.76
i.ytimg.com	109	2007-12-11	2012-10-03	2024-05-04	800 B	99 kB	142.250.74.86
uploads.tapatalk-cdn.com	99015	2014-10-09	2015-10-23	2024-01-30	430 B	545 kB	104.20.44.10
upload.wikimedia.org	2215	2003-03-16	2012-05-21	2024-05-04	433 B	1.7 MB	185.15.59.240
bigiron.blob.core.windows.net	384638	1995-08-10	2017-01-19	2024-02-05	515 B	280 kB	20.209.39.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed

ThreatFox

No alerts detected

JavaScript (49)

	URL	Size	First Seen	Last Seen
	unknown	183 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash db45a75a4eb3c7b373147dac5fe029cb d6b63bac03eb4ba8170e5c8fd3a050468fad2dd6 7dd0a3a6db88fdab720cc6a4a6dfd05dd1649088260cd2c1ba10ff8f257f6f39 Loading...

	unknown	2.0 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen77 Hash aea6fdd0c50b5b2544fe2899a9a3b288 24fbf69d79b94bc623913211666a265d9c6fdff7 dab897deb7e6f1a9f27fa21ca6027a348e789937b09c02d64d783fd4d5c6c6a3 Loading...

	unknown	783 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen69 Hash 9d25de5926c79fb8d7af32dfe8f594f6 69976077fe199eb227b0c7c4c34d78798c588b6f 45579e258830652d2bc8751d671b616b0525608d7de4b9c05637788fbb07be24 Loading...

	downgoodsk.live/traffic_statistics?gurl=	0 B	2023-03-07	2024-05-18
Pretty URL downgoodsk.live/traffic_statistics?gurl= IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 20:02:12 Times Seen37794986 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	downgoodsk.live/product_details/50324830.html	543 B	2023-11-03	2024-05-18
Pretty URL downgoodsk.live/product_details/50324830.html IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen31 Hash 7522976f970077f1a808fe762a7e06a6 924a3e0922dd6d59d942f36e965a607a3720f992 d533860458eb73ade8fc419d1f6486297309665cb4edfb979f825493698079b1 Loading...

	unknown	223 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash fb52a5f79bd4b3906f44a46f4dc6e549 419c8bb04fed0b07572c80d5a9aa90b0425be90c f0edd9f7e654e2e2ea365f46d64148b9a1b36cffac95827fd7e33d8028feac0f Loading...

	unknown	1.3 kB	2023-11-05	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-05 06:19:13 Last Seen2024-05-18 04:47:00 Times Seen16 Hash d80aecbd890f955b6d8665c344eb2137 bbde210bd06a08ee1c5cf054c8140cf3ebc01397 dedba75b5c1f9787f36929c6abb129e3ae56c98405f2045e3d54a3e0a947ed9b Loading...

	unknown	117 B	2023-11-05	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-05 06:19:13 Last Seen2024-05-18 04:47:00 Times Seen16 Hash 649a31ef292d175b992ee024f81c9f38 3cc522ebdecaa6fefd9aca49836645e4c9357c9f faea367244b4f55f0e05e3f8c507271f93e48379c8e5d9ccfa49ec836b58c9cd Loading...

	unknown	209 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen62 Hash 65e6fad0b80e5dae9ba33c36c87cbe46 2f27dd37b7ff2cf116e2932e497181aa8f68a08a 61e07b5ebd6b4033a1043820388f48ffc6be5afbad262f77e80c9e664a499295 Loading...

	downgoodsk.live/static/default/js/delighters.js	2.6 kB	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/static/default/js/delighters.js IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen245 Hash cc31823856831d96acd96628fe1bc12c 4441d2792dc7fb9f54cde379cd6dd5085ae7af33 0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d Loading...

	unknown	189 B	2023-08-10	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-08-10 01:59:25 Last Seen2024-05-18 04:47:00 Times Seen27 Hash f2e94c190d8ebdc795bb0423793cbd07 090e167ddf0cb38b483bdc05a1073ce3b758d115 faf40d9588bc9d96283fd72f0d1d9cc7cd969c40006a2b17b033cc2688aa07ad Loading...

	unknown	776 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen69 Hash be63d7a2a9f9124fc45a2742e182bfd9 3fd6281aaf80b0685b0ce1046a4153f9ae279b08 abd83281fb2c20c4a2c41fa07862c5f6ba8f59b20eabb2082dcb153524932118 Loading...

	unknown	1.5 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen69 Hash b43fa7cc5a45035a9f8a0abe1335b5a7 61933fd0d2e0e61647097d3cc72243ab77c85f1c b4967741000ab470155fd48a923ddec65a0247d5a4d7cd188b8027be2a4c6f69 Loading...

	unknown	50 B	2023-04-12	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 00:31:29 Last Seen2024-05-18 06:54:09 Times Seen796 Hash 67a516f6876a6d5a6acd917aabe0571f 3cafb807a2d7fcf75a5092484795de52336ae1d0 cb909329532746539d41f5fe0c5f508bbf8191744c706dd5969753aa14948bc3 Loading...

	cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js	338 kB	2023-03-07	2024-05-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:09 Last Seen2024-05-18 04:47:01 Times Seen305 Hash de581e420bf52d70e353080a13094ea8 7e727d99fea8c31c2f2e3173105d585ee3289d31 4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5 Loading...

	unknown	199 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen77 Hash 67a2c7b2c5a50b9967db9e9d1a0f4cc9 802c4eb3b2eaaa9cd03eafb632434d9bfcd6e99d e548dd3a15307e94b635e55caaee70050cfc332df229e5f8f341bee4f9ef1f76 Loading...

	downgoodsk.live/static/market/js/jquery.min.js	84 kB	2023-03-07	2024-05-18
Pretty URL downgoodsk.live/static/market/js/jquery.min.js IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-18 18:59:37 Times Seen14256 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	downgoodsk.live/product_details/50324830.html	8.6 kB	2024-05-04	2024-05-15
Pretty URL downgoodsk.live/product_details/50324830.html IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 5c3cd0d1862b922ba586a4a85dd65bf0 c9c05ca63193023c842fbd01ad858674f284d75b ef5fb594b2b8265dda0c2c60f6a01f1ec4114ce303a6ebcf51de144d45b4e088 Loading...

	unknown	163 B	2023-11-05	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-05 06:19:12 Last Seen2024-05-18 04:47:00 Times Seen58 Hash c48e720ebf7ba79ee5e3e9dd7b60179c 6e4146d5770164a59c5c95e8cf79d9c51d05b907 4bd9ebed99dddd10865ee1aff2700e770700f5a32c4dd83b9eb5a9b8fdcc6c57 Loading...

	unknown	291 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash c9b5426de6165f2c8804537ec035f110 517d212722a2801c8a26808644a65d116ae8b566 3be786ef0db42a9e238ede295ce15ed15fd6edbea02ae3175216c7a62f6d749e Loading...

	unknown	169 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen31 Hash ef210ca63758a5c527614ecb062779e6 a837e8e3690859da53f344a34707c998794eef21 2695864485c5f4a69cc03bb77c46e7890253bdeb6129a87d8158cda9b9fc5cbe Loading...

	unknown	138 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen30 Hash 84b225eff2b105156f8078ed21ff8b64 41b652a36aa6a9952be991ef5114630019dd4336 67ad89b536424cc38a04ab343466949ddc40c946075fbc141cb0417aab44938d Loading...

	downgoodsk.live/product_details/50324830.html	9.2 kB	2024-05-05	2024-05-05
Pretty URL downgoodsk.live/product_details/50324830.html IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 05:12:54 Last Seen2024-05-05 05:12:54 Times Seen1 Hash d7a78bd32a36a6428a938739282fbd59 9d2e9620c7eed9cab8ab7555ab2191ad92e82828 0f4268172f519359a4310bfcb1c81013ffc460dc398a2826901f0e05014ace8b Loading...

	unknown	172 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash cf1885138e50cd52d69851fad01af8c1 bd9c7c4ec798438fd8f8b2510a9e502b85ae8e0a a756ef977bcda1bc160e9e0f502a13a4e7e9f739044dcea424c791f20cee7577 Loading...

	unknown	773 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:01 Times Seen69 Hash 15a39005ea43b9fa5ff86c3516ab5ee5 5c3e809063e8aa46dd2b3406874a6879a80e5bf8 4cba25fcb224ea4dbc3d577db7476d616ac7d4e3dd4110830c16709f8375e0f2 Loading...

	downgoodsk.live/static/default/js/public.js	1.9 kB	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/static/default/js/public.js IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen196 Hash 53ceae9d8b9f4372ad101d91439cdbb7 662fa3a84762aee5bcb1da67ebbe2e37b3eeb79e 535ee4fa0189e79bd9a7d6ae4aa466180c4ac5b82b47647482ddce74587ce249 Loading...

	unknown	184 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 1a0f4803bb0f50d1e96b535da8b7dbd9 41fb54184d04168074b3e1762f79fcd622f0b079 6f9b63dc3e17c9db0e928c956e1f7844161ad8de2ef251263a7f7f9ea08056cc Loading...

	downgoodsk.live/product_details/50324830.html	2.0 kB	2024-05-04	2024-05-15
Pretty URL downgoodsk.live/product_details/50324830.html IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:51:51 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 3ab9d3509ccbf392a3562b792f2afdde 27b621dfac1a23804210906fd2add6fc46001c16 c4106d7f7351124f8ef8ac65b9029d67ffdab673d922ffeaa46304c9fb1b35b6 Loading...

	unknown	2.1 kB	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:51 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 5fc783f2d2c61550f9ff818b2c27fa78 3179a55dcf4dfd154f7810c02fe64f87277262a8 39110ce317cefc9d36c7aa6b10ada502636e392b5c64047829e6e65e89975964 Loading...

	unknown	6.4 kB	2024-05-05	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-05 05:12:54 Last Seen2024-05-05 05:12:54 Times Seen1 Hash f45c7e52f7944d43cf4fe342425ed266 74c7b4f8281b8b3542c46332383252093791e8a0 e917682f252353f504146f4206d32bc4690a68338606f274aa55bd31de7ecefc Loading...

	unknown	1.0 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen77 Hash e7e3b8fcf88dd9ccb044ef5dd45915cb 426037acb5a39793686b9b444fe700489bae963c 4079fce41d344828c2fc2659868de4578d5129a9835311215fb1941d2c3773f9 Loading...

	unknown	1.1 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:01 Times Seen69 Hash 45c5402410be51c5c0222c8519cf660d 471fdc790f50cc0271ca1be5461f17d012cc6555 b643a82352094041aa8ef10323c3c64a683a85b61451fb439b1099c79ee02514 Loading...

	cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js	15 kB	2023-03-12	2024-05-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen312 Hash 5f4a59735ca9517d0478f395439bd517 f820c08cf114da8ec451e8eedc0da51dfcba5e02 ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9 Loading...

	unknown	127 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen30 Hash 1225801b3453e88bd0f17598f771503d 719eeae87b92babb0c95818f127a6338d0b75fb4 ab185ce89cd85daed537ef8d8b22d2d52f8dcbcf118c0678f09f1d10be8fe846 Loading...

	unknown	277 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen31 Hash 41e226399cdec17fc2e96d116c516b8a fedba9c084bee281fbad5b60716c4b72f9a54d5f 07ff00fb8ac5e4ec6d4a8c14292826b9e9c597f949040337a7562b790634b130 Loading...

	unknown	138 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen30 Hash 9a94ae7fe21fea8494e9bcf6bb519b06 a8fa90d1fcb4eb7ed3bf8ea1122cacd25a352819 5a70584b716034fe0ca13de7b57199ec25c237d545721601d151ef50d38e7bf9 Loading...

	unknown	2.0 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:01 Times Seen69 Hash c7eddf752593ca75c567e9f5aff590a4 ad456b19bd0ae1195bbd25b57af0371a5af1e3f2 d7d6b5dd0a87711ee3904abe8d2dba182baf97146c007ac66045ab7c397074a6 Loading...

	unknown	112 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:01 Times Seen31 Hash f4db1827fe4259b9dc5853871bc6045e 639adc0619832cd922f888b7a9dbdc35c9416ab0 88fa931d9cb6eb5bee5d361b3063bd8c3b1213e4c0e588a56a0a26f3ae9919e9 Loading...

	downgoodsk.live/product_details/50324830.html	79 B	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/product_details/50324830.html IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:00 Times Seen145 Hash a71ddf2ef16448b1a9a116c9969bb84a 38f0cfe879b01e50b2022a5b46ccebe972b57afa f81cdd71a100042bdbdd3a8d1fa89581bc7763e26f2ff6eb7bbefda85e9143a3 Loading...

	unknown	11 kB	2023-12-01	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-01 21:53:06 Last Seen2024-05-18 04:47:00 Times Seen15 Hash 326853ad54a482b63f3f4ce903cff4e6 bd94a61e9f0806ca8a02168bf6b897b89d165e3a 718a166d1c02ca4df8e035a57b48e109a4c4ec971e9375c3f445e65258c94efe Loading...

	downgoodsk.live/static/default/js/vue.min.js	94 kB	2023-03-07	2024-05-18
Pretty URL downgoodsk.live/static/default/js/vue.min.js IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:40 Last Seen2024-05-18 10:03:13 Times Seen1273 Hash b21b8531847604ab5f2f5caaef51ba31 da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17 Loading...

	cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js	279 kB	2023-03-07	2024-05-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:31 Last Seen2024-05-18 04:47:01 Times Seen306 Hash 0292da744fb4f768ae77370f868a674e 6dbafd633d187d11e2ef0a9a47044fd5646c70fb 068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468 Loading...

	unknown	3.7 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen77 Hash 2f797b61ef7cc74388b3bc5c632a4c57 e52321b18d3b6a29875706e551cd1ca6f07e5b08 10ff3612f665baabd79e069759e88e84aaa2ce013789606d079e58673650e4e2 Loading...

	downgoodsk.live/product_details/50324830.html	696 B	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/product_details/50324830.html IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen145 Hash 207792bcff09eca0993cd75875f72095 1f602949e3de9dd8638601085791e25c6cc0acda ae57e93366c984a79002b078c27040993cd88c77218f277655fc031b6bb3e1d5 Loading...

	unknown	173 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:51 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 702ad39682530ae2a3f3f18a501141a0 006f3fdad48fcbca985e7e192d5912b0d4709b0d 644b8e133c3960e743984fad21b16fe7c061af13a4db53639c697215e093fb74 Loading...

	unknown	868 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen30 Hash 422bb6aa46f23a2a350068e2aac58762 0c814f0e50381800467b1d138913c05a19757304 6aafd2d65c2d12f8799c5a11f0d12ac110d33e18da9cf50b0e35a042a1302d43 Loading...

	unknown	2.2 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen69 Hash bbc2c87307db938ed18aeb60f8617bf0 9f0f41df245ddd5d0c19a0dd031d399d5f803eaf fbb802425d01b533be464a7177298f884d1f48f6a48143cf094c4dc52bc91e6b Loading...

	downgoodsk.live/product_details/50324830.html	151 B	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/product_details/50324830.html IP 172.67.157.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen144 Hash 4cc479dfa9707e2f24a8e129c80429b6 a6e2c685240dd740b22e226767035173703473a4 120dbe66705b4abb82ad0b16aabbd8ff3acee9be1fdfc30e77a2557012a1181d Loading...

		Size	First Seen	Last Seen
	#1 Write - ea47d7a66d8152302cd901d56844cb81	72 B	2023-03-12	2024-05-18
Pretty Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen148 Hash ea47d7a66d8152302cd901d56844cb81 235d8306b2b513c8851d054491a83beb3e194f94 ee7229be5e00ebb674d9f12a2aba9d62130a20978a0c27162a984e32530a1d5f Loading...

HTTP Transactions (45)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css

104.17.25.14

200 OK

38 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (38108 bytes)
Hash
9a547188fa485f8ca9b2cc7d6d2524ef
7893335159a1f637eb24cd05aaba96ac156c7f65
897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433

HTTP Headers

GET /ajax/libs/vant/2.12.48/index.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css; charset=utf-8
content-length: 38108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-94dc"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 283836
expires: Fri, 25 Apr 2025 03:12:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XoUXrWOT76IVWyLG0DsbnB%2BfLYgvtOwMOqJiMyJVRIY69mKV5dhhUd6SIXVNWt6n4bMm0JbGFAXviGsqx0O1FU95N030zSLOX3mHTy9x%2Bn3imEF0dkGAu9sRSHRo9JI62z%2FiRdt5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ed8c60096bb518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css

104.17.25.14

200 OK

3.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16213)
Size
3.9 kB (3945 bytes)
Hash
951eae8c8a442c2940c54d180301ed41
771518669a370d915adf0d207f2a22092a768cd1
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css; charset=utf-8
content-length: 3945
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-f69"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 278609
expires: Fri, 25 Apr 2025 03:12:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IEBqV%2FT7KZNa22n8JojroaPGFdIp6SI7u73%2BvJaHjmUF7iiTgmTlwT8Nr8MOToJ5k%2B%2B4u6hdrr%2Fjz1mHX%2F%2FO3cM6pJCwm9W8GCrbfjp%2BuINFe2UQkbNxbfBvcrL%2FP2YCGl6ElVSz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ed8c602975b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js

104.17.25.14

200 OK

68 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (57307)
Size
68 kB (67811 bytes)
Hash
0292da744fb4f768ae77370f868a674e
6dbafd633d187d11e2ef0a9a47044fd5646c70fb
068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468

HTTP Headers

GET /ajax/libs/vant/2.12.48/vant.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 67811
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-108e3"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 281852
expires: Fri, 25 Apr 2025 03:12:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mKnZxZfuk%2F8yclYIrkIPvxMhHKJMFtUBNlNIXK47ypwukoYPzMQ3pa5DhbJkZmEZ%2BwKcZtl7B0lP0zMVZYMHebpfP3Vx7dvSm9bfPSptBI1PBofHZgV5s6TI1xYMLJGUHSc%2F12xW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ed8c602974b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js

104.17.25.14

200 OK

50 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
50 kB (49876 bytes)
Hash
de581e420bf52d70e353080a13094ea8
7e727d99fea8c31c2f2e3173105d585ee3289d31
4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 49876
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-c2d4"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 283268
expires: Fri, 25 Apr 2025 03:12:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uoo3Kthoi7Kf8dY0vjha5I04v%2FKNdrIUcIl%2Fg0DfQKfTp%2B1jmc5Bd22JGmynZ8LSFjsWj5KpWsHbRlYo41dW0%2BLcI%2BsHuAX3fu6OE3c%2FGNfOszsNCdjprhCC63u8tOPWv6Fis8Zv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ed8c603980b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js

104.17.25.14

200 OK

4.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14957)
Size
4.9 kB (4866 bytes)
Hash
5f4a59735ca9517d0478f395439bd517
f820c08cf114da8ec451e8eedc0da51dfcba5e02
ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9

HTTP Headers

GET /ajax/libs/vue-resource/1.5.3/vue-resource.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 4866
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c785b9-1302"
last-modified: Mon, 14 Jun 2021 16:37:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 281846
expires: Fri, 25 Apr 2025 03:12:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3a40fWY0bG0fuoHpiW7fg3qbquFsOqJmiHrtDNbLGQxm2Nr%2FIUx3un2A0DXwvl6uqxPTv4U7HZYkRYCLFb0Bq1%2BaiRKnFAc3j%2BvPfnE0RPyAVQnoQNk3e8mgURQ3AI2J1%2BYw%2F5V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ed8c60297ab518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

downgoodsk.live/static/logo.png

172.67.157.76

200 OK

4.6 kB

URL GET HTTP/3
downgoodsk.live/static/logo.png
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
PNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4595 bytes)
Hash
e4cdc6959f08294d79ba65acc4767bca
3fae9f20dd977934a6762be64f7e26509cc3eaaa
cd2cd2c4ec5ee724f31ab874d574820567c3407eedc6ee65b94fe6161ea2b0a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/logo.png HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: image/png
content-length: 4595
last-modified: Mon, 09 Oct 2023 06:21:06 GMT
etag: "11f3-6074298668fb6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c2RY%2BKBWR6PfHeUcoBph%2BkoHwPDhC0xnW%2B1kMoYr3c8A7B4h77jCOT%2F1WOpGzOLalLaR4NCtHjBQ109EkRO%2F9tng2o5uqk7Fs5axGNotN5HQOWJpVFnR7vIW8k1B90CqRA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed8c5fdfd556a2-OSL
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/market/img/payment.png

172.67.157.76

200 OK

15 kB

URL GET HTTP/3
downgoodsk.live/static/market/img/payment.png
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
PNG image data, 342 x 26, 8-bit/color RGBA, non-interlaced
Size
15 kB (14874 bytes)
Hash
d9e27afb8d07e73a5d78c58219db8284
2c8e0b0821ae555b66a6d9ad9d3f3a97d8164f99
1567d764b3ee71f11f52d807789d9a970c60dd195b39f2b295d476308d76aeb3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/img/payment.png HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: image/png
content-length: 14874
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: "3a1a-6055d10eca685"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RZjJlnFlIAPlULcNFxnv6KJFIHwSlV3Zdz8leZvOO3xFfQxed%2FGBIeC8tsknQ8SfXETjMFx1ZOgb7bRV8ysEAQhq%2BcepkER76G%2B%2BCg6JaF2KDrIguID1AgSCngYMwZ7gmmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed8c5fdfd656a2-OSL
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/default/js/public.js

172.67.157.76

200 OK

249 kB

URL GET HTTP/3
downgoodsk.live/static/default/js/public.js
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
249 kB (248572 bytes)
Hash
53ceae9d8b9f4372ad101d91439cdbb7
662fa3a84762aee5bcb1da67ebbe2e37b3eeb79e
535ee4fa0189e79bd9a7d6ae4aa466180c4ac5b82b47647482ddce74587ce249

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/public.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"76f-6055d10ea54b7-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8lvpVgw8SR3iZhEiuITm%2BGigorVoxcDJBVLQC9mWB2GUmD%2Brpc5Q4V6Fn2hL1GE1Hkas24gmwSWW%2FHh6AEnX0a5MLdrWlM3emKuqnl6%2BUTRoxp8UdFmgE7JT%2B1y%2FbBbVIM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fdfd356a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/store/css/checkout.css

172.67.157.76

200 OK

53 kB

URL GET HTTP/3
downgoodsk.live/static/store/css/checkout.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text
Size
53 kB (52630 bytes)
Hash
4b863c1345f71ff374b4fbbb6e78f442
5da106ab5de381b832786bbdd595900c08c451f6
99f7ad74232befd3e119ee5067ff9bb440d25bb05549f8d0660c9e02a977ba6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/store/css/checkout.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Tue, 21 Nov 2023 09:40:24 GMT
etag: W/"12d8-60aa6645dbe96-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwQaPwi9nFozwCnrQ5%2FaQY643kKOWCLpr2mds0Y4kWNfcX9hFaLluasJS7tQBGm66aKkqy%2Bu4u3gjvNyMnSGCHcwP4RIOf8%2FEBg80g5q8PDuAA8ajM%2Fv5FMbBh4nKzwZb7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fcfc956a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/magnific-popup.css

172.67.157.76

200 OK

2.4 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/magnific-popup.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text
Size
2.4 kB (2388 bytes)
Hash
b58cd2adcb50f958ee018641983181f1
b30cd626dda9e0fcc5fa207af4e1a34d11da8e04
bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/magnific-popup.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"1e06-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmUnxAXAQMfmhRyoAF324wfZohOXYuea7Gqgeeh4IZBpG%2FdEs4BtXSRc1ADq2u%2BXWhJWe02V6TCGZl%2BJsU4%2FrEuJH58%2FRl9Qj4AsWiwflpvvCK7SqkALQyA%2FybOENzMvw8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fbfbf56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/stylesheet.css

172.67.157.76

200 OK

18 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/stylesheet.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (529)
Size
18 kB (18202 bytes)
Hash
9a06a247e039b7a8e36cc1059d7c5c39
4a42d4ebcf871ec3ac45c47eb1110462616f2390
8cab6c22f51f0c08736e6ef55849ad723519a715a79568b749f9123a074878b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/stylesheet.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"16563-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2FkolvpVdAqIkrqBVye4iycWjWQ1IVGvIUhryBv0K7f4CD9wQPSVh67e5%2FricKhhju4z%2FzuPvd1B2T36i%2FJJNXyL5dFEk%2Fqey1qxyNscpZ4qwiULKh%2B5OG0sbO8106GlwmA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fbfc056a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.ytimg.com/vi/L02DsnTVGKI/sddefault.jpg

142.250.74.86

200 OK

44 kB

URL GET HTTP/2
i.ytimg.com/vi/L02DsnTVGKI/sddefault.jpg
IP
142.250.74.86:443
ASN
#15169 GOOGLE

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintD2:2C:3D:05:38:12:27:20:C9:64:22:58:3A:99:D5:43:6E:BD:3B:D2
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3
Size
44 kB (44255 bytes)
Hash
d67d2df2aa021e654d865cbcd74ea775
922c3021bcffa434eff818042953615cd375f7cf
3cfcae6947c110ee133268767602ee317ea773d4806e10b51388276587a00678

HTTP Headers

GET /vi/L02DsnTVGKI/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 44255
date: Sun, 05 May 2024 03:12:25 GMT
expires: Sun, 05 May 2024 05:12:25 GMT
cache-control: public, max-age=7200
etag: "1615740662"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

uploads.tapatalk-cdn.com/20160904/23fe9a88d964dc476f9aace67ac0d80c.jpg

104.20.44.10

200 OK

544 kB

URL GET HTTP/2
uploads.tapatalk-cdn.com/20160904/23fe9a88d964dc476f9aace67ac0d80c.jpg
IP
104.20.44.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjecttapatalk-cdn.com
FingerprintBE:AE:60:6D:E0:46:FF:71:87:C5:BB:B6:91:4B:FB:CF:16:CF:F2:E4
ValiditySun, 14 Apr 2024 14:38:59 GMT - Sat, 13 Jul 2024 14:38:58 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 640x640, components 3
Size
544 kB (544468 bytes)
Hash
6e994de1382bdc347052c2e70296b6a0
70ea978df006d4ed1404ce02788c9864fc6ac74d
82efcbfb822c5c046001d67603817bb072e24950395199b62b6b397b833f2dcf

HTTP Headers

GET /20160904/23fe9a88d964dc476f9aace67ac0d80c.jpg HTTP/1.1
Host: uploads.tapatalk-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:25 GMT
content-length: 544468
cache-control: public, max-age=86400
etag: "6e994de1382bdc347052c2e70296b6a0"
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed8c7bec3e712a-OSL
X-Firefox-Spdy: h2

i.ytimg.com/vi/JnaxRqiqQz0/sddefault.jpg

142.250.74.86

200 OK

54 kB

URL GET HTTP/2
i.ytimg.com/vi/JnaxRqiqQz0/sddefault.jpg
IP
142.250.74.86:443
ASN
#15169 GOOGLE

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintD2:2C:3D:05:38:12:27:20:C9:64:22:58:3A:99:D5:43:6E:BD:3B:D2
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3
Size
54 kB (53720 bytes)
Hash
6e2f2bd7fd0b9afaf8d914f4a72dc9b3
5c27ba5804c1ac7d0d658c33c4be779543c002a5
5f8e36da41b0fbfa051ce85b90a5267fb62b38ea1b8fe91b3fe10133d0c12795

HTTP Headers

GET /vi/JnaxRqiqQz0/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 53720
date: Sun, 05 May 2024 03:12:25 GMT
expires: Sun, 05 May 2024 05:12:25 GMT
cache-control: public, max-age=7200
etag: "1628608543"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upload.wikimedia.org/wikipedia/commons/d/dc/Powerloom_weaving_in_1835.jpg

185.15.59.240

200 OK

1.7 MB

URL GET HTTP/2
upload.wikimedia.org/wikipedia/commons/d/dc/Powerloom_weaving_in_1835.jpg
IP
185.15.59.240:443
ASN
#14907 WIKIMEDIA

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint48:3F:0C:71:F3:4A:E0:EA:30:D9:9B:D6:04:63:DC:DA:A8:F4:9D:FB
ValidityWed, 18 Oct 2023 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3215x2077, components 3
Size
1.7 MB (1665789 bytes)
Hash
f63d27075d62eaee5326c3af9fd332b6
9fd542ec53f2765901a90461d748ee6c34e7c403
aeff94fbf87b16f5859d201e880c65fe625ed620de1f39c6f4fc7ac2a5c5aa16

HTTP Headers

GET /wikipedia/commons/d/dc/Powerloom_weaving_in_1835.jpg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
x-object-meta-sha1base36: io4oqt0wr3lgm5yayl1uni10vxv32tf
last-modified: Sat, 22 Oct 2022 01:45:12 GMT
accept-ranges: bytes
content-length: 1665789
date: Sat, 04 May 2024 16:56:00 GMT
server: envoy
etag: f63d27075d62eaee5326c3af9fd332b6
age: 36985
x-cache: cp3078 hit, cp3078 miss
x-cache-status: hit-local
server-timing: cache;desc="hit-local", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
X-Firefox-Spdy: h2

downgoodsk.live/api/item/randomByKeyword

172.67.157.76

200 OK

138 kB

URL POST HTTP/3
downgoodsk.live/api/item/randomByKeyword
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JSON text data
Size
138 kB (137743 bytes)
Hash
b5900a5a474ae3a8982affbc0b49c957
2ed60c8477f4360dd9ed1a5c5ec80a8f66f96e56
c3b60a509dc832e402d7c929be28d4924826ba2ae461283c9a95a3868b346f4a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api/item/randomByKeyword HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 171
Origin: https://downgoodsk.live
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjZ3alBwL2tEbDdQWWI5Q1pkVm9WTEE9PSIsInZhbHVlIjoicVgxNFJYQ09SWjhHNU42ZysxbWFZR0s3dSttRStDRTU2anRvQmxrZ1dYNTZnaVEyQ1Vtd2RsTWpCVXQxK3BPMXVJRExBT3ZabXVqaUVTMSthbWxSZEI5TnViTzU5cHBUcFZWVWcrT3BDN3gzOEdsMjlYL2VpOXJhSDNBbWEwdDAiLCJtYWMiOiI0ZmZlODQ2NTkxY2U5NjhiZjQzYTUyODVlZWVjZjdkYTY0ZjU5OTY2MTc4MDllOTU4NjdiNDNlYzA2ZmEwYTJmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik02SGJ4c2VsNHJ6U3E3b2ZHVjZFNkE9PSIsInZhbHVlIjoiZC9pb1pjUEdiWlcwWWNDZytBcDhWQzZtOEl2WUN1a09jUnFZNU9kNzRRR1V5d3FjSEh1TXFVNVZXeGtxbkVoeVREWFNwWTVLZWlPY0NZc0FLWmF0Y0FJTjB6Q1gxSXRNNTk5Z2FZQWdwZ3JoR21Xb01KTnNZTUp3QUxOd0wwa0UiLCJtYWMiOiJiNTNjYjk1NTYzYzc3OGRkNzc0ODc1YTAxNDFmY2M2YTZmZmIyY2M2Y2FkZTUxNTY1NjEwMDQyNDE0NWY4YWZiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:24 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 56
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Imt1ZDFFVUZYWGNRYytuSTN4eU13eGc9PSIsInZhbHVlIjoiMHNRb2pnRGFSNHNUcmhKQnFSU0hrWGhicFlUdUZpdFF5NitYTk9lYmZmSmZqMTUwdTdTYVJqODFYUTFvVUNtZlkrL1VOQ1JBdGw5V3B2VXlVMnBQUkdROGRkdkV0NGhVSEYyZyszbkZCMkpVOUZoS2pMN016U1lhWlEwWkJUWVQiLCJtYWMiOiI5OGQwZDBjMzU2M2ExZjcxMGNjNjA0MmMzYjNlMjE2ZmU3YWJmMzNmYmEzMDhlZjY5MDBmNWFiZmMzZTcyNjhiIiwidGFnIjoiIn0%3D; expires=Sun, 05-May-2024 05:12:24 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOXww8ZkoadvPHq5elIuFMaFoYKK5QB4ys9Wx%2BCL0HilhdlmofZeLdV5LDCcUuvS0Xr3HfIYMekxOUWvizxYLGEdhptMTJ3R40Q3nBo7o1utB%2FVTZqJjy8%2BQ707EPvxD9%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c6fed3b56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/product_details/50324830.html

172.67.157.76

200 OK

294 kB

URL User Request GET HTTP/2
downgoodsk.live/product_details/50324830.html
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2315)
Size
294 kB (293731 bytes)
Hash
84ea31a7b5f8334ae39969d6fc1e1b40
c15fd71d12d786d57db6391158d4c0fa57836e96
78389f56aaad161f72b3d6a08dfc9fb6bfe64e7b27ec9229b74cb3b9c6a09f90

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /product_details/50324830.html HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; expires=Sun, 05-May-2024 05:12:20 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D; expires=Sun, 05-May-2024 05:12:20 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6nZ73dyKzoXyxj%2BGiLSRpD63SWXr7Sk64aR7pkc%2BGWZ83FW776V%2F1z4eYvHP5zU4qk1P3a1wNxV6PywWXYtofvbdm%2B048xBpZ8U26it7WAvXOKVJ8%2BKsZkWwSRI%2Bd21jCs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5b0c5bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

photos.yesterdaystractors.com/gallery/uptest/a172069.jpg

134.195.13.20

77 kB

URL GET
photos.yesterdaystractors.com/gallery/uptest/a172069.jpg
IP
134.195.13.20:0
ASN
#398491 HYPEREXPERT

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerGoDaddy.com, Inc.
Subject*.yesterdaystractors.com
FingerprintDC:D0:ED:85:CB:EE:7C:82:CC:5B:B5:52:EF:9C:6E:B1:E1:F4:9A:84
ValidityTue, 01 Aug 2023 20:48:06 GMT - Sun, 30 Jun 2024 19:40:27 GMT

File type
gzip compressed data, from Unix
Size
77 kB (76849 bytes)
Hash
90179a1ac20dd33afe492674f4a53982
7e395a1c2edd2bb381b0d8f3ea16cbc7fed98738
a68763bbcf82aff8fbfe56cf94bc0baf5db6d331ed9a1db26fdab309fb8f7daa

HTTP Headers

GET /gallery/uptest/a172069.jpg HTTP/1.1
Host: photos.yesterdaystractors.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:25 GMT
server: Apache
last-modified: Mon, 18 Sep 2017 01:04:02 GMT
etag: "12020-5596c517c6480-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: image/jpeg
X-Firefox-Spdy: h2

downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Fwww.muttonpower.com%252FMediaStorage%252FProduct%252FImages%252FLarge%252F2521_0205201911484734480.jpg

172.67.157.76

200 OK

5.7 kB

URL GET HTTP/3
downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Fwww.muttonpower.com%252FMediaStorage%252FProduct%252FImages%252FLarge%252F2521_0205201911484734480.jpg
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JSON text data
Size
5.7 kB (5744 bytes)
Hash
ec61c31a44a0c0104e6d5311cf4ae339
1848acc365a85a7a3e06aac5226ad1182035c0cb
2776ea4bef8595a3ca3100fb8c6908f0e1a629b22595d8807a0fa5ace82f15fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Fwww.muttonpower.com%252FMediaStorage%252FProduct%252FImages%252FLarge%252F2521_0205201911484734480.jpg HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjZ3alBwL2tEbDdQWWI5Q1pkVm9WTEE9PSIsInZhbHVlIjoicVgxNFJYQ09SWjhHNU42ZysxbWFZR0s3dSttRStDRTU2anRvQmxrZ1dYNTZnaVEyQ1Vtd2RsTWpCVXQxK3BPMXVJRExBT3ZabXVqaUVTMSthbWxSZEI5TnViTzU5cHBUcFZWVWcrT3BDN3gzOEdsMjlYL2VpOXJhSDNBbWEwdDAiLCJtYWMiOiI0ZmZlODQ2NTkxY2U5NjhiZjQzYTUyODVlZWVjZjdkYTY0ZjU5OTY2MTc4MDllOTU4NjdiNDNlYzA2ZmEwYTJmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Imt1ZDFFVUZYWGNRYytuSTN4eU13eGc9PSIsInZhbHVlIjoiMHNRb2pnRGFSNHNUcmhKQnFSU0hrWGhicFlUdUZpdFF5NitYTk9lYmZmSmZqMTUwdTdTYVJqODFYUTFvVUNtZlkrL1VOQ1JBdGw5V3B2VXlVMnBQUkdROGRkdkV0NGhVSEYyZyszbkZCMkpVOUZoS2pMN016U1lhWlEwWkJUWVQiLCJtYWMiOiI5OGQwZDBjMzU2M2ExZjcxMGNjNjA0MmMzYjNlMjE2ZmU3YWJmMzNmYmEzMDhlZjY5MDBmNWFiZmMzZTcyNjhiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:26 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6InVqZGlPQy9UVGZMNlpJMkw0Q0VKRVE9PSIsInZhbHVlIjoiQVBTRkhmMjR2WDF2dW4yZ3JsYmhQU2RTbFVlSFRVVDdqSzZlQjUxWE10VHVWUkhnV0poZFlmbzZUak9uenpIWDZXZzBqbHpqd3V2VXdyR1FncFdTMG0wVGpTcENQeGhCcTVxUXkydnB6OFEyMHpucHJqN24yaXk4RzNjL21sQTUiLCJtYWMiOiI1NmY3ZDAyNDhhM2ExZDE5NGI5ZGU4ZDc4YTk5YjRmNzFjMzJjZjFlN2NhMDljNzFiYTMyYzA5YTEyODk3NTI4IiwidGFnIjoiIn0%3D; expires=Sun, 05-May-2024 05:12:26 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajniYi2PbmKJV7CaaSxpsmxEUfLbFW2GQ%2F2jN38egdE7%2BbF7uo%2BnyazU7SzckyPyWrBK%2F6d%2FcXLVIo8%2FX4BRGvG7XEFQrs5BAj9cMteMumN2D1YH1FsxTNTYxJ%2B3QBYABSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c7ffb3d56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/api/item/secondCate

172.67.157.76

200 OK

17 kB

URL GET HTTP/3
downgoodsk.live/api/item/secondCate
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JSON text data
Size
17 kB (16673 bytes)
Hash
30435c13010b9a33a595e4563a42c5d6
47144e78f49499468c846ab00787a50c9cf65e7e
4ab398f36df6043a1fa0837b628f695f92b0b6f0544ae585572907ae3f7ef5e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/secondCate HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:21 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6ImNCSSt3VGY1aUxBS2cvZXlFVWtsSmc9PSIsInZhbHVlIjoiQWljcWxzMjFyVS9xeDcvTHdJdkdDVXplcDR2aE5GM2FadTZyZFZqUlUxdlJpNkVKZlBOWGVWdWVvaXR2cUl0RlNkRDB5ZjNqT20xYzNQUmpOdzNWckJiSyswQkdKT3BvbGZYT2Y5RlBCek1SVFU2Vk1WblllWjlxMEw1K2RzbWIiLCJtYWMiOiIwYTI5YzliMjFlOWJjZjk1ZmYxYzUxMTcyYTY1NmExOTA3NjczZmJmNjUzNTBmMzQ3ZmMyYTFkM2U4ZTVjN2E0IiwidGFnIjoiIn0%3D; expires=Sun, 05-May-2024 05:12:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShaYrw%2F0PJlSbU9SUeHn6Y9CLCn9EnOId60hi0n8Y5u8GTg0GQaRDtUk8Leyy7QPYvsYkxPyNSjsrk8bmZiytwZFRHKbkiZZrmEetzm7Px1mNDIzJQM6EO6gOZvKP%2BcIxsc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c62f8ca56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/default/css/iconfont.css

172.67.157.76

200 OK

8.4 kB

URL GET HTTP/3
downgoodsk.live/static/default/css/iconfont.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text
Size
8.4 kB (8391 bytes)
Hash
717c6e58da97df4ca9866d0cf9f1eecb
53b035e4136e3fcbf6d710633c10562bbb8fb1eb
8b3c92ce43d9af1d42ae13507d542ff6de94684152fec5f111c1e138db769d5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/css/iconfont.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"55c-6055d10ea1636-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h3noIB6Rstvj7IetJRgTYMi1sTz9JXiu%2BuNUTy9H0TjMRwc3I5Q0UpvUNY04qzfNdtEeheBSHVfysSEpLY0R96OESf0VN39K%2BzCy9FrB6XNPm%2Bk%2BpOWOWTd%2BdWvBdyJqQHM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fcfcc56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/default/js/delighters.js

172.67.157.76

200 OK

6.2 kB

URL GET HTTP/3
downgoodsk.live/static/default/js/delighters.js
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
Unicode text, UTF-8 text
Size
6.2 kB (6202 bytes)
Hash
cc31823856831d96acd96628fe1bc12c
4441d2792dc7fb9f54cde379cd6dd5085ae7af33
0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/delighters.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"a4b-6055d10ea50cf-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10IRBNJ8w%2BsKFu34Vsox%2Fz%2BrQ4m%2FPQKHc0pM46nO498IVgSc5rlfUV6HThHTu0Eucw5cKaF7TbcuqL9Du3m2Dv59PHJS7bPt2n4OtNfKmEc1P8w12xEQzYBqf%2FDsjSdO9As%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fdfd456a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bigiron.blob.core.windows.net/public/items/f563fdf5f868ec11b82000155d72dffa/johndeere1770nt1.6bushelseedboxeswmeters_053e331f09554f2290eb2fa69dae2efa.jpg

20.209.39.1

200 OK

280 kB

URL GET HTTP/1.1
bigiron.blob.core.windows.net/public/items/f563fdf5f868ec11b82000155d72dffa/johndeere1770nt1.6bushelseedboxeswmeters_053e331f09554f2290eb2fa69dae2efa.jpg
IP
20.209.39.1:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
Fingerprint56:BC:B6:F0:83:44:58:8C:74:CB:7B:D4:CA:D4:BC:D7:BC:DD:50:45
ValiditySat, 13 Apr 2024 17:45:11 GMT - Tue, 08 Apr 2025 17:45:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1000x750, components 3
Size
280 kB (279749 bytes)
Hash
ac19339bf56b5c3bbb97f96d0ab64d74
1ed3bada0cf16e096a1c423fce38c3a8c4792615
5664d19a70cfafdbc9cde7276b65cd3421fe8a2c041603ea8ccc207ff0d03b44

HTTP Headers

GET /public/items/f563fdf5f868ec11b82000155d72dffa/johndeere1770nt1.6bushelseedboxeswmeters_053e331f09554f2290eb2fa69dae2efa.jpg HTTP/1.1
Host: bigiron.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=259200, s-maxage=259200
Content-Length: 279749
Content-Type: image/jpeg
Content-MD5: rBkzm/VrXDu7l/ltCrZNdA==
Last-Modified: Thu, 30 Dec 2021 18:11:19 GMT
ETag: 0x8D9CBBFC759EBA2
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6b239f07-a01e-000f-189a-9e80f7000000
x-ms-version: 2009-09-19
x-ms-meta-Id: 83dd92e09b69ec11b82000155d72dffa
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 05 May 2024 03:12:25 GMT

downgoodsk.live/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0

172.67.157.76

200 OK

77 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://downgoodsk.live/static/your/css/font-awesome.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:21 GMT
content-type: font/woff2
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"12d68-6055d10ef2f03-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8oYFsklutzTdUJX%2Bz3qaZXyJFeULkx5QPpsP9PNy4%2BF1ItUafsy53oaIBQXBOOF%2FjKw%2B9he4RNjCwxO%2BL9bWyAp6RvA%2BGOGZtVnEbkqs2g%2FsxqnOjesfoJGHkna5TaQl174%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c6378ec56a2-OSL
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/default/img/20220514153821.png

172.67.157.76

200 OK

15 kB

URL GET HTTP/3
downgoodsk.live/static/default/img/20220514153821.png
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
PNG image data, 245 x 222, 8-bit/color RGBA, non-interlaced
Size
15 kB (15411 bytes)
Hash
3ecbb8f543b70888626038f8cf81f227
a9bf6388621ba59e09e59e58713e8abfc04e5ff3
2214e58d7962a38491fb50f2f641b869917fba48120c02e5f207b5c9025326f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/img/20220514153821.png HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjZ3alBwL2tEbDdQWWI5Q1pkVm9WTEE9PSIsInZhbHVlIjoicVgxNFJYQ09SWjhHNU42ZysxbWFZR0s3dSttRStDRTU2anRvQmxrZ1dYNTZnaVEyQ1Vtd2RsTWpCVXQxK3BPMXVJRExBT3ZabXVqaUVTMSthbWxSZEI5TnViTzU5cHBUcFZWVWcrT3BDN3gzOEdsMjlYL2VpOXJhSDNBbWEwdDAiLCJtYWMiOiI0ZmZlODQ2NTkxY2U5NjhiZjQzYTUyODVlZWVjZjdkYTY0ZjU5OTY2MTc4MDllOTU4NjdiNDNlYzA2ZmEwYTJmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVqZGlPQy9UVGZMNlpJMkw0Q0VKRVE9PSIsInZhbHVlIjoiQVBTRkhmMjR2WDF2dW4yZ3JsYmhQU2RTbFVlSFRVVDdqSzZlQjUxWE10VHVWUkhnV0poZFlmbzZUak9uenpIWDZXZzBqbHpqd3V2VXdyR1FncFdTMG0wVGpTcENQeGhCcTVxUXkydnB6OFEyMHpucHJqN24yaXk4RzNjL21sQTUiLCJtYWMiOiI1NmY3ZDAyNDhhM2ExZDE5NGI5ZGU4ZDc4YTk5YjRmNzFjMzJjZjFlN2NhMDljNzFiYTMyYzA5YTEyODk3NTI4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:26 GMT
content-type: image/png
content-length: 15411
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: "3c33-6055d10ea29be"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yU9J01PIkpdb9yZun7EnTJEUq1cV8pUM1KZ7y3d6mtcznguTr2k8TKg4sZKIhXCDYEIsq8xSbU1bR0UbVUc9Cqbe%2FZJtzcv%2FFBr%2FjrAWxaO4zIC4dY0f6GEOu6kquHm29jM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed8c84ad7e56a2-OSL
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/animate.css

172.67.157.76

200 OK

58 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/animate.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (460)
Size
58 kB (58273 bytes)
Hash
77a5c1c68584ef4f63535fd1b8f9ea8a
d0700bd7ef9ef7b5c17f7ae46930dabb23e18f81
a8b27255a12c6f055e0df480753920dbfda0f4057f0d701b5d715e03a550a46b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/animate.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"e3a1-6055d10ef1f63-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGU%2B%2FoIGsioS%2FwARdm1zf6GQV4vtt%2B3dLoQiQlxjr%2B%2B%2Bt36um3M5JAJGTALTZ%2BbCRI%2B%2FZU0%2FUi5fw1b%2BmlG3ZQG7ek3SHI6G%2Fg6cUB6%2BtrVCX9i9wV31pTu0M%2F9BIGRRSsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fbfc156a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/opencart.css

172.67.157.76

200 OK

1.9 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/opencart.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (2076), with no line terminators
Size
1.9 kB (1916 bytes)
Hash
c3539f75f7ceb88a42d224dc60e8fd25
1c27dadef4cf7199db95b8b3d2792107858e6fb3
dfdd02b5f0a91b0588510b93165d45f9d12c3478835ed93c6ca00c4a2f9a7df7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/opencart.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"77c-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PsZeqeBrxM%2FTF2wThtg5INnoxZG%2FKx6iAwbfWvJQGR8%2BOfTiYPmBBBTAjJemBvqnVhNsBw7ijsY7Kmbkwd%2BTJ22H3pLnt4JRCohpK9QqAou2cCr8LznFB2QxTFkHLxMru2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fbfc356a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/owl.theme.default.min.css

172.67.157.76

200 OK

936 B

URL GET HTTP/3
downgoodsk.live/static/your/css/owl.theme.default.min.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (941), with no line terminators
Size
936 B (936 bytes)
Hash
e781dd464fc6867934d0e6d39e490437
e5097e41900eab39cfba063f915261f09c96288f
c7872c41846b478f0977ef824a1ccc08911439c4c29a6055725cb5c8190fc872

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/owl.theme.default.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"3a8-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8gfRhIASYHyMQQPM1XTOnUvyEPBzLkNrIuqqIhbz6G%2F4TM4xKvKHXeoQuYWz8HjxNgoa9Wi2eJaubr9bW45YKCCP2gLOKResChVUMRxjyhIYEjtQ69RYDzXZpok48TehzPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fbfbe56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/jquery-ui.min.css

172.67.157.76

200 OK

17 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/jquery-ui.min.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (15129)
Size
17 kB (16730 bytes)
Hash
1f29bef8e189e09389ee650069da29d0
85ec0a5126e957e1f0596cf84010cf41e1fa321c
3d94f00ea8118cfa7a40019dd8696ebf16aebdd92f0ff5fec0411e97b8b7c44c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/jquery-ui.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"415a-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKOu9vkEQH5jymLJU4wFJqWBCCRvp5H9WocoVWcVij4wIIN1XVYiox8TBYmkh4XrAUUKhXg1Etdk%2BjZsKPzinD0RC6598nw0Id%2F7A0hB6ra8FKB1Re%2Fm%2B%2Bi52hNj5O1%2BreE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fcfc756a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/favicon.ico

172.67.157.76

200 OK

61 B

URL GET HTTP/3
downgoodsk.live/favicon.ico
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
2d963171282c4de9d6969472b23e47e3
1ea3d4ba9fe4b01b4edf5b7dcd20ac246d2187d8
87ed5a5a37969aa977d6f4fc16ae7a094bc1abc454307e011b65036646b4d3ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjZ3alBwL2tEbDdQWWI5Q1pkVm9WTEE9PSIsInZhbHVlIjoicVgxNFJYQ09SWjhHNU42ZysxbWFZR0s3dSttRStDRTU2anRvQmxrZ1dYNTZnaVEyQ1Vtd2RsTWpCVXQxK3BPMXVJRExBT3ZabXVqaUVTMSthbWxSZEI5TnViTzU5cHBUcFZWVWcrT3BDN3gzOEdsMjlYL2VpOXJhSDNBbWEwdDAiLCJtYWMiOiI0ZmZlODQ2NTkxY2U5NjhiZjQzYTUyODVlZWVjZjdkYTY0ZjU5OTY2MTc4MDllOTU4NjdiNDNlYzA2ZmEwYTJmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ijh5aDJmbWxXQXVhc1FSNDlZNG83NkE9PSIsInZhbHVlIjoieWJVRUowSkRxcS9NZjR1UXgwem5DMjhSSHdvVVphOHUxNkxQalIwbTFMT0JYcXR2WUxCa2Z3ekpEWGV4blBrTDUrU3lRTEgvSitzb1gzUUxyUXJWamVxbWVYRzdyMDlMWEhWeDZpeE8xaVRRb1lRaVhmTDN4V1NlbWllWlVGSGoiLCJtYWMiOiI3YmFlNTZiMjNhODQ0NDJmOTYxN2JiMDUxYjc3ZmZmZWZlNzFiYzc5ZGI2YjNkY2QzNTY3MzU3MDNmNTg5NGM1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:22 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UOmeDRS1hVneCgODsMr%2FBFYO%2B35rl5TRQDlspLAov81032lfGU6zYxhwRLULxY%2FOLW2jDnZ%2FZBHct45e4Xgl%2BPIYGG8FAYvhRNpQydDJ478sChbkzQSUm1TgF48OPSW4JPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c680ac156a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.mtdparts.com/dw/image/v2/BCSH_PRD/on/demandware.static/-/Sites-mtd-master-catalog/default/dw293af288/products/CMXGZAM501044-Belt-Routing.jpg?sw=630&sh=630&sm=fit

104.19.152.81

200 OK

51 kB

URL GET HTTP/2
www.mtdparts.com/dw/image/v2/BCSH_PRD/on/demandware.static/-/Sites-mtd-master-catalog/default/dw293af288/products/CMXGZAM501044-Belt-Routing.jpg?sw=630&sh=630&sm=fit
IP
104.19.152.81:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerEntrust, Inc.
Subject*.mtdproducts.com
Fingerprint17:D5:2F:B3:11:77:14:18:67:E9:97:93:B5:22:5E:47:41:33:D8:9D
ValidityTue, 30 May 2023 19:53:38 GMT - Thu, 30 May 2024 19:53:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 630x630, components 3
Size
51 kB (50571 bytes)
Hash
dc6f5ad72d220470e661510e4e242090
ba82a0a81370ee73484a2ccf857b82a6715814a3
5d29a7e636dcb7235593a199d6d3c30c8a7f4febac1df7d792e5f197c8777659

HTTP Headers

GET /dw/image/v2/BCSH_PRD/on/demandware.static/-/Sites-mtd-master-catalog/default/dw293af288/products/CMXGZAM501044-Belt-Routing.jpg?sw=630&sh=630&sm=fit HTTP/1.1
Host: www.mtdparts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:23 GMT
content-type: image/jpeg
content-length: 50571
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=56163
etag: "47f4d727fdd4e09bc5db32d78e1873c8"
last-modified: Wed, 28 Feb 2024 14:46:19 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-id: leSl5tuXZSwvihU1wHid5aVLWYMEcOiizMoKW0Iq-NQ2uUq2MQbJ5g==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
x-amz-expiration: expiry-date="Sun, 30 Mar 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
x-amz-meta-cleanquerystring: sw=630&sh=630&sm=fit
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed8c709934569b-OSL
X-Firefox-Spdy: h2

rvpartsexpress.com/wp-content/uploads/2022/07/MOR97149.jpg

172.67.158.125

200 OK

137 kB

URL GET HTTP/2
rvpartsexpress.com/wp-content/uploads/2022/07/MOR97149.jpg
IP
172.67.158.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectrvpartsexpress.com
FingerprintFD:07:2A:28:F0:7F:BE:4C:69:57:F3:9F:B1:EE:DF:85:56:23:3C:A4
ValiditySat, 20 Apr 2024 09:34:28 GMT - Fri, 19 Jul 2024 09:34:27 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Macintosh), datetime=2019:09:11 16:46:05], baseline, precision 8, 1425x950, components 3
Size
137 kB (136713 bytes)
Hash
c1c7b0478842ba16c6d1a7f9ca0f0e67
bc80170d5bd015c5c86f0e5e0304bddffabd8c9b
605e5611d52eda97e23ecaae331dd8b26fc14562e7d39b00baf0ee7658be8f97

HTTP Headers

GET /wp-content/uploads/2022/07/MOR97149.jpg HTTP/1.1
Host: rvpartsexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:12:25 GMT
content-type: image/jpeg
content-length: 136713
last-modified: Thu, 04 Jan 2024 09:27:47 GMT
etag: "65967a13-21609"
cache-control: public, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWPnfo3fbnR88tNi%2BaONq9egs2eB3FsDggids73dk9TPauxHp7Qjxc5n9llWmp9W0kX0G%2BV2iGT9OHyUt5lGmF1R4u%2Bw11YLZpBx3VQqkKt%2FJPTxts5C7thaVPObbZvJ05zLpAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed8c7bf85b0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.muttonpower.com/MediaStorage/Product/Images/Large/2521_0205201911484734480.jpg

0.0.0.0

0 B

URL GET
www.muttonpower.com/MediaStorage/Product/Images/Large/2521_0205201911484734480.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://downgoodsk.live/product_details/50324830.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MediaStorage/Product/Images/Large/2521_0205201911484734480.jpg HTTP/1.1
Host: www.muttonpower.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

downgoodsk.live/static/default/js/vue.min.js

172.67.157.76

200 OK

94 kB

URL GET HTTP/3
downgoodsk.live/static/default/js/vue.min.js
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65449)
Size
94 kB (94151 bytes)
Hash
b21b8531847604ab5f2f5caaef51ba31
da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/vue.min.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"16fc7-6055d10ea6458-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=74zbejdVflHP92L8D9u%2B%2BTihAZBvBCrKxjilUVwK19uAi18x0VKBbYPCvd6DT%2BqTvvPSGpmKbe%2FyPGKDDADPQCtkgDyzsTzHC8jwcFWSneWkEriouQZhsRc4u8gRA7%2B%2Fm%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fdfd256a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/api/item/info?id=50324830

172.67.157.76

200 OK

1.9 kB

URL GET HTTP/3
downgoodsk.live/api/item/info?id=50324830
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2039), with no line terminators
Size
1.9 kB (1850 bytes)
Hash
f530a1ff9770df83cf173d7100f72927
1b7a7baf97bd8e44744205424b4495dfa435ee41
43a055a5a04fb296ec8f7f00053725d5835fbba5cb12733a72f00f2c85e1bf6a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/info?id=50324830 HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:23 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Ik02SGJ4c2VsNHJ6U3E3b2ZHVjZFNkE9PSIsInZhbHVlIjoiZC9pb1pjUEdiWlcwWWNDZytBcDhWQzZtOEl2WUN1a09jUnFZNU9kNzRRR1V5d3FjSEh1TXFVNVZXeGtxbkVoeVREWFNwWTVLZWlPY0NZc0FLWmF0Y0FJTjB6Q1gxSXRNNTk5Z2FZQWdwZ3JoR21Xb01KTnNZTUp3QUxOd0wwa0UiLCJtYWMiOiJiNTNjYjk1NTYzYzc3OGRkNzc0ODc1YTAxNDFmY2M2YTZmZmIyY2M2Y2FkZTUxNTY1NjEwMDQyNDE0NWY4YWZiIiwidGFnIjoiIn0%3D; expires=Sun, 05-May-2024 05:12:22 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPuFaxYHQKwJSih8Y0CqV%2BqbDVeCY3wwA8bLXnJ2YubDniBE3erp1%2BqFmSKVpFE%2FEGzJ54mflSYVsKXmV7t4AKZCoxm%2FY0DFNQPbs9As8EUfv5qAuPzmjzyzUnkINoeL8r8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c63a8f956a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/css.css

172.67.157.76

200 OK

61 B

URL GET HTTP/3
downgoodsk.live/static/your/css/css.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
2d963171282c4de9d6969472b23e47e3
1ea3d4ba9fe4b01b4edf5b7dcd20ac246d2187d8
87ed5a5a37969aa977d6f4fc16ae7a094bc1abc454307e011b65036646b4d3ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/css.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fdq26m7W59PMoXMxQHTLpQr2KCIjAckpcYW7WMfIu24Fsi0SfmUS0OBQekeSnq3GUf4b0fgwTFR3hMG%2FTezy%2BIUNXc0QgCy0d19oSMGT9KTa1ziHu9zVWYDJv%2FIwWRCFfKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fafb956a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/owl.carousel.min.css

172.67.157.76

200 OK

2.9 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/owl.carousel.min.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (2943), with no line terminators
Size
2.9 kB (2936 bytes)
Hash
4d4667e9d189e4986f510490969ec75c
cf8ab378a96e61b92571e9f0927e54bb89bed195
5110a28a79fceab8d0800452b37b74ab88d659fd6e34ab89d6247c0c8a3117ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/owl.carousel.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"b78-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nYc1SqodQV5Y8HcObYgxbV7AstxNNNEHMMvMVxy6RqQyjr93oFvjwzLxr9i5GlnUWaFQqyTVzRxEtvtuAwgJTEdTjzJEUk2c8vjaF%2BqW8s1fR4STTcE7jDjMsX96jpS3Hs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fbfbd56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/lightbox.css

172.67.157.76

200 OK

3.5 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/lightbox.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (3638), with no line terminators
Size
3.5 kB (3470 bytes)
Hash
313f1bf7c27b92bf95c8c5a09456017b
8cbc95754b0ca2df9ca15484a994a1a9989db819
b0ac5f3e113197f2a22d84177033a0e586247ada4ec1d0427137fb2a15b144af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/lightbox.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"d8e-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkBZySTlpGqRvXC%2BT6W87shUSI611mqAVw5l3Z%2BQygksSeQjOnP%2FuXq38oSEcKQdmee9JYLQQpsz9k%2BAXnx1oU%2BAA3ItSdQy8S4tidIJsBEbtbmcR%2BxCNpEuwKV0bwgGHX4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fbfbc56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/api/cart/index

172.67.157.76

200 OK

139 B

URL GET HTTP/3
downgoodsk.live/api/cart/index
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
44f293d1057e83d64adbd382f9753c0c
64b4ac33d19337d1a099cf6f41cacbf95d017ac6
e0b1b9c0ec1aa8b305e8ee8c3f3946d9de911e5b0d29b9a80dfe128ce623fa13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/cart/index HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
Authorization: 
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:21 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6ImlsSUp1aENSTzdZM1pMdGYyVUQyWmc9PSIsInZhbHVlIjoiVUJ4N3pVZHo1V3ZQT0ZmVkdwV1ROVkw3TXkzcTIwaWJpVVlpc2hqYVRJQzZrNHRwM05mSWhwTk90SjlvM1B2TWJHYVJZMTNMeS9hK3FhUCs0SFVCU2RPWi8xcDBJS3J1NUxSbk13b2J2bzl4UDZYUy80L1d5STZJZGJ0THJ4ZE8iLCJtYWMiOiI1NWQ0Y2YyNmVkMDU3YWY5NTY0MzliOTQzNTc3MTg4NGEzNzFmNjA2ZjExZGVmMzZlYTEzYWZhYmJhNDEyYTg1IiwidGFnIjoiIn0%3D; expires=Sun, 05-May-2024 05:12:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQNN%2BHiFy0nDGEP6JLQATr3XV2p9TcVib55DKpd7n2hrEvlJzF4DmhWUNTuebDAYTWi%2F5Dynp2ohRIwhl7tmI9B61ZQk0aK1ENeVbQe6vG0jfIYScGzd30O8PWjPsBoDBMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c62f8cb56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/traffic_statistics?gurl=

172.67.157.76

200 OK

0 B

URL GET HTTP/3
downgoodsk.live/traffic_statistics?gurl=
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /traffic_statistics?gurl= HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:21 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjZ3alBwL2tEbDdQWWI5Q1pkVm9WTEE9PSIsInZhbHVlIjoicVgxNFJYQ09SWjhHNU42ZysxbWFZR0s3dSttRStDRTU2anRvQmxrZ1dYNTZnaVEyQ1Vtd2RsTWpCVXQxK3BPMXVJRExBT3ZabXVqaUVTMSthbWxSZEI5TnViTzU5cHBUcFZWVWcrT3BDN3gzOEdsMjlYL2VpOXJhSDNBbWEwdDAiLCJtYWMiOiI0ZmZlODQ2NTkxY2U5NjhiZjQzYTUyODVlZWVjZjdkYTY0ZjU5OTY2MTc4MDllOTU4NjdiNDNlYzA2ZmEwYTJmIiwidGFnIjoiIn0%3D; expires=Sun, 05-May-2024 05:12:21 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ijh5aDJmbWxXQXVhc1FSNDlZNG83NkE9PSIsInZhbHVlIjoieWJVRUowSkRxcS9NZjR1UXgwem5DMjhSSHdvVVphOHUxNkxQalIwbTFMT0JYcXR2WUxCa2Z3ekpEWGV4blBrTDUrU3lRTEgvSitzb1gzUUxyUXJWamVxbWVYRzdyMDlMWEhWeDZpeE8xaVRRb1lRaVhmTDN4V1NlbWllWlVGSGoiLCJtYWMiOiI3YmFlNTZiMjNhODQ0NDJmOTYxN2JiMDUxYjc3ZmZmZWZlNzFiYzc5ZGI2YjNkY2QzNTY3MzU3MDNmNTg5NGM1IiwidGFnIjoiIn0%3D; expires=Sun, 05-May-2024 05:12:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rH48KLP9yJ%2FoV%2B%2BVLWOmNonP7h9QNfybxYCs2zRydY%2FKY7N06cNSh2FkixL1et9tLdScnQERpe0pgiNFrAfQ%2FLnRKqSMa3ESQ2lYhuPIPlomwACzhZSE30Wm4rJGGNZHZO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c64793d56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/img/footer-bg.jpg

172.67.157.76

200 OK

171 kB

URL GET HTTP/3
downgoodsk.live/static/your/img/footer-bg.jpg
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x425, components 3
Size
171 kB (170800 bytes)
Hash
01aad85abef2e701361ee4ded47754e4
cc6770719c0b7639740145824e048f339340c0c7
73eb0994db66a8e45749f3fd6b0b5d32416d5654eb867f0bf9819a6cd65e8aba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/img/footer-bg.jpg HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downgoodsk.live/static/your/css/stylesheet.css
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:21 GMT
content-type: image/jpeg
content-length: 170800
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: "29b30-6055d10ef5de4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eVjhHBAtkiiSK1Toegrwf8U%2BeUIxWRfcSTM1SPUGiBVZaX2Gvrr2W5tgxf6wJJNVooM%2FeRXjFQxVfSnHRWqI35jROWObYb3WPjgsaeXQra%2BVHNCTQ2GnrS8V%2BzHwak4mlAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed8c64994a56a2-OSL
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/swiper.min.css

172.67.157.76

200 OK

18 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/swiper.min.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (17459)
Size
18 kB (17759 bytes)
Hash
6af34d0737ad0ca608111771cf74cc79
15d0417baa08a741c6aee19fdfbf4813635f98f8
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/swiper.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"455f-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCxZ2AvYBXdLYl%2F1f7yPBn0QD%2FWD1Sz3p0ElYPHQcsO7j%2Fm1xPrV8Eqguy0S2bfx%2FY%2Flf5tgcdG4CEv0CqaA8OR9jA9P%2Fur8738BAEGuUByz4hXNPrObT1v3nuEBd5ZJ%2BxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fbfc256a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/market/js/jquery.min.js

172.67.157.76

200 OK

84 kB

URL GET HTTP/3
downgoodsk.live/static/market/js/jquery.min.js
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JavaScript source, ASCII text, with very long lines (32061)
Size
84 kB (84245 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/js/jquery.min.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"14915-6055d10ecc1dd-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHuthkZtYKyMOeS1zfIJdxutfUpsaUe%2B%2B4UkoHA%2FfIOc3m4ozinqSaciGtEiwDzBqbnXitGF0T1DFrR%2BoxrLnPLtO1mbmrM%2FN29F5cfDtc2ZqtUqdhKAfwCbfoFZOhUWLaE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fcfca56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/font-awesome.min.css

172.67.157.76

200 OK

31 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/font-awesome.min.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (30813)
Size
31 kB (30976 bytes)
Hash
ba098bc004de79c602b8a80093ecfb6d
07e2a0eae9e2a64f753638b5281b878b586f054d
ad6ed6588f8299f92680d0b1e7d3103621f713060409ac419094140e6fdaeb84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/font-awesome.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"7900-6055d10ef234b-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9pALdpxKJeMeFUJofDo5mSlA%2FtRunBEIw8vidfnJSh%2B02lTtH%2Ftonuz8wf8v04rZPfXPJrEF%2Fa58znzH1BBSOwZzvrN9mPhTo2llQv6dXxOLH7BwkNZ2uyVd2AfBZUA%2FXDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fafba56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/bootstrap.min.css

172.67.157.76

200 OK

120 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/bootstrap.min.css
IP
172.67.157.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/50324830.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (65371)
Size
120 kB (119508 bytes)
Hash
3fc294a6e2e1cdcc652fc702f0ecda80
87fdf5f58d2bc3bd19940403f33a2a7f9869c446
ff95d530a782ce6fa179cd74b1da4a39764e9405666f5aaeed2f34aa9c66ce66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/bootstrap.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/50324830.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV1Q09JUERCNHNCS3Q1ZHNFengwNWc9PSIsInZhbHVlIjoiZ09XbWtLdVY3T0tacU1YRVo4YnVmcVhhaHdVMCs3K0xJS0p6Mm5YMjVneGQ3NkFnMnZsK3hhS0lJcDdyN21zZ2h5Mlc1cW1vdFh4TFNJT1QzUWdmcnQvN2l0TFVLVUJCRm00UFVia2xzU0lwUkl3OWhPdnc3ZUtsNU04Yks3MkciLCJtYWMiOiJhNTJkMWU5NTNhZjM4NTcxZjc3MDE4ZDJmZjVmOWI2NTQwNjE2YmUzN2FkMGM4N2Y3NWUzYzQ3YTJjZTExZTcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZIK2NhWE1KOVMydFBjZHRLMWNFR2c9PSIsInZhbHVlIjoiRmFFNno3SzA0N2pUNlh3Q2J6MTBnWkROS0gvMkRsRTlhSlVZUHJmZ3huUVpFLzhZWk5JS2RFMFRoVWhnWEg5NGV2MDB3YTNsK2ZIZDJUR3RIMjhKcU9tUlNaNHBYLzdBZjRzNjhLbDFnQ2tEcWFiUnlrbWlKV2tFTldzRFF5bm0iLCJtYWMiOiIyMzk0MTljYTIzZWViOGE4NTMwOGRjOWZlZTZmMzFjOGU5NTg3NDNlOTczMDdiZmMyNjM1OTRiNTA5NWI2NzRiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:12:20 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"1d2d4-6055d10ef234b-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njf%2FJLZtXe14iJlyt9Tqz1%2BwxTyz7y57mzCKXcUDAmWmWrD6ZzCH1xRS3wByE4rHL%2BoKDDkM9xWdVAD%2Bt6qF%2F3CxLj2f3V%2Bn3uvule0bYsSH5DNSJsjd82hr%2Bq2aFjXhyp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8c5fbfbb56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (49)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by