Report - 4f-pl.top/

Report Overview

Submitted URL
4f-pl.top/
IP
104.16.198.133
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 12:22:37
Access
public
Website Title
Marka 4F - odzież, obuwie, akcesoria sportowe na miarę olimpijską.
Final URL
4f-pl.top/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
translate.googleapis.com	1005	2005-01-25	2012-05-31	2024-04-18	1.7 kB	75 kB	142.250.74.106
translate.google.com	1156	1997-09-15	2012-05-30	2024-04-18	443 B	90 kB	142.250.74.46
4f-pl.top	unknown	unknown	No data	No data	38 kB	2.3 MB	104.16.198.133
sc-static.net	1183	2017-03-16	2017-09-05	2024-04-18	396 B	20 kB	54.230.82.240
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	982 B	25 kB	142.250.74.163
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-17	1.0 kB	6.4 kB	142.250.74.99
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2024-04-18	523 B	2.2 kB	142.250.74.106
at.alicdn.com	11137	2008-06-25	2013-11-28	2024-04-18	1.0 kB	4.6 kB	47.246.44.250
services.addons.mozilla.org	6161	1998-01-24	2012-05-21	2024-04-18	677 B	1.8 kB	54.230.111.129
cdn.staticsoe.com	unknown	2022-04-01	2022-04-01	2024-04-14	13 kB	2.4 MB	104.18.169.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed
2024-04-18	medium	4f-pl.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (49)

	URL	Size	First Seen	Last Seen
	4f-pl.top/	148 kB	2024-04-18	2024-04-18
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 14:22:45 Last Seen2024-04-18 14:22:45 Times Seen1 Hash 9149f9dbf8c395550bf819e893a7d27c 0a4636bb2e12815f8f6244deda2efa66a9d07a69 a4504feca5ec92ae73af22f73f4f4f743b4383eb510244b823b8577d2771ade9 Loading...

	4f-pl.top/	462 B	2023-09-15	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-15 00:25:12 Last Seen2024-05-01 19:03:08 Times Seen277 Hash 9b90fddfcd524a4730652cf40123a5cc 8f5f4ea5368f81ab8df47dc1e97fa39440c2bd59 34bb0fdee7ef950a3697de247751cd1e3f3ce55b60bc1c2b584562bf87ad9d01 Loading...

	4f-pl.top/	3.8 kB	2024-04-11	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-11 20:33:05 Last Seen2024-05-01 19:03:08 Times Seen11 Hash dce9cd11ec730306ff9a08b76e76062c 27d85d9448b0d022d55cf991e78082c5b381efcf 5bf93e70121efe5f262cbd55eb91b7e40c979de8ccc360a27292e8f6e7c8623b Loading...

	4f-pl.top/app-assets/countdown/61353/index.js?var=1698305618	125 kB	2024-03-20	2024-04-18
Pretty URL 4f-pl.top/app-assets/countdown/61353/index.js?var=1698305618 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 12:11:18 Last Seen2024-04-18 14:22:45 Times Seen6 Hash 4124b8cb406986c19ff891659c098ca9 5d1a4dd7632db74a9636de24ec188f178dc811eb ad101f78c0871ce73b4ac79c90fe3130a48ef87740880aebad77ec1139d5fc18 Loading...

	4f-pl.top/app-assets/trusttool/61353/index.js?var=1709621308	823 kB	2024-03-20	2024-04-18
Pretty URL 4f-pl.top/app-assets/trusttool/61353/index.js?var=1709621308 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 12:11:18 Last Seen2024-04-18 14:22:45 Times Seen10 Hash 093a5d4b0e9ad64962848239fb61bfda 1358f47568dfcd791bd86f7e2ca9e194c7a752d5 2be711f58819991d01b8297251be038662fa58d4ba4e079edfc72f8a98839c9c Loading...

	4f-pl.top/_/translate_http/_/js/k=translate_http.tr.no.wfkJqv-YmvI.O/am=wA/d=1/rs=AN8SPfrCjpYUjfm7wnNP1AA9sLmjvQrzgQ/m=el_conf	90 kB	2024-04-18	2024-04-18
Pretty URL 4f-pl.top/_/translate_http/_/js/k=translate_http.tr.no.wfkJqv-YmvI.O/am=wA/d=1/rs=AN8SPfrCjpYUjfm7wnNP1AA9sLmjvQrzgQ/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 14:22:45 Last Seen2024-04-18 14:49:35 Times Seen3 Hash 515dcda33a8b5322ad7845d6f81e44ed 1c3b96df7d3bf35f71b49a961fde16c88062cf8c 08ff12bf96785cb8a465e6c1fdaac1d025a0f713ad10ee2095e414edbcac5de0 Loading...

	4f-pl.top/	1.1 kB	2023-10-14	2024-04-29
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-14 10:46:39 Last Seen2024-04-29 10:46:56 Times Seen188 Hash 851900c74726a4766554611f6120edb8 4ba667c05c58ed72a135e071c350df7702858222 84881d26e57820e5b0be0a56ce50ac20431fb711cf77a694a212674fb48790a7 Loading...

	4f-pl.top/	126 B	2024-04-06	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 13:59:58 Last Seen2024-05-01 19:03:08 Times Seen14 Hash ffd78f1ecf4ac331c56e1e33918f748d 6178e5a3bc390d07e0cbd04971baa86dab3ee9d0 f856558f1b4b5b4291595975127bdfd3447c23f50645142defdcc13534d25a4f Loading...

	4f-pl.top/	535 B	2023-03-08	2024-04-26
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 01:45:04 Last Seen2024-04-26 16:34:49 Times Seen203 Hash bac17873ec0c29c9206925d88c105d3d 75a39dcc584f4202d57c3a43af2bec899a2a491a 075eb18fec8ccd8ce7d49679f9ceab73b6230658604cc518a1f9d79579699b16 Loading...

	4f-pl.top/	2.0 kB	2023-11-03	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 13:35:33 Last Seen2024-04-25 08:58:17 Times Seen32 Hash 555726e9e0910eeda9d9a5e1baf86533 d2786c2d4eaec96f0dc3519cce3b118f4055e693 189441b83219303c526e31b5ce98a9f0fcb2de2f175b4e922e1ee5b2fdf4f479 Loading...

	4f-pl.top/app-assets/gift/61353/index.js?var=1702029258	149 kB	2024-03-20	2024-04-18
Pretty URL 4f-pl.top/app-assets/gift/61353/index.js?var=1702029258 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 12:11:17 Last Seen2024-04-18 14:22:45 Times Seen5 Hash 149fbaee6370d2f74d8178059e9eb779 835fcf2610eaf988d8600414c3c4c03e758d6875 c938031a4d2b9fa537e5bd72f2e51fde02ed5a1340d87047f0ac86607c703414 Loading...

	4f-pl.top/app-assets/searchbox/61353/index.js?var=1703576531	40 kB	2023-12-28	2024-04-25
Pretty URL 4f-pl.top/app-assets/searchbox/61353/index.js?var=1703576531 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-28 06:36:04 Last Seen2024-04-25 08:58:18 Times Seen93 Hash ae222bfdd9b78e6e568bf0dde60725ec e4c9ba390c97efbab18af907e17f2671e55a638c 6bac07d5fedb0465bd545b1b039c08aacdac4a0b53521793ba33b6aaead0744c Loading...

	4f-pl.top/app-assets/virtualtrack/61353/index.js?var=1698305978	121 kB	2024-04-18	2024-04-18
Pretty URL 4f-pl.top/app-assets/virtualtrack/61353/index.js?var=1698305978 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:09:58 Last Seen2024-04-18 14:22:45 Times Seen3 Hash 4e62c52659d796c5c492388e4de5bafa 96b24680ad2fda9097ad60a071dee705fbfdaa5a 8c933b30367413f44f9a6edafe431f957675c912ebeee8d98fe44a6f0e4f8b48 Loading...

	4f-pl.top/	795 B	2024-01-05	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-05 14:24:07 Last Seen2024-05-01 19:03:08 Times Seen89 Hash df556482bc0e408b20960b0c56caa361 6579da4db483f73a82ca0c8538808d782bd0a8b1 76b604091ff73f90ce21f6b18d41f116bd92a10cb2a437f22867ae05cf88817b Loading...

	4f-pl.top/	11 B	2023-03-07	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:39:41 Last Seen2024-05-01 19:03:08 Times Seen384 Hash b308b7fe5c1c2bbdc0cb686d451b84aa bc83eb7e6487768f88af9fa4db682f0d3daaee17 636159b35205da4142a43bc02d2849d77d3ac07a0946211585cde15a9c6ff21f Loading...

	4f-pl.top/	1.7 kB	2024-02-05	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-05 12:20:18 Last Seen2024-05-01 19:03:08 Times Seen35 Hash d9276cf7f2a76b4014c48d4047a1263b 7ae277464b82e88aad62e2e044d35e4de1ac9821 8ce0039ca330976d947efb409e27fe2e589c91299ec79a9c71603c1bcecd69f6 Loading...

	4f-pl.top/	3.2 kB	2023-07-23	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-23 09:47:36 Last Seen2024-05-01 19:03:08 Times Seen313 Hash 54b2d73ece20a11eb2899e085b085664 e8520354b1dff4d5867bc8bf57553a30f5739221 c3ff84344d41e2f19b0124f780d06fc3b1739a974eed811b75cdd0a0b5c2274b Loading...

	4f-pl.top/	18 kB	2023-11-14	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-14 10:07:10 Last Seen2024-05-01 19:03:08 Times Seen194 Hash 291a64329dc9bf041d4c69b591dacc43 5039842aae8652258c1e9594c336af2baffcf0a2 bb0f973d78d777df54f32dbbcccb22af4107aedcdc29bd72712c7184d0140ebb Loading...

	4f-pl.top/	391 B	2024-01-02	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-02 13:10:36 Last Seen2024-04-25 08:58:17 Times Seen14 Hash 3aa0afb62fef3259ba19cedb761e2a39 40d6d84a6b3e903a549858cc9fa85423b6ddd9ff 78d4b34e9708d996afdb600507a1a3283eca07133d46b85fca1b595418bab23c Loading...

	4f-pl.top/app-assets/recentproductbrowsetool/61353/index.js?var=1702031713	125 kB	2024-02-03	2024-04-25
Pretty URL 4f-pl.top/app-assets/recentproductbrowsetool/61353/index.js?var=1702031713 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-03 03:43:47 Last Seen2024-04-25 08:58:17 Times Seen10 Hash 5ab8a8522e1941aebf8d3c74f9acf88d d28959ac3eb70ffc8281c52692624dcc04ae9d78 7047e4269e433225cc438f2a03dba9241afa8ec2bca2df2f8253563e868dbfc6 Loading...

	4f-pl.top/	682 B	2023-03-07	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:39:41 Last Seen2024-05-01 19:03:08 Times Seen90 Hash 2ab4be0d74d37f287119fe877808504e c640310425c52cae0efb42ce29bf91b3514f4d96 83183218b7c0289fd3bfa545b11bbdd59e8af09faace8c335e8ac880b8623c7c Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.wfkJqv-YmvI.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpW4EzCeOQOHOPHE_Ws17GobuT70A/m=el_main	213 kB	2024-04-16	2024-04-22
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.wfkJqv-YmvI.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpW4EzCeOQOHOPHE_Ws17GobuT70A/m=el_main IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 07:53:23 Last Seen2024-04-22 21:37:55 Times Seen105 Hash 4bb91f7d3340c67fbc422fe923cb4ce4 aa81f4daf848d66f92f853be4bb57333694b2712 2244a4c055184acc3ee54d04f44cde9f71829b12a6adc7ad0956e76eb48c072a Loading...

	4f-pl.top/	2.9 kB	2023-12-28	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-28 06:36:04 Last Seen2024-05-01 19:03:08 Times Seen35 Hash 86e1daf57bb49c847f823836b1e1123e df323b3300a08e2f92dc1d788444f5c2f555bcad c24c6510c06fd3080674148f193263fae6f55fbf68d765afc51b33959f28e3da Loading...

	4f-pl.top/	1.8 kB	2024-01-25	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-25 16:06:39 Last Seen2024-04-25 08:58:17 Times Seen5 Hash c8d5af0ba5d68e0f5a5de7283793a3a0 9aacdcb85af191cedf083a54348d4671dc57ced5 06d518f85101e75e6ec19e360b4b0427d5847a911a0a868ab70e4c41e9a87468 Loading...

	4f-pl.top/	638 B	2023-11-11	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 15:59:41 Last Seen2024-04-25 08:58:17 Times Seen6 Hash 68e2d61627c29b600f65616225bf2191 c308d15d7cbcb023319ef72d94be1fd5cc2dc306 696015768f42cf76819cf8192a85b694d21e0b03c89f224b6ea334f6b0c40c81 Loading...

	4f-pl.top/	1.7 kB	2023-11-11	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 15:59:41 Last Seen2024-04-25 08:58:17 Times Seen6 Hash 539be95165a1e8b94dced594d7325e0b 429968de9892942a5b3c5c01600bde73ce8bd251 ef09f0e82ecc1bc7ea6448b669a8080c136c163247729ddddd1fa41d5647867c Loading...

	4f-pl.top/	1.7 kB	2023-11-11	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 15:59:41 Last Seen2024-04-25 08:58:17 Times Seen6 Hash 038858d7fc7e19713f20ae9a9473ebe6 4befd0dc650a3ae1b2e7a572251a79c7a03ed9fe 6dd0608636dc0918725ec1bc63cb9581ee0fb92ae1ea9d73fdb8f2260995f23a Loading...

	4f-pl.top/	1.7 kB	2023-11-11	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 15:59:41 Last Seen2024-04-25 08:58:18 Times Seen6 Hash 6d984a8cfe8878198596d8a832ef97f2 7f13acd3492f5755a4aa99793e567580306abd7b 5da6b01ec06d58a62bd7dfa2212ae8c8d781626c74502376d32c469f40e7cecf Loading...

	4f-pl.top/	3.3 kB	2024-01-25	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-25 16:06:39 Last Seen2024-04-25 08:58:18 Times Seen5 Hash e4cd31f1afb640904e1bd059ebacc718 1b92b04d75dd264a68417d242ad4dad998fa7f27 975962f9b9375439df318efd9225bafa945471940ad537b4d7b9195d754a1e30 Loading...

	cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6	28 kB	2024-02-23	2024-05-01
Pretty URL cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6 IP 104.18.169.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-23 06:41:52 Last Seen2024-05-01 19:03:08 Times Seen25 Hash 07fb0d45d962f0ee4546b0d70a2722a3 a4116bd5ebcbea2503deb6a44e0fc3c2894aae45 7ce4586aca574aba3f3c6e0ab119e28e28dd04338899cdb552bf6845b8150938 Loading...

	4f-pl.top/	244 B	2024-01-07	2024-05-01
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-07 15:18:32 Last Seen2024-05-01 19:03:09 Times Seen31 Hash ed5946dc9407826a4b0a3f8f48908f35 1a878f6aceb2d8f3fe7a4f148a591c0a2d2d3da4 8eb376f95d4af59c7239f41562fd3819a57c1fd7c026ba49bfc8fccb1a8fb9a8 Loading...

	4f-pl.top/	98 B	2023-11-03	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 13:35:33 Last Seen2024-04-25 08:58:18 Times Seen7 Hash 788ecc95e59e93bcf49b1558b7f55011 c6a20adb1491b21df53425112ead9743c32988df e710fa609dfdfa955bbd118f547e2161188970b7535e2acb31d4e843173cfea3 Loading...

	4f-pl.top/	101 B	2023-11-03	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 13:35:33 Last Seen2024-04-25 08:58:18 Times Seen7 Hash 72cb4fae446e598ec972c518bb0b9e90 e1f7ce81edb58235cf72f6a423886562b46a2113 b110a6caa3e6aabe39b9d35ba9712bb519eb5b4f336c60dd0d627ea286d16bb6 Loading...

	sc-static.net/scevent.min.js	46 kB	2024-04-10	2024-04-19
Pretty URL sc-static.net/scevent.min.js IP 54.230.82.240 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 03:05:52 Last Seen2024-04-19 17:38:23 Times Seen122 Hash 264bae03f1d598bca141e0840046b194 721f3a0714d44e5cb641fc99ad12b955130a88e3 f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef Loading...

	4f-pl.top/	114 B	2023-11-03	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 13:35:33 Last Seen2024-04-25 08:58:18 Times Seen7 Hash 7e4f46bda30139e479aadd0f6c1e3b13 f3945e315f3fbb02de7c2f6cb2f4309a6be8d4fb 339e0a9bf8b8145681482b0a3984b52a6eaaaf72db2d87544f92afe8f93e673a Loading...

	4f-pl.top/app-assets/popups/61353/index.js?var=1709719087	218 kB	2024-04-18	2024-04-18
Pretty URL 4f-pl.top/app-assets/popups/61353/index.js?var=1709719087 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:09:57 Last Seen2024-04-18 14:22:45 Times Seen3 Hash be34b474a77881dda7051786435ebba9 829a8d68b51c27edc4f9739c92a9b4d6f64dda9e 0655eeefb04b50ff08bb01b05e4b87d79ac3460470499ebd4dce701ea46fe045 Loading...

	4f-pl.top/	107 B	2023-11-03	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 13:35:33 Last Seen2024-04-25 08:58:18 Times Seen7 Hash ce0fb120bc9558e088bd696a7fc1484e a5399bf72c9607c20e295396f5d161df8e478585 1cd5188561a4df9f165876c01530cf5c1fc3eb247966a4728dfaef43cfb6a523 Loading...

	4f-pl.top/	98 B	2023-11-03	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 13:35:33 Last Seen2024-04-25 08:58:18 Times Seen7 Hash 45a5a8ec6dea294128268197789c9f25 dac94476e745765500326fff74a568c839f5f768 b6c1c188fbdb050b674dce0fa535eb3c854881b31fcd5be39cf57b92a0fed52d Loading...

	4f-pl.top/	83 B	2024-01-25	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-25 16:06:39 Last Seen2024-04-25 08:58:18 Times Seen5 Hash fae783dccf57dab1264d2218f590d6bc c2dec0ffb5471dd058f8d21ace8df43ac0f95b2e db52f69c833f513fcc946f3c9f776027c3a081597299972d4df67263468fa77f Loading...

	4f-pl.top/	138 B	2023-11-03	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 13:35:33 Last Seen2024-04-25 08:58:18 Times Seen7 Hash cd8789f31cd40b1aed02d214d4776ad8 79db9c7076b7c77a4dbc9eb38df7252b85cf8d3f 1957f9029e562587eb1d89afd0c5c5d2a15d60b91abcbf0b28ab5edcc68043b4 Loading...

	4f-pl.top/app-assets/recentsale/61353/index.js?var=1698305700	88 kB	2024-02-01	2024-04-18
Pretty URL 4f-pl.top/app-assets/recentsale/61353/index.js?var=1698305700 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-01 00:06:04 Last Seen2024-04-18 14:22:45 Times Seen14 Hash 085931428612ef3404c3dbb6148631e9 9946172d1302e2aabef21189aab9568abfc650a3 a41ebe007057e39c82f9726468553fcfd9884cb7fcd8ac0dca7949c3871568fb Loading...

	4f-pl.top/	96 B	2024-01-25	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-25 16:06:39 Last Seen2024-04-25 08:58:18 Times Seen5 Hash f63afbd11acfd87cf6a83b27be922d43 1327d08db0bdc9d5e947b1d7f637e18b57268e4c 805d0d96d3d508b8e7a0a769ca041eadaab59e1cee0fe795b978c645753ae856 Loading...

	4f-pl.top/	98 B	2023-11-03	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 13:35:33 Last Seen2024-04-25 08:58:18 Times Seen7 Hash d9215434c2b822e07bebde659298373c 8c406a2e9d5535a96b31664eaaad45c453bc2d79 f8a5d5c09ec26ed515cccc27876259d3e02f4a6833bb0c05546fe4a3372053ab Loading...

	4f-pl.top/	87 B	2024-01-25	2024-04-25
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-25 16:06:39 Last Seen2024-04-25 08:58:18 Times Seen5 Hash ab19ad5bc4670e1fccf69958760f2b0a 5ce5bd4b3d84a7bfb0d1e67d40a5e9c3176717fa 8a970835080de576306ae3c34dece3da1d3599235ae8c53fe1d823fe34ffbffc Loading...

	4f-pl.top/app-assets/sizechart/61353/index.js?var=1698391181	124 kB	2024-04-18	2024-04-18
Pretty URL 4f-pl.top/app-assets/sizechart/61353/index.js?var=1698391181 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:21:56 Last Seen2024-04-18 14:22:45 Times Seen2 Hash ad6adcefb24412b1861abb8b6de60cd7 696babe9ec24540ed9f7a4035f7179ccd11cb3eb 1e6c20d633373ab812ac49667d5939fd14f56b512b40ced048e40dae201ec327 Loading...

	4f-pl.top/	36 B	2024-04-18	2024-04-18
Pretty URL 4f-pl.top/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 14:22:45 Last Seen2024-04-18 14:22:45 Times Seen1 Hash f9d6f81a8b520e2c73e1320e0ced664a 4884d3ec896a5833a38b0b3f0060d573a66c7e2f 6fef8f7c2da21e24fb70e09e54234ad1dfffc632ec2cf6ff2f8b60bc5749a22e Loading...

	cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5	484 kB	2024-03-19	2024-04-18
Pretty URL cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5 IP 104.18.169.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-19 17:12:29 Last Seen2024-04-18 14:22:45 Times Seen19 Hash ec70fef8576eb2e1cbde0a4292139530 e2763a8cd4ca9558012d4e0df4da9fdbb7bc5722 163f87232b1ffbe04b4f1a2bb841a2494634992d93ac04c05da40e5db71badb2 Loading...

	4f-pl.top/app-assets/googletranslate/61353/index.js?var=1698305836	86 kB	2024-01-31	2024-04-25
Pretty URL 4f-pl.top/app-assets/googletranslate/61353/index.js?var=1698305836 IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-31 16:36:53 Last Seen2024-04-25 08:58:17 Times Seen27 Hash d33e76d517fdde7a64d49493dc656f88 632f0db0e05f1381285e370184b67a4f709c9b5a acc0aa77d07c8df25cedf0e95eab58490c1102d0978f89aca5d43762d0aac6ec Loading...

		Size	First Seen	Last Seen
	#1 Write - 5f0161df5e73ea20601ff3dab4ef26ab	3.0 kB	2023-12-20	2024-04-29
Pretty Observations First Seen2023-12-20 18:22:32 Last Seen2024-04-29 10:46:57 Times Seen670 Hash 5f0161df5e73ea20601ff3dab4ef26ab 84e6775dd2ad6d916a147998bc61e6cd68e22bbb 4d4aacae5b844d395df9e947d6e87c28811d84c7d6b4c8ce160bbf9f0dc3926c Loading...

HTTP Transactions (65)

URL IP Response Size

cdn.staticsoe.com/uploads/0/theme/default/assets/banner_loading.png?v=7fe39bdcdcabdc30d14d1f99c308db2b

104.18.169.76

200 OK

23 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/assets/banner_loading.png?v=7fe39bdcdcabdc30d14d1f99c308db2b
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 3840 x 1600, 8-bit/color RGB, non-interlaced
Size
23 kB (23352 bytes)
Hash
7fe39bdcdcabdc30d14d1f99c308db2b
1d355213e4346ff9d06274c93523fc4d98b583c0
a290c6c3053dc46eb4c6632cebcea32eea7da4274d3931d4c703f2ba6c916af7

HTTP Headers

GET /uploads/0/theme/default/assets/banner_loading.png?v=7fe39bdcdcabdc30d14d1f99c308db2b HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: image/png
content-length: 23352
x-oss-request-id: 654CD917F488A53136B93DF7
vary: Origin, Accept-Encoding
etag: "7FE39BDCDCABDC30D14D1F99C308DB2B"
last-modified: Thu, 09 Nov 2023 06:27:19 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7125506954030682244
x-oss-storage-class: Standard
content-md5: f+Ob3Nyr3DDRTR+ZwwjbKw==
x-oss-server-time: 1
cf-cache-status: HIT
age: 52380
expires: Fri, 26 Apr 2024 12:22:06 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e54c953b4f4-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231027/d824ccda1f5d2aabdeaf4008c56e2762.png

104.18.169.76

200 OK

3.8 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231027/d824ccda1f5d2aabdeaf4008c56e2762.png
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 200 x 97, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3821 bytes)
Hash
d358c2728d38b73d0785b2193560965f
bfc392fb46731b82d1a961244772e84a731a099c
0acf18507c12cc96723558cd9705ad40af5d328cb9365d097682ba2b8a550643

HTTP Headers

GET /uploads/61353/cart/resources/20231027/d824ccda1f5d2aabdeaf4008c56e2762.png HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: image/png
content-length: 3821
x-oss-request-id: 660B3079D5610430357AF518
vary: Origin, Accept-Encoding
etag: "D358C2728D38B73D0785B2193560965F"
last-modified: Fri, 27 Oct 2023 03:26:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 572407742235419303
x-oss-storage-class: Standard
content-md5: 01jCco04tz0HhbIZNWCWXw==
x-oss-server-time: 19
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:06 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e54c95ab4f4-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/0/theme/default/assets/empty_loading.png?v=51ba92483a4282450a82bd1e58a7b541

104.18.169.76

200 OK

6.9 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/assets/empty_loading.png?v=51ba92483a4282450a82bd1e58a7b541
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 1020 x 1020, 8-bit/color RGB, non-interlaced
Size
6.9 kB (6857 bytes)
Hash
51ba92483a4282450a82bd1e58a7b541
0a9c0f2bdd7f801733f8c07e7f8d41e172701263
900803e3916a6a75d3c2e39f033ec970387de83a5b91385030e620fe7623d6ff

HTTP Headers

GET /uploads/0/theme/default/assets/empty_loading.png?v=51ba92483a4282450a82bd1e58a7b541 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: image/png
content-length: 6857
x-oss-request-id: 656825957484AD32327E925F
vary: Origin, Accept-Encoding
etag: "51BA92483A4282450A82BD1E58A7B541"
last-modified: Thu, 30 Nov 2023 06:02:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12169997832694763196
x-oss-storage-class: Standard
content-md5: UbqSSDpCgkUKgr0eWKe1QQ==
x-oss-server-time: 3
cf-cache-status: HIT
age: 65315
expires: Fri, 26 Apr 2024 12:22:06 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e54c955b4f4-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20240105/77287b03262c5f36972b4d772a5d4858.jpg

104.18.169.76

200 OK

112 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20240105/77287b03262c5f36972b4d772a5d4858.jpg
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3
Size
112 kB (112549 bytes)
Hash
c8c820a4c0b08f5ac19513b8fd2e0c75
61406cef065021393ffcaeef79b44b6495b8e8d8
863014270e470fda452a889b82b82447b47eab1615190d8c9197bc15d01bf87c

HTTP Headers

GET /uploads/61353/cart/resources/20240105/77287b03262c5f36972b4d772a5d4858.jpg HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: image/jpeg
content-length: 112549
cf-bgj: h2pri
content-md5: yMggpMCwj1rBlRO4/S4MdQ==
etag: "C8C820A4C0B08F5AC19513B8FD2E0C75"
last-modified: Fri, 05 Jan 2024 08:29:53 GMT
vary: Origin, Accept-Encoding
x-oss-hash-crc64ecma: 3546909521613634464
x-oss-object-type: Normal
x-oss-request-id: 661CB4D390AF513237A16DC2
x-oss-server-time: 53
x-oss-storage-class: Standard
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:06 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e54c958b4f4-OSL
X-Firefox-Spdy: h2

sc-static.net/scevent.min.js

54.230.82.240

200 OK

19 kB

URL GET HTTP/2
sc-static.net/scevent.min.js
IP
54.230.82.240:443
ASN
#16509 AMAZON-02

Requested by
https://4f-pl.top/
Certificate
IssuerAmazon
Subjectsc-static.net
FingerprintE4:8A:DF:2D:95:33:E5:93:D4:43:8A:14:06:EA:EA:E8:AD:29:20:0F
ValidityThu, 21 Dec 2023 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (27992)
Size
19 kB (19297 bytes)
Hash
264bae03f1d598bca141e0840046b194
721f3a0714d44e5cb641fc99ad12b955130a88e3
f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef

HTTP Headers

GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 19297
server: CloudFront
date: Thu, 18 Apr 2024 12:22:07 GMT
access-control-allow-headers: Content-Type
access-control-allow-origin: *
content-encoding: gzip
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=38b33afdb36f494aa03f175381ce5c1b;max-age=86400;expires=Fri, 19 Apr 2024 12:22:07 GMT;Path=/scevent.min.js;Secure;SameSite=None
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4jLEXCymj9s638ZQPSoY-Hjot5VaIq3XcyWBCZjoBAMzAMVLmb-CKw==
X-Firefox-Spdy: h2

fonts.gstatic.com/s/frankruhllibre/v6/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

142.250.74.163

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/frankruhllibre/v6/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19900, version 1.0
Size
20 kB (19900 bytes)
Hash
3f3feedf5b4b90abf094f63ea6d87710
2ba4349e31c137dbe75ad327de9eb04a87e26165
e845309bca1ba7946299dc5ea01a12f66784e7220003ff3c438714decfa8c413

HTTP Headers

GET /s/frankruhllibre/v6/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://4f-pl.top
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 19:13:25 GMT
expires: Wed, 16 Apr 2025 19:13:25 GMT
cache-control: public, max-age=31536000
age: 148122
last-modified: Tue, 01 Sep 2020 03:50:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6

104.18.169.76

200 OK

7.8 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
7.8 kB (7766 bytes)
Hash
96afd8ae933a668f3daf26bd95bc95a6
4285b6fe54816e3e60f8effc0b396ce1b9848868
5f2c27fd8ce921c5c8663ea491139714306effb9f081505dc5bd09b1de7ce568

HTTP Headers

GET /uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 661F9E369979C733391343F2
last-modified: Wed, 17 Apr 2024 07:16:50 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16609357670485251830
x-oss-storage-class: Standard
content-md5: lq/YrpM6Zo89rya9lbyVpg==
x-oss-server-time: 3
cf-cache-status: HIT
age: 65315
expires: Fri, 26 Apr 2024 12:22:06 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 87649e54c961b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231025/3076DE5A-9D41-26FA-D522-2AAE07A6C6CC.webp

104.18.169.76

200 OK

59 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231025/3076DE5A-9D41-26FA-D522-2AAE07A6C6CC.webp
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
59 kB (59110 bytes)
Hash
ce01a02635dba880fcf88d387b332310
84ba4603f41949f732395faf207c338031d6cfe2
df96d78981c6a82a9927b641909920097b3610c9290de1a960659ce75f840d34

HTTP Headers

GET /uploads/61353/cart/resources/20231025/3076DE5A-9D41-26FA-D522-2AAE07A6C6CC.webp HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: image/webp
content-length: 59110
x-oss-request-id: 6614CBC75EDFF63330A1354E
vary: Origin, Accept-Encoding
etag: "CE01A02635DBA880FCF88D387B332310"
last-modified: Wed, 25 Oct 2023 10:17:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7015334483528113473
x-oss-storage-class: Standard
content-md5: zgGgJjXbqID8+I04ezMjEA==
x-oss-server-time: 103
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:08 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e5db970b4f4-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231025/D19D7256-6CAE-C90C-F623-F6C0B5F60DB9.webp

104.18.169.76

200 OK

100 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231025/D19D7256-6CAE-C90C-F623-F6C0B5F60DB9.webp
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
100 kB (100028 bytes)
Hash
ab7d517716db634e038ea85489b65eed
c2a1deae6afc32f811b40e92df7ca86ac31f9532
38d3bbc96c68e2e34f5eedb57614d8fbe25da3f2f3f88dbabb93b16b993f8dbb

HTTP Headers

GET /uploads/61353/cart/resources/20231025/D19D7256-6CAE-C90C-F623-F6C0B5F60DB9.webp HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: image/webp
content-length: 100028
x-oss-request-id: 661E065976EC4B3738B9B81B
vary: Origin, Accept-Encoding
etag: "AB7D517716DB634E038EA85489B65EED"
last-modified: Wed, 25 Oct 2023 10:17:23 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12250360979182194297
x-oss-storage-class: Standard
content-md5: q31RdxbbY04DjqhUibZe7Q==
x-oss-server-time: 32
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:08 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e5db979b4f4-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-assets/virtualtrack/61353/index.js?var=1698305978

104.16.198.133

200 OK

135 kB

URL GET HTTP/2
4f-pl.top/app-assets/virtualtrack/61353/index.js?var=1698305978
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
gzip compressed data, from Unix
Size
135 kB (135165 bytes)
Hash
cd558539f44ae5ccdaf72e5eedafab51
06012d2f7cc865cbffc36bcc158344e462372664
cf8cd9a7d8de9b722d77ddce04ddc4934b7e38bc6065b68e4bd12ad3ba8a5722

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/virtualtrack/61353/index.js?var=1698305978 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106F3BC8A53739CBAAD5
last-modified: Thu, 18 Apr 2024 08:20:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13313105535713749605
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: 7uLn5HpKpWPY+tSkw/4DnA==
x-oss-server-time: 2
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:07 GMT
server: cloudflare
cf-ray: 87649e53dad956c0-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231025/EE75E9C6-4CFC-31E2-BBCB-6CAB24E66860.webp

104.18.169.76

200 OK

155 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231025/EE75E9C6-4CFC-31E2-BBCB-6CAB24E66860.webp
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x2133, Scaling: [none]x[none], YUV color, decoders should clamp
Size
155 kB (155200 bytes)
Hash
9c40a93789e79e13832037eff3e67403
c0141d9b2f281418d1e5f887c107bc6eb783ab46
13505485319deee78332921a978a93ff3f59db7da52666d4199f0380bbd324be

HTTP Headers

GET /uploads/61353/cart/resources/20231025/EE75E9C6-4CFC-31E2-BBCB-6CAB24E66860.webp HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: image/webp
content-length: 155200
x-oss-request-id: 6620B90DF488A53531F00476
vary: Origin, Accept-Encoding
etag: "9C40A93789E79E13832037EFF3E67403"
last-modified: Wed, 25 Oct 2023 10:16:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3151570706438223117
x-oss-storage-class: Standard
content-md5: nECpN4nnnhODIDfv8+Z0Aw==
x-oss-server-time: 51
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:08 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e5dc984b4f4-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-assets/trusttool/61353/index.js?var=1709621308

104.16.198.133

200 OK

344 kB

URL GET HTTP/2
4f-pl.top/app-assets/trusttool/61353/index.js?var=1709621308
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
gzip compressed data, from Unix
Size
344 kB (344311 bytes)
Hash
f21dcb007c1335019c9d67c76bc0b629
6fbd290132a196295babbe83f6045e136e9a7a35
eb06da884247ee7a6c0e792aaab6daae04fcf22c95f907a24efd079e7dfeeceb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/trusttool/61353/index.js?var=1709621308 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106F857E3839350DE59D
last-modified: Thu, 18 Apr 2024 08:20:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16105371887059623042
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: CTpdSw6a1klihII5+2G/2g==
x-oss-server-time: 5
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:07 GMT
server: cloudflare
cf-ray: 87649e53eb0a56c0-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-assets/sizechart/61353/index.js?var=1698391181

104.16.198.133

200 OK

44 kB

URL GET HTTP/2
4f-pl.top/app-assets/sizechart/61353/index.js?var=1698391181
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
gzip compressed data, from Unix
Size
44 kB (44312 bytes)
Hash
1ce4aafa4181b0468bfd37a0e9eac8e3
91fbe21e8ab507f18e4872f6a24499b81904cd60
4dcd9e6eabcf92959d1402f079e4e427f1fe968d6f482591e80860b5ee94fb3e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/sizechart/61353/index.js?var=1698391181 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106ED2CC453830530C15
last-modified: Thu, 18 Apr 2024 08:20:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17662297797237407075
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: rWrc77JEErGGGruLbeYM1w==
x-oss-server-time: 2
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:07 GMT
server: cloudflare
cf-ray: 87649e53dada56c0-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20240105/172da11f95475d6b1c20c807c330cf55.jpg?x-oss-process=image/resize,m_lfit,w_1920

104.18.169.76

200 OK

292 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20240105/172da11f95475d6b1c20c807c330cf55.jpg?x-oss-process=image/resize,m_lfit,w_1920
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x630, components 3
Size
292 kB (291450 bytes)
Hash
d9c38c9f654a2b8a5b52b820e9b319a1
a88aea433da2fc243dcf3c8eb5b3bb96578ac562
96b20062f1ed094bb9cefbefd30f8739b10d1123fd84bbf29ce787ca26cf1a1e

HTTP Headers

GET /uploads/61353/cart/resources/20240105/172da11f95475d6b1c20c807c330cf55.jpg?x-oss-process=image/resize,m_lfit,w_1920 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: image/jpeg
content-length: 291450
cf-bgj: h2pri
etag: "2B1DC3FC9003FFE5D4AB59BAB019E765"
last-modified: Fri, 05 Jan 2024 08:09:12 GMT
vary: Origin, Accept-Encoding
x-oss-hash-crc64ecma: 17771640114148012585
x-oss-object-type: Normal
x-oss-request-id: 6620B90E9EAA1A3437C26643
x-oss-server-time: 130
x-oss-storage-class: Standard
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:08 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e5dc98ab4f4-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-api/recentsale/61353/info

104.16.198.133

200 OK

7.2 kB

URL GET HTTP/2
4f-pl.top/app-api/recentsale/61353/info
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
gzip compressed data, from Unix
Size
7.2 kB (7221 bytes)
Hash
f8945bb589b5bf13a223cb858701d655
5b4060132a7cfb662d2856da2d2b7d4ad00e5ae2
62b30d7d956119e4dd75ab308d7f46abb94b2813f20d2c9853dcf955dbbeb9d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-api/recentsale/61353/info HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/json; charset=utf-8
x-trace-id: 591AFFAF-EFF6-4B6C-28C7-38AD282B6376
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: *
access-control-request-headers: *
access-control-expose-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e591c6b56c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5

104.18.169.76

200 OK

220 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
220 kB (219750 bytes)
Hash
ec70fef8576eb2e1cbde0a4292139530
e2763a8cd4ca9558012d4e0df4da9fdbb7bc5722
163f87232b1ffbe04b4f1a2bb841a2494634992d93ac04c05da40e5db71badb2

HTTP Headers

GET /uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 661F775EC3F24534348C96F7
last-modified: Wed, 17 Apr 2024 07:16:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9134437363252466855
x-oss-storage-class: Standard
content-md5: 7HD++FdusuHL3gpCkhOVMA==
x-oss-server-time: 8
cf-cache-status: HIT
age: 65315
expires: Fri, 26 Apr 2024 12:22:06 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 87649e54c952b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

4f-pl.top/dist/front/assets/415a6fb983d3d506283c.woff2?t=1686211178958

104.16.198.133

200 OK

2.2 kB

URL GET HTTP/2
4f-pl.top/dist/front/assets/415a6fb983d3d506283c.woff2?t=1686211178958
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
Web Open Font Format (Version 2), TrueType, length 2212, version 1.0
Size
2.2 kB (2212 bytes)
Hash
5e845ac75e407a38e30312f7c7bdc2be
7f40b07e06ca50a33930316dc3052b7f1887b353
58ae705f6c18280bbb0fbde724a38dfdab1d80f83e4cadc5eb3a9f728a8fb495

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dist/front/assets/415a6fb983d3d506283c.woff2?t=1686211178958 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: application/octet-stream
content-length: 2212
x-oss-request-id: 662110705BAF0B3133FD713B
vary: Origin, Accept-Encoding
etag: "5E845AC75E407A38E30312F7C7BDC2BE"
last-modified: Thu, 18 Apr 2024 08:20:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6742069295934362351
x-oss-storage-class: Standard
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: XoRax15AejjjAxL3x73Cvg==
x-oss-server-time: 7
cache-control: public, max-age=86400
cf-cache-status: MISS
expires: Fri, 19 Apr 2024 12:22:08 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e5d7c3656c0-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231027/61353_03bca9f8ed4e264769167decfa93cff2.png

104.18.169.76

200 OK

2.8 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231027/61353_03bca9f8ed4e264769167decfa93cff2.png
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2786 bytes)
Hash
0fc5a56b308fed7bbfe73c6cbf4b9af5
08d3cc02c5f2b773ff921f1c53cd2ee672082f72
65eba46b9e65d70840938828dd2871058f1cb31cfc1cf73e2b7ffe8eacd7886b

HTTP Headers

GET /uploads/61353/cart/resources/20231027/61353_03bca9f8ed4e264769167decfa93cff2.png HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: image/png
content-length: 2786
x-oss-request-id: 6557739B8083E737353E4066
vary: Origin, Accept-Encoding
etag: "0FC5A56B308FED7BBFE73C6CBF4B9AF5"
last-modified: Fri, 27 Oct 2023 06:10:04 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 952959149060134187
x-oss-storage-class: Standard
content-md5: D8WlazCP7Xu/5zxsv0ua9Q==
x-oss-server-time: 37
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:08 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e614f66b4f4-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-api/recentproductbrowsetool/61353/products?visit_id=d7b8c73ae9be8bd52702a3d0b6c5c34b

104.16.198.133

200 OK

4.5 kB

URL GET HTTP/2
4f-pl.top/app-api/recentproductbrowsetool/61353/products?visit_id=d7b8c73ae9be8bd52702a3d0b6c5c34b
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
New Line Delimited JSON text data
Size
4.5 kB (4484 bytes)
Hash
44a6a349645c5079ff08a74dedcac684
9f854fb2c0fcaf8f79acf74e580ae32ba55f0c3c
38d90e774a11e98d9dc2edf4b5bb1c2f86df06dc69bc2b5c8dfb6054c2ee1aa9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-api/recentproductbrowsetool/61353/products?visit_id=d7b8c73ae9be8bd52702a3d0b6c5c34b HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: application/json; charset=utf-8
x-trace-id: 9AF77587-1754-1FB4-2F4C-4085A4BF0A09
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: *
access-control-request-headers: *
access-control-expose-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e5c19c456c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.wfkJqv-YmvI.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpW4EzCeOQOHOPHE_Ws17GobuT70A/m=el_main

142.250.74.106

200 OK

74 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.wfkJqv-YmvI.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpW4EzCeOQOHOPHE_Ws17GobuT70A/m=el_main
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (2333)
Size
74 kB (73503 bytes)
Hash
4bb91f7d3340c67fbc422fe923cb4ce4
aa81f4daf848d66f92f853be4bb57333694b2712
2244a4c055184acc3ee54d04f44cde9f71829b12a6adc7ad0956e76eb48c072a

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.wfkJqv-YmvI.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpW4EzCeOQOHOPHE_Ws17GobuT70A/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 73503
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 17:19:39 GMT
expires: Thu, 17 Apr 2025 17:19:39 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 02:24:49 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 68550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

142.250.74.163

200 OK

3.3 kB

URL GET HTTP/3
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3340 bytes)
Hash
2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:43:59 GMT
expires: Wed, 16 Apr 2025 01:43:59 GMT
cache-control: public, max-age=31536000
age: 211090
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

142.250.74.99

200 OK

910 B

URL GET HTTP/3
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced
Size
910 B (910 bytes)
Hash
efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 15:01:12 GMT
expires: Wed, 16 Apr 2025 15:01:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
vary: Origin
age: 163257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.106

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 18 Apr 2024 12:22:09 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=513=IDa3Pxulvt8I7ci308ypc_3PYqq4sKaIQnAAXqLFADQnOVeC4DP0hbEdiZpJfNaLdEKr_-EOgIXZARxiDiT9DnOtbT5j-dvdCeyZARx5wCTOsVaiV9mlTdJJdpJ-6z6-cSn07suww2a4XKn48HOIzvptFlwueGsAffcpmWVz95U; expires=Fri, 18-Oct-2024 12:22:09 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Thu, 18 Apr 2024 12:22:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css

142.250.74.99

200 OK

4.0 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:56:48 GMT
expires: Wed, 16 Apr 2025 09:56:48 GMT
cache-control: public, max-age=31536000
age: 181521
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.staticsoe.com/statics/apps/static/recentsale-front/holiday_newyear_top.png

104.18.169.76

200 OK

3.1 kB

URL GET HTTP/2
cdn.staticsoe.com/statics/apps/static/recentsale-front/holiday_newyear_top.png
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 90 x 77, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3086 bytes)
Hash
7286a7d99640c7a1cbdb478cc819d434
ad40ccd3335dd149f936835cf56d02fe26253a82
0f96fe680793ca5c6825a92b5f7de30b1c8a5d35afc92f0379285f4b92a67c4c

HTTP Headers

GET /statics/apps/static/recentsale-front/holiday_newyear_top.png HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:10 GMT
content-type: image/png
content-length: 3086
x-oss-request-id: 65E1C8C676EC4B36374CADEB
vary: Origin, Accept-Encoding
etag: "7286A7D99640C7A1CBDB478CC819D434"
last-modified: Mon, 14 Feb 2022 07:59:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4901823410734665154
x-oss-storage-class: Standard
content-md5: coan2ZZAx6HL20eMyBnUNA==
x-oss-server-time: 2
cf-cache-status: HIT
age: 27522
expires: Fri, 26 Apr 2024 12:22:10 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e6dad3cb4f4-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/statics/country/flag/pl.png

104.18.169.76

200 OK

319 B

URL GET HTTP/2
cdn.staticsoe.com/statics/country/flag/pl.png
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 4-bit colormap, non-interlaced
Size
319 B (319 bytes)
Hash
cfd9291e629876037557722530ae6148
9a42c0cc5a94992dea0aa1a7584fd9b403702c1c
22706276ce07b6ade0d9c2c9765ee274d36ea2ea822eb8810b43c9e3d449a001

HTTP Headers

GET /statics/country/flag/pl.png HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:10 GMT
content-type: image/png
content-length: 319
x-oss-request-id: 654EE24D269C5632385B1EED
vary: Origin, Accept-Encoding
etag: "CFD9291E629876037557722530AE6148"
last-modified: Mon, 14 Feb 2022 07:59:45 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15484148905490677633
x-oss-storage-class: Standard
content-md5: z9kpHmKYdgN1V3IlMK5hSA==
x-oss-server-time: 2
cf-cache-status: HIT
age: 65199
expires: Fri, 26 Apr 2024 12:22:10 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e6d9d2bb4f4-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/statics/apps/static/recentsale-front/holiday_newyear.png?x-oss-process=image/resize,m_lfit,w_504

104.18.169.76

200 OK

64 kB

URL GET HTTP/2
cdn.staticsoe.com/statics/apps/static/recentsale-front/holiday_newyear.png?x-oss-process=image/resize,m_lfit,w_504
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 504 x 152, 8-bit/color RGBA, non-interlaced
Size
64 kB (63723 bytes)
Hash
e6946d9873c2839213d19186612b8b88
0ce6bb5b3edeca3f17bd29bf0493c1f57526d046
a781c8cca6c1112f4c5fcd0d4618c11666c6b4807f33c8a0ecfb379c16785665

HTTP Headers

GET /statics/apps/static/recentsale-front/holiday_newyear.png?x-oss-process=image/resize,m_lfit,w_504 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:11 GMT
content-type: image/png
content-length: 63723
x-oss-request-id: 65B5616D90AF51353611305C
vary: Origin, Accept-Encoding
etag: "BD97868B842F91AEC77E2B6DCA9FDC0B"
last-modified: Mon, 14 Feb 2022 07:59:33 GMT
x-oss-object-type: Normal
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 493897066906043259
x-oss-server-time: 4
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:11 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e6f9893b4f4-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231213/41a36559b2eda3838897d211d1caf208.jpg?x-oss-process=image/resize,m_lfit,w_1920

104.18.169.76

200 OK

378 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231213/41a36559b2eda3838897d211d1caf208.jpg?x-oss-process=image/resize,m_lfit,w_1920
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x630, components 3
Size
378 kB (378251 bytes)
Hash
6a0a965ef1db1f7ea62451d3210402c5
1acabd6f40aaf77e1aee0f52903284c9d88471ee
fb1fb65cb29b892e63e75eb53887bdb425c1b90d9489e3c5a53d6c45eb88c0c0

HTTP Headers

GET /uploads/61353/cart/resources/20231213/41a36559b2eda3838897d211d1caf208.jpg?x-oss-process=image/resize,m_lfit,w_1920 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:11 GMT
content-type: image/jpeg
content-length: 378251
cf-bgj: h2pri
etag: "03E7951CA0662D4E79D528B95750EB96"
last-modified: Wed, 13 Dec 2023 10:28:31 GMT
vary: Origin, Accept-Encoding
x-oss-hash-crc64ecma: 4566405124103480816
x-oss-object-type: Normal
x-oss-request-id: 6620B91076EC4B33384D144E
x-oss-server-time: 126
x-oss-storage-class: Standard
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:11 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e6fe912b4f4-OSL
X-Firefox-Spdy: h2

4f-pl.top/theme/default/assets/empty.png

104.16.198.133

200 OK

33 kB

URL GET HTTP/2
4f-pl.top/theme/default/assets/empty.png
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
PNG image data, 1020 x 1020, 8-bit/color RGBA, non-interlaced
Size
33 kB (32646 bytes)
Hash
8c5a3ab01981c42df5e31daee2e8b7b0
bbd4399a810d583f3446587692c556859149b98d
f3de53bb61298cfd17f183f97dacd2c672b34665cbbe778070232ced85386e1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/default/assets/empty.png HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61; app_popups_time_type_diy_1860=0; googtrans=%2Fauto%2Fen
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:11 GMT
content-type: image/png
content-length: 32646
last-modified: Wed, 16 Mar 2022 03:25:53 GMT
etag: "623158c1-7f86"
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:11 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87649e6d99f056c0-OSL
X-Firefox-Spdy: h2

at.alicdn.com/t/font_2997681_8jbkqwwojx3.woff2?t=1638950246505

47.246.44.250

200 OK

684 B

URL GET HTTP/2
at.alicdn.com/t/font_2997681_8jbkqwwojx3.woff2?t=1638950246505
IP
47.246.44.250:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://4f-pl.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT

File type
Web Open Font Format (Version 2), TrueType, length 684, version 1.0
Size
684 B (684 bytes)
Hash
a44567d08fff8b33f8de681e451a27cc
ba48c72327db04232dc2d6a6e47772711fed68fd
b9b719d1e524dddce10fc7c43e45114936dc1f30c5fcc11c309b9ca26acea3e3

HTTP Headers

GET /t/font_2997681_8jbkqwwojx3.woff2?t=1638950246505 HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://4f-pl.top
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 684
date: Thu, 18 Apr 2024 12:22:11 GMT
x-oss-request-id: 662110731F32A83535AFAA06
vary: Origin
accept-ranges: bytes
etag: "A44567D08FFF8B33F8DE681E451A27CC"
last-modified: Wed, 08 Dec 2021 07:57:26 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15427969927471343633
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: pEVn0I//izP43mgeRRonzA==
x-oss-server-time: 1
ali-swift-global-savetime: 1713442931
via: cache16.l2de2[871,870,200-0,M], cache14.l2de2[873,0], ens-cache16.se2[893,893,200-0,M], ens-cache11.se2[894,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Thu, 18 Apr 2024 12:22:11 GMT
x-swift-cachetime: 31104000
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9f17134429307851564e
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231025/A71F20BD-AED9-0674-3403-9947CD612530.webp

104.18.169.76

200 OK

132 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231025/A71F20BD-AED9-0674-3403-9947CD612530.webp
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
132 kB (132376 bytes)
Hash
08f0b9e3744609d1d782389fd52da660
80455c066225f8b0ea763e7345ebd83a4238bc54
16a1d455d9f90c20aa691cf38685ccc6534380123bffe83467b01adb4e95ca20

HTTP Headers

GET /uploads/61353/cart/resources/20231025/A71F20BD-AED9-0674-3403-9947CD612530.webp HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:11 GMT
content-type: image/webp
content-length: 132376
x-oss-request-id: 66211073E2741F353546BABE
vary: Origin, Accept-Encoding
etag: "08F0B9E3744609D1D782389FD52DA660"
last-modified: Wed, 25 Oct 2023 10:17:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 18433192504778825983
x-oss-storage-class: Standard
content-md5: CPC543RGCdHXgjif1S2mYA==
x-oss-server-time: 13
cf-cache-status: MISS
expires: Fri, 26 Apr 2024 12:22:11 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e716bceb4f4-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231025/40F538B3-6B9D-8FE5-6F33-5C83F0BF343D.webp

104.18.169.76

200 OK

187 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231025/40F538B3-6B9D-8FE5-6F33-5C83F0BF343D.webp
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
187 kB (186924 bytes)
Hash
9172424d1c2dcebe5cf20ae3877d2b0f
d059e52458cda0db3f09dddf3ff554523449dcdb
d3ed181038889752671e7c3a0a00b952b6fddb039f0eabf73546bc916cd486c9

HTTP Headers

GET /uploads/61353/cart/resources/20231025/40F538B3-6B9D-8FE5-6F33-5C83F0BF343D.webp HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:17 GMT
content-type: image/webp
content-length: 186924
x-oss-request-id: 662110799979C73638B3BF4C
vary: Origin, Accept-Encoding
etag: "9172424D1C2DCEBE5CF20AE3877D2B0F"
last-modified: Wed, 25 Oct 2023 10:19:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7150653693612398423
x-oss-storage-class: Standard
content-md5: kXJCTRwtzr5c8grjh30rDw==
x-oss-server-time: 5
cf-cache-status: MISS
expires: Fri, 26 Apr 2024 12:22:17 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e970df2b4f4-OSL
X-Firefox-Spdy: h2

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.106

200 OK

0 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://4f-pl.top/
Origin: https://4f-pl.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://4f-pl.top
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 12:22:19 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.106

200 OK

131 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1195
Origin: https://4f-pl.top
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://4f-pl.top
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 12:22:19 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.staticsoe.com/uploads/61353/cart/resources/20231025/72CE85FA-367E-DAC2-640C-9FCC690F0ACD.webp

104.18.169.76

200 OK

98 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231025/72CE85FA-367E-DAC2-640C-9FCC690F0ACD.webp
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
98 kB (98516 bytes)
Hash
3a73bb4caa15e3180176cdc5bb525d56
86dd7dcb83b9f1a7da50b8a67e08c952f36946ca
8f12a1f41524d96c8a35426797ccecf5639f2eeda2c727b5dc53baf88fb7c352

HTTP Headers

GET /uploads/61353/cart/resources/20231025/72CE85FA-367E-DAC2-640C-9FCC690F0ACD.webp HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:23 GMT
content-type: image/webp
content-length: 98516
x-oss-request-id: 6621107FF488A53237C6D526
vary: Origin, Accept-Encoding
etag: "3A73BB4CAA15E3180176CDC5BB525D56"
last-modified: Wed, 25 Oct 2023 10:19:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13542608200541311082
x-oss-storage-class: Standard
content-md5: OnO7TKoV4xgBds3Fu1JdVg==
x-oss-server-time: 1
cf-cache-status: MISS
expires: Fri, 26 Apr 2024 12:22:23 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649ebc8f7db4f4-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231025/A9899E73-0A76-CD73-CA2E-DE15CB0F91B8.webp

104.18.169.76

82 kB

URL
cdn.staticsoe.com/uploads/61353/cart/resources/20231025/A9899E73-0A76-CD73-CA2E-DE15CB0F91B8.webp
IP
104.18.169.76:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
82 kB (81692 bytes)
Hash
3a3bfc9a12d586e6afc2bc59521eb642
23eb22c09ac24baa0b6914b1bb7d4370cdf61b16
159348b823ee0fe3b5e8a0f11916fdb56bdde4b12a82dd2bc0c7f1a6e1b6b56d

HTTP Headers

GET /uploads/61353/cart/resources/20231025/A9899E73-0A76-CD73-CA2E-DE15CB0F91B8.webp HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:29 GMT
content-type: image/webp
content-length: 81692
x-oss-request-id: 66211085B6DE1D393334B61C
vary: Origin, Accept-Encoding
etag: "3A3BFC9A12D586E6AFC2BC59521EB642"
last-modified: Wed, 25 Oct 2023 10:19:57 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10107512397573369056
x-oss-storage-class: Standard
content-md5: Ojv8mhLVhuavwrxZUh62Qg==
x-oss-server-time: 19
cf-cache-status: MISS
expires: Fri, 26 Apr 2024 12:22:29 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649ee20939b4f4-OSL
X-Firefox-Spdy: h2

services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US

54.230.111.129

82 B

URL
services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US
IP
54.230.111.129:0
ASN
#16509 AMAZON-02

File type
JSON text data
Size
82 B (82 bytes)
Hash
4f822d39c269d2c47e3174b6c6bad3b7
d56bd07959c766e9c18faa9cf1070548f9236b65
cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3

HTTP Headers

GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 82
server: openresty
date: Thu, 18 Apr 2024 12:19:12 GMT
allow: GET, HEAD, OPTIONS
x-amo-request-id: 53418e35278d45ecbdef27df3b607be4
content-security-policy: script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; font-src 'self' https://addons.mozilla.org/static-server/; media-src https://videos.cdn.mozilla.net; child-src https://www.recaptcha.net/recaptcha/; default-src 'none'; connect-src 'self' https://*.google-analytics.com; frame-src https://www.recaptcha.net/recaptcha/; img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; form-action 'self'; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; object-src 'none'; report-uri /__cspreport__
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: max-age=3600
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
via: 1.1 google, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AJDq7nYT0cPkJh0TMq0lLiy5ORN2Iw00Ng9b7-9GR6hqTyY8AyHbLA==
age: 202
X-Firefox-Spdy: h2

4f-pl.top/app-api/googletranslate/61353/front/config

104.16.198.133

200 OK

724 B

URL GET HTTP/2
4f-pl.top/app-api/googletranslate/61353/front/config
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (968), with no line terminators
Size
724 B (724 bytes)
Hash
c05da9bbbc6b642bc9e6a80d5428682b
72e3d228163b55c404702c2a773eb965064493cd
1af630d8b5ca7fe8469aa9d9520303b8151d8bb580cd721edbbaf3046bffa5ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-api/googletranslate/61353/front/config HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: application/json; charset=utf-8
x-trace-id: 73455606-A757-B872-1D6D-A88C02D79BD3
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: *
access-control-request-headers: *
access-control-expose-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e5d6c0556c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/0/theme/default/assets/account.css?v=6e42f66bb2c79e42cb37829c9e93d71c

104.18.169.76

200 OK

30 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/assets/account.css?v=6e42f66bb2c79e42cb37829c9e93d71c
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
30 kB (29986 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/0/theme/default/assets/account.css?v=6e42f66bb2c79e42cb37829c9e93d71c HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: text/css
vary: Accept-Encoding, Origin
x-oss-request-id: 661FAF7B1F524730368A7667
last-modified: Wed, 17 Apr 2024 07:16:45 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2072138067842434010
x-oss-storage-class: Standard
content-md5: bkL2a7LHnkLLN4KcnpPXHA==
x-oss-server-time: 1
cf-cache-status: HIT
age: 65315
expires: Fri, 26 Apr 2024 12:22:06 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 87649e54c966b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231025/A58A3D93-8854-30E6-8D09-869F264120DA.webp

104.18.169.76

200 OK

72 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231025/A58A3D93-8854-30E6-8D09-869F264120DA.webp
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
72 kB (71684 bytes)
Hash
29781ea5e42860012d5d595305e4c66c
b09d852e0fac45dbb7a346eeda486d93c4a8003c
5e1dcd6c3fd7f32f2e6067402ac47c969f737bef8cbcc6f0a4b0062e1cd1b298

HTTP Headers

GET /uploads/61353/cart/resources/20231025/A58A3D93-8854-30E6-8D09-869F264120DA.webp HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: image/webp
content-length: 71684
x-oss-request-id: 6614CBC7C3F24535326CFB6A
vary: Origin, Accept-Encoding
etag: "29781EA5E42860012D5D595305E4C66C"
last-modified: Wed, 25 Oct 2023 10:17:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9520531100170390138
x-oss-storage-class: Standard
content-md5: KXgepeQoYAEtXVlTBeTGbA==
x-oss-server-time: 76
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:08 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e5dc989b4f4-OSL
X-Firefox-Spdy: h2

4f-pl.top/homeapi/collect

104.16.198.133

200 OK

9 B

URL POST HTTP/2
4f-pl.top/homeapi/collect
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
311486df619d42e069bcdc41e73f335d
b3f9153ae3eef9847a707e36b7f54f989d4a4235
587b05cd8d59f9820d2cf168b07d46b1519d12ee7a2f7062a2490da0a99ccb50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /homeapi/collect HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
Content-Type: application/json
Content-Length: 913
Origin: https://4f-pl.top
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61; app_popups_time_type_diy_1860=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: text/html;charset=utf-8
trace_id: 61DC133F-F084-454F-6F07-7C7028E03757
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e5f8fde56c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

4f-pl.top/app-assets/recentsale/61353/index.js?var=1698305700

104.16.198.133

200 OK

88 kB

URL GET HTTP/2
4f-pl.top/app-assets/recentsale/61353/index.js?var=1698305700
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type

Size
88 kB (87909 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/recentsale/61353/index.js?var=1698305700 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106E906F3A33331ADE96
last-modified: Thu, 18 Apr 2024 08:20:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1710406399142955086
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: jP6swUQuXjRigKdyhoEKzA==
x-oss-server-time: 1
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:06 GMT
server: cloudflare
cf-ray: 87649e53dad456c0-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-api/recentproductbrowsetool/61353/config

104.16.198.133

200 OK

685 B

URL GET HTTP/2
4f-pl.top/app-api/recentproductbrowsetool/61353/config
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (771), with no line terminators
Size
685 B (685 bytes)
Hash
e11e527a99ff75bcf491335d2555d008
9ca88b01725c6b0be4f19abe1eeed3d28e12ce4c
e420a2e9d97da9742819a9e9b65544a328d0f53e0c4ca5927efb9e691fa42421

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-api/recentproductbrowsetool/61353/config HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: application/json; charset=utf-8
x-trace-id: 38EC2DC8-CA0A-F84B-325B-A9AD72682141
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: *
access-control-request-headers: *
access-control-expose-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e59ad2856c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e

104.18.169.76

200 OK

110 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
110 kB (110217 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: text/css
vary: Accept-Encoding, Origin
x-oss-request-id: 661F7B2E91795F38360AE909
last-modified: Wed, 17 Apr 2024 07:16:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3603105492076268374
x-oss-storage-class: Standard
content-md5: Zu2g3WZyvQUf6w05ufkZfg==
x-oss-server-time: 2
cf-cache-status: HIT
age: 65315
expires: Fri, 26 Apr 2024 12:22:06 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 87649e54c95eb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

4f-pl.top/app-assets/countdown/61353/index.js?var=1698305618

104.16.198.133

200 OK

125 kB

URL GET HTTP/2
4f-pl.top/app-assets/countdown/61353/index.js?var=1698305618
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type

Size
125 kB (125189 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/countdown/61353/index.js?var=1698305618 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106E92105C3831926D6E
last-modified: Thu, 18 Apr 2024 08:20:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6183438159137031776
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: ueyWUpMBQpZJfndThVIciA==
x-oss-server-time: 1
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:07 GMT
server: cloudflare
cf-ray: 87649e53dad256c0-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/0/theme/default/assets/vendor.css?v=8bf6ee9d0cb37ac6af2ef2619c479347

104.18.169.76

200 OK

74 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/assets/vendor.css?v=8bf6ee9d0cb37ac6af2ef2619c479347
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (35771)
Size
74 kB (74531 bytes)
Hash
8bf6ee9d0cb37ac6af2ef2619c479347
69bc61bbd878435fcb91abbc97908573ff7f631d
b40b0219d705f3ef33e5b2bea78e988251e4c00dfa9fa63e58c85cfa1fc8ff8d

HTTP Headers

GET /uploads/0/theme/default/assets/vendor.css?v=8bf6ee9d0cb37ac6af2ef2619c479347 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: text/css
vary: Accept-Encoding, Origin
x-oss-request-id: 661FB7C09979C738352F207C
last-modified: Wed, 17 Apr 2024 07:16:45 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 18289564630321224492
x-oss-storage-class: Standard
content-md5: i/bunQyzesavLvJhnEeTRw==
x-oss-server-time: 1
cf-cache-status: HIT
age: 65315
expires: Fri, 26 Apr 2024 12:22:06 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 87649e54c96bb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

4f-pl.top/app-api/gift/61353/front/config

104.16.198.133

200 OK

826 B

URL GET HTTP/2
4f-pl.top/app-api/gift/61353/front/config
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (906), with no line terminators
Size
826 B (826 bytes)
Hash
022136a3458b3f7953e86bf70ed51acb
247dacacfcfa45ef64b5feadfb316cbf7ac8d554
ebf7067fae34d4959ea7c8eb56ad9837500ea7745f635363cbfc063a7586d8c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-api/gift/61353/front/config HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61; app_popups_time_type_diy_1860=0; googtrans=%2Fauto%2Fen
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: application/json; charset=utf-8
x-trace-id: F62783D9-3783-6861-3F2C-158A7E933CE8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: *
access-control-request-headers: *
access-control-expose-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e5ff8ad56c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

4f-pl.top/app-api/searchbox/61353/front/config

104.16.198.133

200 OK

112 B

URL GET HTTP/2
4f-pl.top/app-api/searchbox/61353/front/config
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
bb6e56ca14f2d83afbb83870ed8b6285
d4fadb7ed2f28ad0d91946411bd1fb97048eaa17
76a8942c4ade5cac7d78916c39c453516ca10fdc7e659b40ad2ca5367f8dafcc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-api/searchbox/61353/front/config HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/json; charset=utf-8
x-trace-id: A8897BF4-3479-69C0-B889-9EEF3E086C01
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: *
access-control-request-headers: *
access-control-expose-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e59ad3456c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

4f-pl.top/app-api/trusttool/61353/config?&route=index/index

104.16.198.133

200 OK

3.3 kB

URL GET HTTP/2
4f-pl.top/app-api/trusttool/61353/config?&route=index/index
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (3718), with no line terminators
Size
3.3 kB (3266 bytes)
Hash
e9286a0d9650fd091d7f7d4cdd1b1761
f77ef704b39e915062f7cfc5b63ee1421cb80942
8538aa240dfc6a6b4cab6a84b776e939482d4969313cf535b0487b44c0a0f6bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-api/trusttool/61353/config?&route=index/index HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: application/json; charset=utf-8
x-trace-id: ADBD8FC1-7809-233F-6883-CF59644C4F85
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: *
access-control-request-headers: *
access-control-expose-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e5c6a7e56c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

4f-pl.top/homeapi/diyoffers/gift/products

104.16.198.133

200 OK

14 kB

URL GET HTTP/2
4f-pl.top/homeapi/diyoffers/gift/products
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type

Size
14 kB (13998 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /homeapi/diyoffers/gift/products HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: application/json; charset=utf-8
x-trace-id: 0F60AED1-1D45-476C-B65F-7BA0D4BEF54C
execution-time: 0.0262060165
set-cookie: PHPSESSID=973f098fe3df658db35fae61662ee28c; path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e5d7c0b56c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231025/60A6D948-8375-A133-8E87-BF6996967418.webp

104.18.169.76

200 OK

94 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231025/60A6D948-8375-A133-8E87-BF6996967418.webp
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
94 kB (93920 bytes)
Hash
ff15f7fcfd6b2ae71e6cc1d9177a02f5
4898b23739186e4c86f01f4c486d006e15b5440d
14d40adc28c68e0c5125748d1a1382929e4a71e39e18be0dc2736308a85db502

HTTP Headers

GET /uploads/61353/cart/resources/20231025/60A6D948-8375-A133-8E87-BF6996967418.webp HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: image/webp
content-length: 93920
x-oss-request-id: 6620B90D8BAF6733373E2C6B
vary: Origin, Accept-Encoding
etag: "FF15F7FCFD6B2AE71E6CC1D9177A02F5"
last-modified: Wed, 25 Oct 2023 10:17:17 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12927719686473964969
x-oss-storage-class: Standard
content-md5: /xX3/P1rKucebMHZF3oC9Q==
x-oss-server-time: 79
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:08 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e5db982b4f4-OSL
X-Firefox-Spdy: h2

4f-pl.top/homeapi/collect

104.16.198.133

200 OK

9 B

URL POST HTTP/2
4f-pl.top/homeapi/collect
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
311486df619d42e069bcdc41e73f335d
b3f9153ae3eef9847a707e36b7f54f989d4a4235
587b05cd8d59f9820d2cf168b07d46b1519d12ee7a2f7062a2490da0a99ccb50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /homeapi/collect HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
Content-Type: application/json
Content-Length: 585
Origin: https://4f-pl.top
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61; app_popups_time_type_diy_1860=0; googtrans=%2Fauto%2Fen
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:09 GMT
content-type: text/html;charset=utf-8
trace_id: 48D22B91-FEFF-F961-3ADE-26E5AB2D8E9B
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e655b8656c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

4f-pl.top/app-assets/gift/61353/index.js?var=1702029258

104.16.198.133

200 OK

149 kB

URL GET HTTP/2
4f-pl.top/app-assets/gift/61353/index.js?var=1702029258
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type

Size
149 kB (148861 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/gift/61353/index.js?var=1702029258 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106EDCA49D30330BE814
last-modified: Thu, 18 Apr 2024 08:20:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3466750329570164386
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: dixia1FE+DC5lujkRA4+xw==
x-oss-server-time: 1
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:06 GMT
server: cloudflare
cf-ray: 87649e53eadd56c0-OSL
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

142.250.74.46

200 OK

90 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2064)
Size
90 kB (89739 bytes)
Hash
515dcda33a8b5322ad7845d6f81e44ed
1c3b96df7d3bf35f71b49a961fde16c88062cf8c
08ff12bf96785cb8a465e6c1fdaac1d025a0f713ad10ee2095e414edbcac5de0

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 12:22:08 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

4f-pl.top/app-api/popups/61353/front/config

104.16.198.133

200 OK

1.8 kB

URL GET HTTP/2
4f-pl.top/app-api/popups/61353/front/config
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1973), with no line terminators
Size
1.8 kB (1765 bytes)
Hash
abbd11edf078d4490c271c41c35e79ef
4d4977c594138a1ade8ffeb16fb5c61e6ca2f932
cd35c1f6989134001e6561d08c6244d5a98bcfb2389b118d4f3dfbc4eade4fc9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-api/popups/61353/front/config HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: application/json; charset=utf-8
x-trace-id: F944C01E-124A-B0E7-1D05-A62B89BC1127
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: *
access-control-request-headers: *
access-control-expose-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e5d7c1456c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

4f-pl.top/

104.16.198.133

200 OK

842 kB

URL User Request GET HTTP/2
4f-pl.top/
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type

Size
842 kB (842240 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: _fbs_fbp=fb.1.1713442925971.1782895580; expires=Wed, 17-Jul-2024 12:22:05 GMT; Max-Age=7776000; path=/
oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; expires=Sun, 16-Apr-2034 12:22:05 GMT; Max-Age=315359999; path=/
oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; expires=Sun, 16-Apr-2034 12:22:05 GMT; Max-Age=315359999; path=/
oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; expires=Fri, 19-Apr-2024 12:22:05 GMT; Max-Age=86399; path=/
utm_source=direct; expires=Sat, 18-May-2024 12:22:05 GMT; Max-Age=2591999; path=/
utm_medium=default; expires=Sat, 18-May-2024 12:22:05 GMT; Max-Age=2591999; path=/
utm_term=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
utm_campaign=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
utm_content=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; path=/
landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; expires=Fri, 18-Apr-2025 12:22:05 GMT; Max-Age=31535999; path=/
oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; expires=Thu, 18-Apr-2024 12:52:05 GMT; Max-Age=1799; path=/
first_http_referer=null; expires=Sat, 18-May-2024 12:22:05 GMT; Max-Age=2591999; path=/
PHPSESSID=973f098fe3df658db35fae61662ee28c; path=/
execution-time: 0.1102619171
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e4d5f1956c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

4f-pl.top/homeapi/collect

104.16.198.133

200 OK

9 B

URL POST HTTP/2
4f-pl.top/homeapi/collect
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
311486df619d42e069bcdc41e73f335d
b3f9153ae3eef9847a707e36b7f54f989d4a4235
587b05cd8d59f9820d2cf168b07d46b1519d12ee7a2f7062a2490da0a99ccb50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /homeapi/collect HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
Content-Type: application/json
Content-Length: 410
Origin: https://4f-pl.top
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: text/html;charset=utf-8
trace_id: 9350F23A-6541-0E58-8664-2004082EFB6E
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e56d84b56c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

4f-pl.top/app-assets/searchbox/61353/index.js?var=1703576531

104.16.198.133

200 OK

40 kB

URL GET HTTP/2
4f-pl.top/app-assets/searchbox/61353/index.js?var=1703576531
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
JavaScript source, ASCII text, with very long lines (40301), with no line terminators
Size
40 kB (40301 bytes)
Hash
ae222bfdd9b78e6e568bf0dde60725ec
e4c9ba390c97efbab18af907e17f2671e55a638c
6bac07d5fedb0465bd545b1b039c08aacdac4a0b53521793ba33b6aaead0744c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/searchbox/61353/index.js?var=1703576531 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106EAE16C733349DC7EC
last-modified: Thu, 18 Apr 2024 08:20:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12146041782393094799
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: riIr/dm3jm5Wi/Dd5gcl7A==
x-oss-server-time: 2
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:07 GMT
server: cloudflare
cf-ray: 87649e53eaeb56c0-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-assets/popups/61353/index.js?var=1709719087

104.16.198.133

200 OK

218 kB

URL GET HTTP/2
4f-pl.top/app-assets/popups/61353/index.js?var=1709719087
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type

Size
218 kB (217930 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/popups/61353/index.js?var=1709719087 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106EABA4B73532024503
last-modified: Thu, 18 Apr 2024 08:20:57 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4969094856114232348
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: vjS0dKd4gd2nBReGQ167qQ==
x-oss-server-time: 1
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:07 GMT
server: cloudflare
cf-ray: 87649e53eb0c56c0-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-api/popups/61353/front/count/1860?&type=exposure_times

104.16.198.133

200 OK

145 B

URL GET HTTP/2
4f-pl.top/app-api/popups/61353/front/count/1860?&type=exposure_times
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
beb8f944145d9ae1f6c02cc720af1dc3
627a15f55eef7de0965fabae78b5fecd15100376
548dd79112d0174f6506ddc01708ff448e543fa68ab723289a6ca31f212a2cb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-api/popups/61353/front/count/1860?&type=exposure_times HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2012%3A22%3A06; _scid=5e010756-ae89-4e05-9ff9-67f17a360d61; _scid_r=5e010756-ae89-4e05-9ff9-67f17a360d61; app_popups_time_type_diy_1860=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: application/json; charset=utf-8
x-trace-id: B59FE9EC-D4EF-F2C3-417B-D72FB621B41E
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: *
access-control-request-headers: *
access-control-expose-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87649e5f8fdf56c0-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231206/61353_4647d06ee552dde6979165c97fab5d74.jpg

104.18.169.76

200 OK

74 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231206/61353_4647d06ee552dde6979165c97fab5d74.jpg
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 688x448, components 3
Size
74 kB (73531 bytes)
Hash
faeb0375cbf723d696836d34ab6b7cc5
e877824578c0709d19878ea3c515b06d266b13d6
a3c43de3a5a48d15f73eac0bc7b64ac5b170183d6c826e9e4fe0cc19991ec5e8

HTTP Headers

GET /uploads/61353/cart/resources/20231206/61353_4647d06ee552dde6979165c97fab5d74.jpg HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: image/jpeg
content-length: 73531
cf-bgj: h2pri
content-md5: +usDdcv3I9aWg200q2t8xQ==
etag: "FAEB0375CBF723D696836D34AB6B7CC5"
last-modified: Wed, 06 Dec 2023 02:59:20 GMT
vary: Origin, Accept-Encoding
x-oss-hash-crc64ecma: 475658653454908626
x-oss-object-type: Normal
x-oss-request-id: 660B30FF9979C73331450D50
x-oss-server-time: 120
x-oss-storage-class: Standard
cf-cache-status: HIT
age: 22370
expires: Fri, 26 Apr 2024 12:22:08 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e5f8c59b4f4-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-assets/googletranslate/61353/index.js?var=1698305836

104.16.198.133

200 OK

86 kB

URL GET HTTP/2
4f-pl.top/app-assets/googletranslate/61353/index.js?var=1698305836
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (85748 bytes)
Hash
d33e76d517fdde7a64d49493dc656f88
632f0db0e05f1381285e370184b67a4f709c9b5a
acc0aa77d07c8df25cedf0e95eab58490c1102d0978f89aca5d43762d0aac6ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/googletranslate/61353/index.js?var=1698305836 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106FFFB398383625D8C7
last-modified: Thu, 18 Apr 2024 08:20:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5480370437985418128
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: 0z521Rf93npk1JST3GVviA==
x-oss-server-time: 4
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:07 GMT
server: cloudflare
cf-ray: 87649e53dad556c0-OSL
X-Firefox-Spdy: h2

4f-pl.top/app-assets/recentproductbrowsetool/61353/index.js?var=1702031713

104.16.198.133

200 OK

125 kB

URL GET HTTP/2
4f-pl.top/app-assets/recentproductbrowsetool/61353/index.js?var=1702031713
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerGoogle Trust Services LLC
Subject4f-pl.top
Fingerprint03:D0:1E:89:E1:CA:67:8F:D1:9E:D8:8C:54:E2:84:81:B5:FF:C9:11
ValidityFri, 08 Mar 2024 05:46:02 GMT - Thu, 06 Jun 2024 05:46:01 GMT

File type

Size
125 kB (124710 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app-assets/recentproductbrowsetool/61353/index.js?var=1702031713 HTTP/1.1
Host: 4f-pl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4f-pl.top/
DNT: 1
Connection: keep-alive
Cookie: _fbs_fbp=fb.1.1713442925971.1782895580; oemsaas_global_visit_id=4CBD53B3-64A5-3520-9280-47550085D7F8; oemsaas_checkout_visit_id=60E5C876-ED1F-D8A7-A5B7-D6375CD54118; oemsaas_global_visit_session=7196510B-9123-09EF-CCB8-AA025941B0D0; utm_source=direct; utm_medium=default; order_utm_history=%5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1713442925%2C%22expire_time%22%3A1716034925%7D%5D; landing_page=aHR0cHM6Ly80Zi1wbC50b3Av; oemsaas_keep_alive=6950CAB4-E284-4890-9F21-15C37512EED3; first_http_referer=null; PHPSESSID=973f098fe3df658db35fae61662ee28c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6621106FDE8D20303610F79E
last-modified: Thu, 18 Apr 2024 08:20:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17129252221536811924
x-oss-storage-class: Standard
cache-control: public, max-age=14400
x-oss-ec: 0048-00000113
content-disposition: attachment
x-oss-force-download: true
content-md5: pB85SzGASEgb1nR1stZlVg==
x-oss-server-time: 2
content-encoding: gzip
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 16:22:07 GMT
server: cloudflare
cf-ray: 87649e53eae556c0-OSL
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/61353/cart/resources/20231027/d824ccda1f5d2aabdeaf4008c56e2762.png?x-oss-process=image/resize,m_lfit,w_130

104.18.169.76

200 OK

2.0 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/61353/cart/resources/20231027/d824ccda1f5d2aabdeaf4008c56e2762.png?x-oss-process=image/resize,m_lfit,w_130
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4f-pl.top/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 130 x 63, 8-bit/color RGBA, non-interlaced
Size
2.0 kB (2010 bytes)
Hash
202449ad6d22b988be03ac1e51076b99
4de889ab5a68933bac9da936150a182ef8630ead
c25d61559506af3229815df770a769a854b50129e35e28a029050b060367eb62

HTTP Headers

GET /uploads/61353/cart/resources/20231027/d824ccda1f5d2aabdeaf4008c56e2762.png?x-oss-process=image/resize,m_lfit,w_130 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:22:08 GMT
content-type: image/png
content-length: 2010
x-oss-request-id: 661E06585EDFF633314B74F2
vary: Origin, Accept-Encoding
etag: "D358C2728D38B73D0785B2193560965F"
last-modified: Fri, 27 Oct 2023 03:26:25 GMT
x-oss-object-type: Normal
x-oss-storage-class: Standard
x-oss-server-time: 7
x-oss-hash-crc64ecma: 10212587430769639730
cf-cache-status: HIT
age: 22371
expires: Fri, 26 Apr 2024 12:22:08 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 87649e5dc98cb4f4-OSL
X-Firefox-Spdy: h2

at.alicdn.com/t/font_3322510_mbcsazk8hbh.woff2?t=1649751168305

47.246.44.250

200 OK

2.2 kB

URL GET HTTP/2
at.alicdn.com/t/font_3322510_mbcsazk8hbh.woff2?t=1649751168305
IP
47.246.44.250:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://4f-pl.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT

File type
Web Open Font Format (Version 2), TrueType, length 2156, version 1.0
Size
2.2 kB (2156 bytes)
Hash
a36453e7c0949c8d34e3cdbf3839c58d
d618c2eb83361a5b3d899728ef1c353f23588852
c7607c52d51b6aba39419b7783ad7f2c8f82024a3718f3dd953bf68efaa88af9

HTTP Headers

GET /t/font_3322510_mbcsazk8hbh.woff2?t=1649751168305 HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://4f-pl.top
DNT: 1
Connection: keep-alive
Referer: https://4f-pl.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 2156
date: Thu, 18 Apr 2024 08:48:20 GMT
x-oss-request-id: 6620DE549F70D63139EA1D16
vary: Origin
accept-ranges: bytes
etag: "A36453E7C0949C8D34E3CDBF3839C58D"
last-modified: Tue, 12 Apr 2022 08:12:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8986299596544116107
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: o2RT58CUnI00482/ODnFjQ==
x-oss-server-time: 1
ali-swift-global-savetime: 1713430100
via: cache23.l2de2[1181,1181,200-0,M], cache8.l2de2[1183,0], ens-cache6.se2[0,0,200-0,H], ens-cache11.se2[1,0]
age: 12828
x-cache: HIT TCP_HIT dirn:10:70513561
x-swift-savetime: Thu, 18 Apr 2024 08:48:20 GMT
x-swift-cachetime: 31104000
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9f17134429284488439e
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (49)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML