| downgoodsk.live/static/logo.png | 104.21.8.106 | 200 OK | 4.6 kB |
URL GET HTTP/3downgoodsk.live/static/logo.png IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typePNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced Hashe4cdc6959f08294d79ba65acc4767bca 3fae9f20dd977934a6762be64f7e26509cc3eaaa cd2cd2c4ec5ee724f31ab874d574820567c3407eedc6ee65b94fe6161ea2b0a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/logo.png HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: image/png
content-length: 4595
last-modified: Mon, 09 Oct 2023 06:21:06 GMT
etag: "11f3-6074298668fb6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcqEA8W4RGP3IqzA7tQc0Ig2159RGwntGqUr%2BGfr%2BSyAaxFZhhN09wRVHCBx%2FVlRMWw527ll4U3Wl%2FS6qsQFU9zw%2FgBn73Tsa28fz519x70uqVk6k%2B31T%2BrPieg3Liw%2BgOU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaae63bb5e1c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/market/img/payment.png | 104.21.8.106 | 200 OK | 15 kB |
URL GET HTTP/3downgoodsk.live/static/market/img/payment.png IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typePNG image data, 342 x 26, 8-bit/color RGBA, non-interlaced Hashd9e27afb8d07e73a5d78c58219db8284 2c8e0b0821ae555b66a6d9ad9d3f3a97d8164f99 1567d764b3ee71f11f52d807789d9a970c60dd195b39f2b295d476308d76aeb3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/market/img/payment.png HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: image/png
content-length: 14874
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: "3a1a-6055d10eca685"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQGSZB1vOByBg2X0doJV544Q6TiiWdM87eoll4L5TW6CLP9rZrsVIO%2BsVzdurfGc%2BB9uC1Z3IPksC%2FU7M%2FZ3xbJCWxJTJHGB50UXh%2BYFFYbX7%2FwQZYrkp77kd3jAF%2FdOWdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaae63bb601c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css | 104.17.25.14 | 200 OK | 38 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css IP104.17.25.14:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash9a547188fa485f8ca9b2cc7d6d2524ef 7893335159a1f637eb24cd05aaba96ac156c7f65 897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433
GET /ajax/libs/vant/2.12.48/index.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css; charset=utf-8
content-length: 38108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-94dc"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 253772
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=glmAIeMNKB1lbhpAS5NT%2B6SiQ1SEmmw5lZUS55jGiRh1HKlEBtwb7xPRUpytRwst%2BO7%2BkwFmHa2OkxOHNMme3SQStcAz8oPnkfywuPs8LwnxfqeEVMdSQbhWuzP3ZbBinsHVW0TO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae63fe98b515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js | 104.17.25.14 | 200 OK | 68 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js IP104.17.25.14:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (57307) Hash0292da744fb4f768ae77370f868a674e 6dbafd633d187d11e2ef0a9a47044fd5646c70fb 068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468
GET /ajax/libs/vant/2.12.48/vant.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 67811
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-108e3"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 251788
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBVVnOfOBwxLs9ZFYs5lsq%2F4Nx%2Bts0kr2f5Uv7%2F6cx1DlWBpwGQdm4QqPiZANVJEgNYC9mMzmIDj4iaDsnhUjpguB97s8gItnDUl%2Fz4fe7Jg0sTVHXcwTSnXuL2T4wtndNC58agd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae641ec8b515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js | 104.17.25.14 | 200 OK | 50 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js IP104.17.25.14:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashde581e420bf52d70e353080a13094ea8 7e727d99fea8c31c2f2e3173105d585ee3289d31 4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5
GET /ajax/libs/Swiper/8.3.2/swiper-bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 49876
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-c2d4"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 253204
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AajLqXnz6pObzLUoJWCUFf595p2iCwk4QpLY5PA9qQnel2deZY%2BK6kTTUtnsBkvWcOWea8ITxlYChVijfhY1c%2FwKtfTZLdgCSoM5OanxZeq%2BQ%2BLJoZC8poi5oabEzRkE8Al021QT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae642ecfb515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js | 104.17.25.14 | 200 OK | 4.9 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js IP104.17.25.14:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14957) Hash5f4a59735ca9517d0478f395439bd517 f820c08cf114da8ec451e8eedc0da51dfcba5e02 ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9
GET /ajax/libs/vue-resource/1.5.3/vue-resource.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 4866
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c785b9-1302"
last-modified: Mon, 14 Jun 2021 16:37:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 251782
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azb5qKs6a0sCl%2FXFimhbOtDhx0zy0GRQt9KNpiICQoN65rLBP6pDxDJNvW4JFKkdWIfLAVhWaE9meuCnL8clm1cH1a5wYXE9lmVuopQqLi3LVpg03jdHH3mBf%2F9V028dVYEePivr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae641ebfb515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css | 104.17.25.14 | 200 OK | 3.9 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css IP104.17.25.14:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (16213) Hash951eae8c8a442c2940c54d180301ed41 771518669a370d915adf0d207f2a22092a768cd1 4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d
GET /ajax/libs/Swiper/8.3.2/swiper-bundle.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css; charset=utf-8
content-length: 3945
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-f69"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 248545
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yV4p%2FAvq2AXujqsJaVDCNQHGGITVscSsOjDHTiH82mfe5Ic1FfXHKMtYSl9ciNi53r%2FskA9ozSXjLU5tJKTgnWS3IPrTPmUXKj8IYrIXj1orTp5qcFj9dP5yDxbRZ9zfA09Oq5Ug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae642eccb515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downgoodsk.live/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 | 104.21.8.106 | 200 OK | 248 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Size248 kB (247960 bytes) Hash460a87515a875f40f12fce6252998712 d109154ba594fb13928ee769a833ef6a84eec026 23deb759ba0ace22a67a05c5b6df1ab1eab7b510718debc54925447b0de7d9ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://downgoodsk.live/static/your/css/font-awesome.min.css
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: font/woff2
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"12d68-6055d10ef2f03-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYPPN%2Fh82SujzFmhICEsndAWIwQzrtPvWNCXq4LaBUG00OFrRzjtRKfhW16JdEWcRsmOhXoBVquUCmz6VkHBxVc7BUTd9UWv2M%2F3SBVA9NC4a4ZL9MeqrwU2Yn6k1mdHESE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae67a8781c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/opencart.css | 104.21.8.106 | 200 OK | 1.1 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/opencart.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Hash6af40eff9c7c0646c617bf773fefa669 1738a1e96c289937fda2861d8c26217ee31f18d6 89736a467316752012bb0a952a094c5f943a387813ac1d8a51c224af21e1d4ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/opencart.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"77c-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brUQtLPSoLY9Q4AscOyxlkfjjzs3qUReEL%2BvvpV67Hjs1zH%2FQE5DUzJzE3t8uDqc8fVjhOsjaLLnMOCRG9oFaoApWaOLlXpvY2VKcZC7i%2FvabgtD%2BCkjUSddsQZ%2BADt33%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b201c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/jquery-ui.min.css | 104.21.8.106 | 200 OK | 11 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/jquery-ui.min.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (15129) Hash1f29bef8e189e09389ee650069da29d0 85ec0a5126e957e1f0596cf84010cf41e1fa321c 3d94f00ea8118cfa7a40019dd8696ebf16aebdd92f0ff5fec0411e97b8b7c44c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/jquery-ui.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"415a-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKiunYbGxSD9C22BP91bAgDNxh%2FL7znn4fELDE2Fl2Sc%2BfalbIH%2BE7SdmBza%2BiUN%2FnljN%2BwG2i%2Bn51yeH1JAQ%2FntdH9ZwqrRqIbdHYo%2FAAVAQIU2oqkrmyb%2BZQZ9NbOlpcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae639b231c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/default/css/iconfont.css | 104.21.8.106 | 200 OK | 9.6 kB |
URL GET HTTP/3downgoodsk.live/static/default/css/iconfont.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Hash717c6e58da97df4ca9866d0cf9f1eecb 53b035e4136e3fcbf6d710633c10562bbb8fb1eb 8b3c92ce43d9af1d42ae13507d542ff6de94684152fec5f111c1e138db769d5a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/css/iconfont.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"55c-6055d10ea1636-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CenfrxOcqcTcDeFA50sCKd%2BYCh5xyagtKqCQGlgQBmbt1HLuI8HaN1Sb34cFUnqe3Y6FcXUFzu6ka6TtlT5gIb3Hmpd7l7R8y7fem5uMAhKyH94Ld6sJ3NdNogcWBYWgREQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae639b3a1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/market/js/jquery.min.js | 104.21.8.106 | 200 OK | 41 kB |
URL GET HTTP/3downgoodsk.live/static/market/js/jquery.min.js IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/market/js/jquery.min.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"14915-6055d10ecc1dd-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5ircloTxmhl5ZxVot1MGBz1aVf14xrfS6%2BYvcOWw0zKGhEbeGRsHQ8oPSfy%2BreIqiF2lkIQnoD7csiv64mXtee6MJ2YDdBwzkoGccramdUEAFihtAjKeaNyhz2aCi%2FqCLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae639b2d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/default/js/public.js | 104.21.8.106 | 200 OK | 4.4 kB |
URL GET HTTP/3downgoodsk.live/static/default/js/public.js IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash53ceae9d8b9f4372ad101d91439cdbb7 662fa3a84762aee5bcb1da67ebbe2e37b3eeb79e 535ee4fa0189e79bd9a7d6ae4aa466180c4ac5b82b47647482ddce74587ce249
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/js/public.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"76f-6055d10ea54b7-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmDPRKlymbmI%2FYgqVThjS0qFqRkOsd5HiesSgxjntEhyz6jj2y5VhYcOwuLFXyy8qBgVg1Wv4tdBtYepyKZ7KKUa3ei1HiU0Dg08eHXnYMMAe5Z1c9tYd5JtGbnjlONYxIk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae63ab481c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/traffic_statistics?gurl= | 104.21.8.106 | 200 OK | 381 kB |
URL GET HTTP/3downgoodsk.live/traffic_statistics?gurl= IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Size381 kB (381293 bytes) Hash2847d26143b4cfb6d1831517905a46e3 c2eeb30371109bd405656cafc353ca5948da0659 bb7f050911008f1708e2891b7a988fe97480dd6278402d3c14837eb339a10133
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /traffic_statistics?gurl= HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:17 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IisvZXFNUW1EdHYyRmp4UUo2TW9QdUE9PSIsInZhbHVlIjoiZTdDWklYMGtOZVpDZ2ZoMXVMc2kxZTAvdEhiWnRSR1VFSHNUZFJkdkQvbnhlWlEwK3o3aDNpUnRhNm5oYTN4ekNXQ3FJRGl1TnN6NXBnZ0R2djFXaU93OVcyZHpZK3oyUGhtUXNSWVYvTVR3TWplZDBWUlZnaytPTGpXU1hQaUIiLCJtYWMiOiI5OWVlYTBiZjUwYTg5NDliMDcxMTUzMTYzY2VlYmY5OGJmNTNiNzhmODNkNTc1N2MwZWE2MjVhZGUxOWVlNWQxIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:17 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NhhRj0WnQO%2FUXy1cPhLVAUDJX5ynmOdqfFcUK30JGmhfbeCAVzLEHe%2FCDufr1%2FS5fwTl6gYcAx8qaIZ7IKY2kjHozQNCG%2BSyeyM8ev2crydqHdStqvSzJ37UIyoCPMaakFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae68da151c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/owl.carousel.min.css | 104.21.8.106 | 200 OK | 1.3 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/owl.carousel.min.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (2846) Hashde0dfbabe627afa1b718d848b6b58e97 73d8a692734089983b00005d99ef8e5e5b0dadeb 016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/owl.carousel.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"b78-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SWSyFmMnbf96pNO4gdCSafPIMKW8Y1RDU9U1Mys3CBw6DhyLLrS%2FPPoH5ft8bq4dw0ClgX9eWgLxOMYSpB1JFRtmaZBJ1JvRs8urw3KbbPeDuZFgkmkjj41u3JTTmK6vdns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b071c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| i.redd.it/m0xgmjgc00d71.jpg | 151.101.129.140 | 200 OK | 461 kB |
URL GET HTTP/2i.redd.it/m0xgmjgc00d71.jpg IP151.101.129.140:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerDigiCert Inc Subject*.redd.it Fingerprint33:78:3E:06:F8:D9:1E:16:2B:2C:23:83:A1:19:F9:33:C7:B8:88:33 ValidityTue, 16 Jan 2024 00:00:00 GMT - Sat, 13 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2320x3088, components 3 Size461 kB (461351 bytes) Hash6b5face38bbc96e0f320749d7b462e04 7d952c60d1fb21848c22b7734d75c229a1abd7a7 2b7fc91489fa538095eded332bdfa0ad2978513d8445de5331cba4918fa96307
GET /m0xgmjgc00d71.jpg HTTP/1.1
Host: i.redd.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Jul 2021 17:35:36 GMT
etag: "6b5face38bbc96e0f320749d7b462e04"
expires: Thu, 31 Dec 2037 23:59:59 GMT
x-amz-version-id: null
content-type: image/jpeg
x-canonical-filename-image-generation: 1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 May 2024 18:51:21 GMT
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 1.0, "failure_fraction": 1.0}
content-length: 461351
X-Firefox-Spdy: h2
|
|
| assets.adidas.com/images/h_840,f_auto,q_auto,fl_lossy,c_fill,g_auto/684141223f17416f9541ac1c00062bc2_9366/3-Stripes_Quarter-Zip_Pullover_Black_GM0026_01_laydown.jpg | 151.101.130.24 | 200 OK | 5.3 kB |
URL GET HTTP/2assets.adidas.com/images/h_840,f_auto,q_auto,fl_lossy,c_fill,g_auto/684141223f17416f9541ac1c00062bc2_9366/3-Stripes_Quarter-Zip_Pullover_Black_GM0026_01_laydown.jpg IP151.101.130.24:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerGlobalSign nv-sa Subjects1-san.cloudinary.com Fingerprint37:A4:DE:A2:EE:EB:8C:78:8E:BC:6B:2E:1E:30:8C:3A:A7:0C:FD:E4 ValidityMon, 07 Aug 2023 16:54:08 GMT - Sat, 07 Sep 2024 16:54:07 GMT
Hash3b5806fb8e165fc457086a2cd7054306 7e02e5d51cfe24fe832235102dae2f36ead8f294 6003d18b9154fc71e480005156e999542174e23f6f59864ae898b161d3b89904
GET /images/h_840,f_auto,q_auto,fl_lossy,c_fill,g_auto/684141223f17416f9541ac1c00062bc2_9366/3-Stripes_Quarter-Zip_Pullover_Black_GM0026_01_laydown.jpg HTTP/1.1
Host: assets.adidas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/avif
etag: "3b5806fb8e165fc457086a2cd7054306"
last-modified: Tue, 20 Jun 2023 06:58:29 GMT
date: Sat, 04 May 2024 18:51:21 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, max-age=86400
server-timing: cld-fastly;dur=211;cpu=1;start=2024-05-04T18:51:21.448Z;desc=miss,rtt;dur=28,content-info;desc="width=840,height=840,owidth=2400,oheight=2400,obytes=2700108",cloudinary;dur=88;start=2024-05-04T18:51:21.511Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5316
X-Firefox-Spdy: h2
|
|
| s3.amazonaws.com/sandiego.com.br/catalog/product/cache/1/small_image/600x900/9df78eab33525d08d6e5fb8d27136e95/4/8/48344_1004-0019-05.jpg | 52.217.133.0 | 200 OK | 151 kB |
URL GET HTTP/1.1s3.amazonaws.com/sandiego.com.br/catalog/product/cache/1/small_image/600x900/9df78eab33525d08d6e5fb8d27136e95/4/8/48344_1004-0019-05.jpg IP52.217.133.0:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerAmazon Subjects3.amazonaws.com Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x900, components 3 Size151 kB (150831 bytes) Hash087d2a6131c2e514b5fb431c73c74069 0cbe06d9f5392057ef210b163f063b91d25f56ef daa5a41aacd82c73093e77fce091b789ad9bbc26b5aea5f15d4ec3e5d511423c
GET /sandiego.com.br/catalog/product/cache/1/small_image/600x900/9df78eab33525d08d6e5fb8d27136e95/4/8/48344_1004-0019-05.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: JvwGj2b4hlWroWAXOJlr+YNE1BOTusVRPvLe/FRI9Lpmw4UF1BVLRO327luCqRdyCY8nhpjy9/g=
x-amz-request-id: BGF811VW6TMXAMKY
Date: Sat, 04 May 2024 18:51:22 GMT
Last-Modified: Mon, 06 Jun 2022 14:22:57 GMT
ETag: "087d2a6131c2e514b5fb431c73c74069"
Cache-Control: max-age
Expires: Wed, 06 Jul 2022 14:22:56 GMT
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 150831
|
|
| api.reveri.io/api/image/a19ade20-0e2a-4327-8f94-33ffd49d5032 | 20.49.104.4 | 200 OK | 46 kB |
URL GET HTTP/1.1api.reveri.io/api/image/a19ade20-0e2a-4327-8f94-33ffd49d5032 IP20.49.104.4:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerGoDaddy.com, Inc. Subject*.reveri.io FingerprintA7:99:CC:6A:33:FE:15:4B:4B:48:8F:2E:2F:F9:E3:91:F8:42:77:49 ValiditySun, 18 Jun 2023 10:59:52 GMT - Fri, 19 Jul 2024 10:59:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 800x789, components 3 Hash4d29d458c708f1a1963b91b80e57061f c7a14e32dfecc3e957052694a5b25b58e41afdda 5f17b6ba19dfbcc381c381c86e06e483fd9176423e73ac85371305ca59b55a92
GET /api/image/a19ade20-0e2a-4327-8f94-33ffd49d5032 HTTP/1.1
Host: api.reveri.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 45816
Content-Type: image/jpeg
Date: Sat, 04 May 2024 18:51:21 GMT
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=2592000
Request-Context: appId=cid-v1:d9a11eb6-c559-44cf-8d7e-585f307d93d4
X-Powered-By: ASP.NET
|
|
| downgoodsk.live/api/item/randomByKeyword | 104.21.8.106 | 200 OK | 42 kB |
URL POST HTTP/3downgoodsk.live/api/item/randomByKeyword IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Hash9316b4e686caf26ce282bce6a708e53e b3c31700a9d77bfb72a520ce7406617867d2f837 2f4bf012453cb6632aaf93d30b9b0e496c73bf2e41ef8a650cc6ff336d151b2d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/item/randomByKeyword HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 90
Origin: https://downgoodsk.live
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkJWb1NZNVFSUnVYMWNPWlppc0tMQ0E9PSIsInZhbHVlIjoiU1dFTk5qK2RPbzBHeDFFcU5zdTRXZ1FPajdlRTNBODBpTnRMajlXM01PTGdtRGV1UkFhaUlzNjgwelJLV2NnQjRwNFVwK0pHVFZYM1FjUWEyazdpVEkvSXdZb1JYaVZFNzRZTnJkWTd0MjNtNlYwWFM3MkVINjNvWnhNTVpOWlMiLCJtYWMiOiI3MDNhOTBlOTI1MDMwOTMyZTRmODM5NGJkMjUzNzJjNzVhNGQ4NzExYTI1Mzg0YWQ1MzhiYjAwMmQwMzNkZmE2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:21 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IndlakQ2WUJBWGVZQXVObGlQYXNpWXc9PSIsInZhbHVlIjoiQzQxY2RJVmdTdCs4ekQ2UFVxZkNocEZ5OXg4Yi9CR3BRN2VCa3JPRG5OeHgyc0tIaFhhdzh2MEg3eGhKRm5CUVNkUGxnYnR5U0dCcEM2eEtjT29QL3I2UmZqQUZycytNZkpQSFRmZFlPNjQxTjRqK3Z5TTgzOFc5UjU0dWxYRUciLCJtYWMiOiI1ZTJhNzJmNDM4YTRjYzEwMTkxNzA4Y2Y2MWY2N2I1NTFmNjBmMTJmZTU3OWYwYmMyZDIxMzkzMTUxNmMwYzA3IiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7r2dAYIIsXiu75sjEGqkmKIgcnTYqhKfSlB3Clf%2Fq2zLQbn83EtcAGmgWox9Z1VACHNr6B7MzF%2FuCYPBk7SHqwB6M0AzE6j23IeS%2B7a%2BOicR7sJZsoiOzGuVaq%2Bk%2BzFt59A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae74c89c1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| s3.amazonaws.com/images.gearjunkie.com/uploads/2020/09/1497_deercamp.jpg | 52.217.133.0 | 200 OK | 10 MB |
URL GET HTTP/1.1s3.amazonaws.com/images.gearjunkie.com/uploads/2020/09/1497_deercamp.jpg IP52.217.133.0:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerAmazon Subjects3.amazonaws.com Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 5760x3840, components 3 Size10 MB (10192540 bytes) Hash165bdbb7377fdde01c12256052cbc236 13b3dbe21aa606574b0b74aa388711e28383a855 7065c27fc90d00dfb68530d7ee2cca6cf154d4c289c268b983785301d3bedc7d
GET /images.gearjunkie.com/uploads/2020/09/1497_deercamp.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: OyglsyNA/AjVShXc6qr6JKcHN/UTTj8I90LMHH+a+5ZCc0sI9QrBxyaK/k4QGEK7fBEceqqNPFE=
x-amz-request-id: BGF7XYH1EDTQY8FK
Date: Sat, 04 May 2024 18:51:22 GMT
Last-Modified: Thu, 17 Sep 2020 20:16:43 GMT
ETag: "165bdbb7377fdde01c12256052cbc236"
Cache-Control: max-age=31536000
Expires: Fri, 17 Sep 2021 20:16:42 GMT
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 10192540
|
|
| downgoodsk.live/favicon.ico | 104.21.8.106 | 200 OK | 3.1 kB |
URL GET HTTP/3downgoodsk.live/favicon.ico IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Hasha44c87b0d55afacf14c8327af92e948e 3ccbcb7c5e0d553ce51030580dec3732eb477f9d a0587eb4f330926619e867180d0f81a594dde4e75ddd471d2f1414024c9163ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IisvZXFNUW1EdHYyRmp4UUo2TW9QdUE9PSIsInZhbHVlIjoiZTdDWklYMGtOZVpDZ2ZoMXVMc2kxZTAvdEhiWnRSR1VFSHNUZFJkdkQvbnhlWlEwK3o3aDNpUnRhNm5oYTN4ekNXQ3FJRGl1TnN6NXBnZ0R2djFXaU93OVcyZHpZK3oyUGhtUXNSWVYvTVR3TWplZDBWUlZnaytPTGpXU1hQaUIiLCJtYWMiOiI5OWVlYTBiZjUwYTg5NDliMDcxMTUzMTYzY2VlYmY5OGJmNTNiNzhmODNkNTc1N2MwZWE2MjVhZGUxOWVlNWQxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:18 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DP4w4fpTZfJpxx67SlR7EROnEBe3MnjpyP5E2oDBcVhkoNtrB14%2FGT1syfPCDId1tZhmJQoEZEEEX5WjVrEy%2BWRs9GlB4LdoYhse5hIY5IoJAzkkYL5nmgSHfMOewowFrDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae6d2f121c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Fi.ebayimg.com%252Fimages%252Fg%252FiCQAAOSwJa5kDYIB%252Fs-l1200.webp | 104.21.8.106 | 200 OK | 195 kB |
URL GET HTTP/3downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Fi.ebayimg.com%252Fimages%252Fg%252FiCQAAOSwJa5kDYIB%252Fs-l1200.webp IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Size195 kB (194798 bytes) Hash755a9c7b24467f369b2e4c7de7a65d29 58203bf4761292e2ae1ec4ffc4f3691e23f0d231 1fa0c30fa4dc3f7006388f5293eb0a5cfea55e810a09a9261576f5e0a8ad8a79
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/item/getImageUrl?url=https%253A%252F%252Fi.ebayimg.com%252Fimages%252Fg%252FiCQAAOSwJa5kDYIB%252Fs-l1200.webp HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndlakQ2WUJBWGVZQXVObGlQYXNpWXc9PSIsInZhbHVlIjoiQzQxY2RJVmdTdCs4ekQ2UFVxZkNocEZ5OXg4Yi9CR3BRN2VCa3JPRG5OeHgyc0tIaFhhdzh2MEg3eGhKRm5CUVNkUGxnYnR5U0dCcEM2eEtjT29QL3I2UmZqQUZycytNZkpQSFRmZFlPNjQxTjRqK3Z5TTgzOFc5UjU0dWxYRUciLCJtYWMiOiI1ZTJhNzJmNDM4YTRjYzEwMTkxNzA4Y2Y2MWY2N2I1NTFmNjBmMTJmZTU3OWYwYmMyZDIxMzkzMTUxNmMwYzA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:22 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IkdRN3JSM1B3dkUyWXJDbFh2RGpRVWc9PSIsInZhbHVlIjoiQnlMeEJsbGRwTXNvc2JYaytaU0IyeHFuNys2c3VIUmFjNk1lMlZOdCs1NjEyd05maFB6STdhbXRWYXZKcUxZaXpjYVZEWGsxeGZYTGgxN0M4VW55Q2NQVkJza1pRbDlpcW9YcXRrM1R4STh4KzVITGhyVXcvc1F5dHQ4N3hCT0wiLCJtYWMiOiIyMzM2OTM3ZjY1YjcxNGEzMDdiOWFhYzhmNzEzNDZmODk4ZWZhYTU0NjNhMzZjM2FkNDMzZDRkYWJjMTUyMzVmIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:22 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNx2b%2FxpgbrI1neroZIvJCZ3SvJIfdW3c%2B8J%2FkEC3%2BiOXyKFm5izGKtmbTLJ%2BsCGG9TcAE1LxMwkCWwepaAsxQd%2FTdF15rpwBCKX45hWJJj%2BzKHUgphsGFTjeKoNj%2Bk3pK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae81bad81c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/api/cart/index | 104.21.8.106 | 200 OK | 5.4 kB |
URL GET HTTP/3downgoodsk.live/api/cart/index IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Hash5e0f617f8c9758900c9eb72462e10207 269f6f9af785b3f29997b3241d8653a1340b01a4 af9632a94de6f3759c550ed97d55ca1b54ee125dd13863105e8aeb528f2dd1d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/cart/index HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
Authorization:
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Im9KNDlkcXFCK0FNUTNGTlpSWmtIWkE9PSIsInZhbHVlIjoiTVFpQnlacGFvdC9uU3ZESUNremk1WmcxOVdGWXd2OXZHRmtjZmpJdTNmTmJUbC9xdytkNTVacUJBV0FvV3d4dEJwUGt5UVVyVzBQY1h2STdpbElONm5EN1BLZ2w4SXBSVkRMYytwRG5HeVp6b051YWhpOFZST2Z1cTRKYzJBQWgiLCJtYWMiOiIxMjYyNzE2MTZkNDcyMWI5N2RjYzRkNTVkZDk2MjVjNmI1NDM5MjA4MjNhNjE5MDFiODY2MGVhMGEwNzk5MTA2IiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:17 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qBFwAtnIfJgFS86eyHEoypy37XDPoLP4rDSc1uSg6lc2SZ0YkCHOJzyHIuhaGBCsYKKUccdAu93CWG%2BliC5taKi2qoGclzbH4qnfuNEZ2jWVt6v1HByGkSULXcOAx9Td0ds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae673fe01c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/api/item/secondCate | 104.21.8.106 | 200 OK | 76 kB |
URL GET HTTP/3downgoodsk.live/api/item/secondCate IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Hash30435c13010b9a33a595e4563a42c5d6 47144e78f49499468c846ab00787a50c9cf65e7e 4ab398f36df6043a1fa0837b628f695f92b0b6f0544ae585572907ae3f7ef5e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/item/secondCate HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6InRLYU1UQ3AwV21ndVVMUE9KWGVjS3c9PSIsInZhbHVlIjoiZFNjdklyY3FmaHQ5T1FHb1ZvWFg0RjE4UUlxTGdneHpRd0N5YkZrMlkyQXMzQ1VYdGJiUFA3ZlVRRzZTTDJFeUFJM1VRZ2xkRFNYc1JrZE9wZDNwTkZuTk9WaHN2d1p4UHBHbWJaQ3JqcTNjRUlKZm0rRWJrZEtoaWh4dWFkNzEiLCJtYWMiOiJlYTc0YjVlMzA3NmQ1NTI3MmE3NGEzOGMzNDc0NDdkOTk5N2FjODcxOTQxNjc1MjcwOTQwMzc3YzhhNzE1YTUzIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:17 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5OzzXq63ah20bQE9ziFXT0sagrGtK%2FMWsKzwV3lUNQ%2FTKR7WrOn4BXf4LsPJ%2FgxNUSE551Jh60liODY2Bfysktj8MzsCSny17L2yHWfytdi9uJjBy33EPOnXgLTYsL9%2Fb1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae672fda1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ae01.alicdn.com/kf/S01c0b74979e149ac9b0ca322a982d1aaF/Airsoft-Paintball-Work-Clothing-Military-Shooting-Uniform-Tactical-Combat-Camouflage-Shirts-Cargo-Knee-Pads-Pants-Army.png | 47.246.44.251 | 200 OK | 40 kB |
URL GET HTTP/2ae01.alicdn.com/kf/S01c0b74979e149ac9b0ca322a982d1aaF/Airsoft-Paintball-Work-Clothing-Military-Shooting-Uniform-Tactical-Combat-Camouflage-Shirts-Cargo-Knee-Pads-Pants-Army.png IP47.246.44.251:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerGlobalSign nv-sa Subject*.tbcdn.cn Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2 ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp Hashc3133739203afbff2b3efd365e0832db 81d11049e27ea3e47e377fbb55237b18e7ef3d3a 964c10378db9fdde784f858f1a6d6907f9d64e643366eb98a2998ded913c3d18
GET /kf/S01c0b74979e149ac9b0ca322a982d1aaF/Airsoft-Paintball-Work-Clothing-Military-Shooting-Uniform-Tactical-Combat-Camouflage-Shirts-Cargo-Knee-Pads-Pants-Army.png HTTP/1.1
Host: ae01.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/webp
content-length: 40460
date: Sat, 04 May 2024 18:51:22 GMT
traceid: 2ff62c9d17148486822815872e
last-modified: Thu, 17 Nov 2022 18:29:03 GMT
cache-control: max-age=86400000
access-control-allow-origin: *
eagleeye-traceid: 2ff62c9d17148486822815872e
strict-transport-security: max-age=0
timing-allow-origin: *, *
ali-swift-global-savetime: 1714848682
via: cache2.l2de2[410,410,200-0,M], cache9.l2de2[411,0], ens-cache18.se2[433,432,200-0,M], ens-cache9.se2[434,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 May 2024 18:51:22 GMT
x-swift-cachetime: 31104000
cdn-type: alibaba
eagleid: 2ff62c9d17148486822815872e
X-Firefox-Spdy: h2
|
|
| downgoodsk.live/static/your/css/lightbox.css | 104.21.8.106 | 200 OK | 3.5 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/lightbox.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (3638), with no line terminators Hash313f1bf7c27b92bf95c8c5a09456017b 8cbc95754b0ca2df9ca15484a994a1a9989db819 b0ac5f3e113197f2a22d84177033a0e586247ada4ec1d0427137fb2a15b144af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/lightbox.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"d8e-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wsC0Avs9fOZooF5R6zs%2F93UKbt9r5u3pPV6JtXgLipT7Vsvyof1f%2BSOZkaB7Xw%2BztEwKNzMKxtzZDW%2BLlURudxLNyurCuzFOQDHmng3l7JR0aIyhC1wBJnU9x%2BG2x45gtk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae637b051c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/default/js/delighters.js | 104.21.8.106 | 200 OK | 2.6 kB |
URL GET HTTP/3downgoodsk.live/static/default/js/delighters.js IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeUnicode text, UTF-8 text, with very long lines (2931), with no line terminators Hashcea7916cd59794680bc1752664077410 d4422dde39ad8be545e06aa2885d86c1cf64eae4 4bca5b5d62a05152ccea31e00d2357202f87d7dded717de41ef17d5fec719ff9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/js/delighters.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"a4b-6055d10ea50cf-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0K3bFEwsQMuAh%2FcLtdfL0Vi%2FVG1xdvhSzwFHkabSoNOtjA8faxbyD8OupJf8m1zAjDkx0WFwqrdesrPjppP5xob3GDRb9Xy8li%2BepxRgC%2F9eDWw39MUWZ43LQAE8ClDMptI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae63bb5d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/stylesheet.css | 104.21.8.106 | 200 OK | 92 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/stylesheet.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (529) Hash9a06a247e039b7a8e36cc1059d7c5c39 4a42d4ebcf871ec3ac45c47eb1110462616f2390 8cab6c22f51f0c08736e6ef55849ad723519a715a79568b749f9123a074878b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/stylesheet.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"16563-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uKR6pgr2Ih4dzHtoTdl1%2BwRM75R1mFUynzCHyP7Y4h2pmAc%2FEADFZ4Ko3mHeO9ySdfg0sAot5LB9e1CaaxAO2SYPOPSZc3jJisURBRKRn3adENS0s8g4%2BDl96XEhBeCL1EE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b181c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| preview.redd.it/cr27nao7uxn21.jpg?auto=webp&s=8980b54a586f718d73138a51fc8d13067c287107 | 151.101.129.140 | 200 OK | 381 kB |
URL GET HTTP/2preview.redd.it/cr27nao7uxn21.jpg?auto=webp&s=8980b54a586f718d73138a51fc8d13067c287107 IP151.101.129.140:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerDigiCert Inc Subject*.redd.it Fingerprint33:78:3E:06:F8:D9:1E:16:2B:2C:23:83:A1:19:F9:33:C7:B8:88:33 ValidityTue, 16 Jan 2024 00:00:00 GMT - Sat, 13 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1536x2414, Scaling: [none]x[none], YUV color, decoders should clamp Size381 kB (381292 bytes) Hash3b4988389f04e082c8049f5721d9370a 94a6820bfb93c6526555daa05cbd903e7a54265f 900790f32092087f9c351fcc44336e0f2f60d035ef9d9486581be3db6e3897ec
GET /cr27nao7uxn21.jpg?auto=webp&s=8980b54a586f718d73138a51fc8d13067c287107 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
content-type: image/webp
reddit-io-info: ifsz=442225 idim=1536x2414 ifmt=jpg ofsz=381292 odim=1536x2414 ofmt=webp
reddit-stats: io=1
x-envoy-upstream-service-time: 1059
x-imo-features: auto=webp
x-reddit-backend: 19c9ef79748590ad9aa38d61e4619c670768a73193aec6424a9f9b913b91
x-reddit-pod-ip: 10.99.19.70:8080
x-canonical-filename-image-generation: 1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Sat, 04 May 2024 18:51:19 GMT
vary: Accept,X-Imo-Features,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 381292
X-Firefox-Spdy: h2
|
|
| downgoodsk.live/static/your/css/css.css | 104.21.8.106 | 200 OK | 61 B |
URL GET HTTP/3downgoodsk.live/static/your/css/css.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash2d963171282c4de9d6969472b23e47e3 1ea3d4ba9fe4b01b4edf5b7dcd20ac246d2187d8 87ed5a5a37969aa977d6f4fc16ae7a094bc1abc454307e011b65036646b4d3ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/css.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4A9kP8qestZ3ZXz13whRcqctdCzsB2tjEJIfDNh7%2FvGgvqIYhPjzrRxgnNd9JHJEJywfNto5djvOJVII3uxdchAWQCwSg95De49qADhT5alGKYWxkicHglq%2Bn0hV8LnJI2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae637af71c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/store/css/checkout.css | 104.21.8.106 | 200 OK | 4.8 kB |
URL GET HTTP/3downgoodsk.live/static/store/css/checkout.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (5046), with no line terminators Hash78004bf5e334b836b476f48fcb42d6b2 1b118f3acfd8329b2219397946fbdcdd2eb8a8a1 36ec4ba8f16410525a9046d41eab8c0acb179340bed5d10a795edb52fc899bb0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/store/css/checkout.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Tue, 21 Nov 2023 09:40:24 GMT
etag: W/"12d8-60aa6645dbe96-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3pEok%2FeFgNuPP3dWChW%2FQt3G1MCIQuTNasPtFPvcNvyimU%2Bz7Osg11Oidc0CKofimzWMmIVS7B4gwejJVewvgNcyUePejw5UuplDRguAr90X3pTJpxFf1WmwKA3QyRi33Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae639b2b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/font-awesome.min.css | 104.21.8.106 | 200 OK | 31 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/font-awesome.min.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (30813) Hashba098bc004de79c602b8a80093ecfb6d 07e2a0eae9e2a64f753638b5281b878b586f054d ad6ed6588f8299f92680d0b1e7d3103621f713060409ac419094140e6fdaeb84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/font-awesome.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"7900-6055d10ef234b-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjb80RwPaEZODLqIvQMyUxAOir7l2zvhJxasMNYri6SeYUFB2VOiR%2Bvy%2BYkG6qMKWurvt9K1Wg00tCtEJ%2FL9ASHxGvN3wHONHXGHjHHUbLU0Sahwb39%2F2EOnRRMg5Y2XY5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae637afe1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/owl.theme.default.min.css | 104.21.8.106 | 200 OK | 936 B |
URL GET HTTP/3downgoodsk.live/static/your/css/owl.theme.default.min.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (941), with no line terminators Hashe781dd464fc6867934d0e6d39e490437 e5097e41900eab39cfba063f915261f09c96288f c7872c41846b478f0977ef824a1ccc08911439c4c29a6055725cb5c8190fc872
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/owl.theme.default.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"3a8-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tup0OkjP6zYBSHW%2BuhrITB%2F2T5K23Xxg8mihroyzL6Di9GeNJmePKDt7FJ4Dm103xinh%2BIjhISyZp4JNkt7z%2FHAqiKD4H2JMfo7jViiIWjzK14XhFqyYanF7hL1U8eNely0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b0b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/default/js/delighters.js | 104.21.8.106 | 200 OK | 2.6 kB |
URL GET HTTP/3downgoodsk.live/static/default/js/delighters.js IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeUnicode text, UTF-8 text, with very long lines (2931), with no line terminators Hashcea7916cd59794680bc1752664077410 d4422dde39ad8be545e06aa2885d86c1cf64eae4 4bca5b5d62a05152ccea31e00d2357202f87d7dded717de41ef17d5fec719ff9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/js/delighters.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"a4b-6055d10ea50cf-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdVmzMnlvppQy5lKaLdV3KUdCL436recdYtmfcTSqephymz%2B8MQgeiBEuDYb%2F83SwsX%2BXGxg%2BwqCJdRjRYhfF7JQZXy7hLS2hVo93jicCBF5CN6ESEUA%2FGM4VjWezH7zXhE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae66ff801c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/api/item/info?id=67093225 | 104.21.8.106 | 200 OK | 7.9 kB |
URL GET HTTP/3downgoodsk.live/api/item/info?id=67093225 IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (8954), with no line terminators Hash0bf64738922aca11d09190e7f49c3b33 4eada62a4b68c85d58aeabde8cfd83b15509dc9c 3a5cad71b51a558b50bf1087670e1d78073e617262555eec651d29c19651df43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/item/info?id=67093225 HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:19 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IkJWb1NZNVFSUnVYMWNPWlppc0tMQ0E9PSIsInZhbHVlIjoiU1dFTk5qK2RPbzBHeDFFcU5zdTRXZ1FPajdlRTNBODBpTnRMajlXM01PTGdtRGV1UkFhaUlzNjgwelJLV2NnQjRwNFVwK0pHVFZYM1FjUWEyazdpVEkvSXdZb1JYaVZFNzRZTnJkWTd0MjNtNlYwWFM3MkVINjNvWnhNTVpOWlMiLCJtYWMiOiI3MDNhOTBlOTI1MDMwOTMyZTRmODM5NGJkMjUzNzJjNzVhNGQ4NzExYTI1Mzg0YWQ1MzhiYjAwMmQwMzNkZmE2IiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:19 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvC6CTcQAyVi7rt4qQ165sDajonPfXZwFKJDRyVvksPmItDVHMoWPPKhV90MHwuST6v3DhEfFhP0K8NaDEtBWgt%2FBFsZFgDdU0nMGka1SyImKp8LwEUwfsD0VjS3XIVgWgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae67c8b91c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/product_details/67093225.html | 104.21.8.106 | 200 OK | 76 kB |
URL User Request GET HTTP/2downgoodsk.live/product_details/67093225.html IP104.21.8.106:443
CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /product_details/67093225.html HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:16 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:16 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBtaHCAmgsJhUzjNP68gfxdfs1q1gmnTkwSNd%2FRPC1gnc09X%2FUBmQPitwoFvCzdy1Yxp02Rn2ypaLJrLI85MtciJz3MLa1WP9mm2OgQze8QWDr2aub6nQ1n4%2FIUyCJleYKw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae5f7c8956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D3975807799147800 | 104.21.8.106 | 200 OK | 224 kB |
URL GET HTTP/3downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D3975807799147800 IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
Size224 kB (224019 bytes) Hashfc50f3ca72f2e84651f50cca45139283 3c5a782c337adbe4b9322d5674ce9ead2d9295bb 102ddaa5d8ccf7a8480678565046ffb02c591d2820f8ecd6e70dc9ffbee978bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D3975807799147800 HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndlakQ2WUJBWGVZQXVObGlQYXNpWXc9PSIsInZhbHVlIjoiQzQxY2RJVmdTdCs4ekQ2UFVxZkNocEZ5OXg4Yi9CR3BRN2VCa3JPRG5OeHgyc0tIaFhhdzh2MEg3eGhKRm5CUVNkUGxnYnR5U0dCcEM2eEtjT29QL3I2UmZqQUZycytNZkpQSFRmZFlPNjQxTjRqK3Z5TTgzOFc5UjU0dWxYRUciLCJtYWMiOiI1ZTJhNzJmNDM4YTRjYzEwMTkxNzA4Y2Y2MWY2N2I1NTFmNjBmMTJmZTU3OWYwYmMyZDIxMzkzMTUxNmMwYzA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:23 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IklMZmxJYVhpVG5HVTBHU2NZdkZCT1E9PSIsInZhbHVlIjoiemJXK2JPa2xRTjQ0UlA0K2cvQ2d2dzh2Zm9WeTB1dCsvSEsrQXl2T3dEYVd6MlF4MDNkTE1IYTBMbUFaZ0JKMDNrTU0wQitZMHZsdHRFbXJ0VHlaL25QZ1d0dkk2TTNibVQxOVk5alBFbUxpK01walc1a3E3UXNSL1dBa0hFV0ciLCJtYWMiOiI2MDRjMGI3YzQ2Mzg1MmQ5ZjAzNWVjNjc0N2ZhOWVjMDZiZTg3MTYxNTYzN2IzNjRmMTc1YzRiZDUwMTdhYWZjIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:23 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6VuMdeiXlWf%2F2LxIoSRWclarWVmS5i2RqV02T3eV8cNAo6nxgzkc0%2F%2F79sM3o8Htn9U6Q2jYONZJgFtv8ZrTwUEfa%2Fad2YC6rjBHgy%2B25dix0IU%2FBbna7bMugzZXj3AErU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae81cae01c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/swiper.min.css | 104.21.8.106 | 200 OK | 18 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/swiper.min.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (17459) Hash6af34d0737ad0ca608111771cf74cc79 15d0417baa08a741c6aee19fdfbf4813635f98f8 47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/swiper.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"455f-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCv%2F10ralO7HOAKw%2FnW41O4akprpDvl%2FyYblXdXt3NdtrcdvaflthcUt88EOHwBK70MmlSL4IVPOJ1tbIG1j9tbhQoRIK5RSmdvGEb21Bor0an0B2fHl0ElbrFtf0iacj34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b1d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/default/js/vue.min.js | 104.21.8.106 | 200 OK | 94 kB |
URL GET HTTP/3downgoodsk.live/static/default/js/vue.min.js IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeJavaScript source, ASCII text, with very long lines (65449) Hashb21b8531847604ab5f2f5caaef51ba31 da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/default/js/vue.min.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"16fc7-6055d10ea6458-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ONahDgpD8Zzj5wVYPTiihjIe%2FEVw6O3823FAH7KYpKm5CpZvQ%2FQB1zfSqBP7vcjeFuBudPn3%2BPV3ZTFqHdelOUyRvNZmB3jlxQRLer7S3aXeE4W6RIcvd8ZewBDO%2FwYS%2BLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae63ab461c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/bootstrap.min.css | 104.21.8.106 | 200 OK | 120 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/bootstrap.min.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (65371) Size120 kB (119508 bytes) Hash3fc294a6e2e1cdcc652fc702f0ecda80 87fdf5f58d2bc3bd19940403f33a2a7f9869c446 ff95d530a782ce6fa179cd74b1da4a39764e9405666f5aaeed2f34aa9c66ce66
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/bootstrap.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"1d2d4-6055d10ef234b-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g60YwJv9abDk4bCUBviajBlFY3mNWKTHmUyYMZfmac7spwM2WosjXiLyyDeqbikWVFxdqei07QryFkVFkj6yZXm9tZB5dMUC788tjCwvPr4IROUBTUe3yIu5%2BwgBKaHroqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae637b001c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/magnific-popup.css | 104.21.8.106 | 200 OK | 7.7 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/magnific-popup.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (8049), with no line terminators Hashff38520855bf32e67380f0c900e6e71a 33dbded62e37764281e0d5bcc38e48d77760a20d 7b5d633f10e5f270180f5fd9198be0406dfeed30a183f142f3b657fe3c4c6d1b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/magnific-popup.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"1e06-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRRE0IbZ7DgELPA7thhGbtJRxRzRgRIXjmF8jWVl5lREC66aDuYmAgFFEzjPx43MBmMNSj4kTcMc1LUSa8T%2Bb5hVqPs%2B9peuN0Pqi7eaOi9JsTM90wHx6VAOhQNd%2FROqB5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b141c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/css/animate.css | 104.21.8.106 | 200 OK | 58 kB |
URL GET HTTP/3downgoodsk.live/static/your/css/animate.css IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeASCII text, with very long lines (460) Hash77a5c1c68584ef4f63535fd1b8f9ea8a d0700bd7ef9ef7b5c17f7ae46930dabb23e18f81 a8b27255a12c6f055e0df480753920dbfda0f4057f0d701b5d715e03a550a46b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/css/animate.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"e3a1-6055d10ef1f63-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRfubtD595p9SWAzf0Lzyi0%2Bo8XvzWXGW9U4JSX5v2XFI62KBorRVtOQF1dDLumWAZtwJg%2FnUFye5k%2FjyIacj39md5y6XqWhib8txRaukIhq1Kc6kGLD8Hycq3jyMq2jIRM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b191c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downgoodsk.live/static/your/img/footer-bg.jpg | 104.21.8.106 | 200 OK | 171 kB |
URL GET HTTP/3downgoodsk.live/static/your/img/footer-bg.jpg IP104.21.8.106:443
Requested byhttps://downgoodsk.live/product_details/67093225.html CertificateIssuerLet's Encrypt Subjectdowngoodsk.live Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34 ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x425, components 3 Size171 kB (170800 bytes) Hash01aad85abef2e701361ee4ded47754e4 cc6770719c0b7639740145824e048f339340c0c7 73eb0994db66a8e45749f3fd6b0b5d32416d5654eb867f0bf9819a6cd65e8aba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/your/img/footer-bg.jpg HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downgoodsk.live/static/your/css/stylesheet.css
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: image/jpeg
content-length: 170800
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: "29b30-6055d10ef5de4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1740
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mrgh8I8iDou770F09I4nrkweFHxjP0QP3jPJlScq32PuIMdeE6k%2FiUY%2FLh19XZOYIaBcT0SsAuW3v9oxD0NpO%2F6AvwlIzwKJ5r5DxjmTpgnPVI9YxmG%2FOeB%2B8v%2FCVGTQCLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaae68da181c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|