Report - downgoodsk.live/product_details/67093225.html

Report Overview

Submitted URL
downgoodsk.live/product_details/67093225.html
IP
172.67.157.76
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 18:51:43
Access
public
Website Title
grey sweatpants r/Bulges - Online Store
Final URL
downgoodsk.live/product_details/67093225.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ae01.alicdn.com	7254	2008-06-25	2015-11-26	2024-05-03	538 B	41 kB	47.246.44.251
preview.redd.it	3176	2010-05-31	2018-09-07	2024-05-03	448 B	382 kB	151.101.129.140
downgoodsk.live	unknown	2024-04-06	2024-04-11	2024-04-18	38 kB	2.0 MB	104.21.8.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-04	2.0 kB	170 kB	104.17.25.14
i.redd.it	5933	2010-05-31	2016-05-24	2024-05-02	401 B	462 kB	151.101.129.140
assets.adidas.com	28638	1995-09-25	2017-12-11	2024-05-03	524 B	6.1 kB	151.101.130.24
s3.amazonaws.com	unknown	2005-08-18	2020-05-13	2024-03-23	928 B	10 MB	52.217.133.0
api.reveri.io	unknown	unknown	No data	No data	420 B	46 kB	20.49.104.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed
2024-05-04	medium	downgoodsk.live	Sinkholed

ThreatFox

No alerts detected

JavaScript (49)

	URL	Size	First Seen	Last Seen
	unknown	773 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:01 Times Seen69 Hash 15a39005ea43b9fa5ff86c3516ab5ee5 5c3e809063e8aa46dd2b3406874a6879a80e5bf8 4cba25fcb224ea4dbc3d577db7476d616ac7d4e3dd4110830c16709f8375e0f2 Loading...

	unknown	2.0 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:01 Times Seen69 Hash c7eddf752593ca75c567e9f5aff590a4 ad456b19bd0ae1195bbd25b57af0371a5af1e3f2 d7d6b5dd0a87711ee3904abe8d2dba182baf97146c007ac66045ab7c397074a6 Loading...

	downgoodsk.live/static/market/js/jquery.min.js	84 kB	2023-03-07	2024-05-18
Pretty URL downgoodsk.live/static/market/js/jquery.min.js IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-18 10:23:49 Times Seen14248 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	unknown	184 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 1a0f4803bb0f50d1e96b535da8b7dbd9 41fb54184d04168074b3e1762f79fcd622f0b079 6f9b63dc3e17c9db0e928c956e1f7844161ad8de2ef251263a7f7f9ea08056cc Loading...

	unknown	1.3 kB	2023-11-05	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-05 06:19:13 Last Seen2024-05-18 04:47:00 Times Seen16 Hash d80aecbd890f955b6d8665c344eb2137 bbde210bd06a08ee1c5cf054c8140cf3ebc01397 dedba75b5c1f9787f36929c6abb129e3ae56c98405f2045e3d54a3e0a947ed9b Loading...

	unknown	50 B	2023-04-12	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 00:31:29 Last Seen2024-05-18 06:54:09 Times Seen796 Hash 67a516f6876a6d5a6acd917aabe0571f 3cafb807a2d7fcf75a5092484795de52336ae1d0 cb909329532746539d41f5fe0c5f508bbf8191744c706dd5969753aa14948bc3 Loading...

	unknown	2.0 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen77 Hash aea6fdd0c50b5b2544fe2899a9a3b288 24fbf69d79b94bc623913211666a265d9c6fdff7 dab897deb7e6f1a9f27fa21ca6027a348e789937b09c02d64d783fd4d5c6c6a3 Loading...

	unknown	11 kB	2023-12-01	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-01 21:53:06 Last Seen2024-05-18 04:47:00 Times Seen15 Hash 326853ad54a482b63f3f4ce903cff4e6 bd94a61e9f0806ca8a02168bf6b897b89d165e3a 718a166d1c02ca4df8e035a57b48e109a4c4ec971e9375c3f445e65258c94efe Loading...

	unknown	163 B	2023-11-05	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-05 06:19:12 Last Seen2024-05-18 04:47:00 Times Seen58 Hash c48e720ebf7ba79ee5e3e9dd7b60179c 6e4146d5770164a59c5c95e8cf79d9c51d05b907 4bd9ebed99dddd10865ee1aff2700e770700f5a32c4dd83b9eb5a9b8fdcc6c57 Loading...

	unknown	776 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen69 Hash be63d7a2a9f9124fc45a2742e182bfd9 3fd6281aaf80b0685b0ce1046a4153f9ae279b08 abd83281fb2c20c4a2c41fa07862c5f6ba8f59b20eabb2082dcb153524932118 Loading...

	downgoodsk.live/static/default/js/delighters.js	2.6 kB	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/static/default/js/delighters.js IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen245 Hash cc31823856831d96acd96628fe1bc12c 4441d2792dc7fb9f54cde379cd6dd5085ae7af33 0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d Loading...

	unknown	291 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash c9b5426de6165f2c8804537ec035f110 517d212722a2801c8a26808644a65d116ae8b566 3be786ef0db42a9e238ede295ce15ed15fd6edbea02ae3175216c7a62f6d749e Loading...

	unknown	172 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash cf1885138e50cd52d69851fad01af8c1 bd9c7c4ec798438fd8f8b2510a9e502b85ae8e0a a756ef977bcda1bc160e9e0f502a13a4e7e9f739044dcea424c791f20cee7577 Loading...

	downgoodsk.live/product_details/67093225.html	543 B	2023-11-03	2024-05-18
Pretty URL downgoodsk.live/product_details/67093225.html IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen31 Hash 7522976f970077f1a808fe762a7e06a6 924a3e0922dd6d59d942f36e965a607a3720f992 d533860458eb73ade8fc419d1f6486297309665cb4edfb979f825493698079b1 Loading...

	downgoodsk.live/product_details/67093225.html	8.6 kB	2024-05-04	2024-05-15
Pretty URL downgoodsk.live/product_details/67093225.html IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 5c3cd0d1862b922ba586a4a85dd65bf0 c9c05ca63193023c842fbd01ad858674f284d75b ef5fb594b2b8265dda0c2c60f6a01f1ec4114ce303a6ebcf51de144d45b4e088 Loading...

	unknown	183 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash db45a75a4eb3c7b373147dac5fe029cb d6b63bac03eb4ba8170e5c8fd3a050468fad2dd6 7dd0a3a6db88fdab720cc6a4a6dfd05dd1649088260cd2c1ba10ff8f257f6f39 Loading...

	unknown	2.2 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen69 Hash bbc2c87307db938ed18aeb60f8617bf0 9f0f41df245ddd5d0c19a0dd031d399d5f803eaf fbb802425d01b533be464a7177298f884d1f48f6a48143cf094c4dc52bc91e6b Loading...

	unknown	223 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-15 06:48:40 Times Seen4 Hash fb52a5f79bd4b3906f44a46f4dc6e549 419c8bb04fed0b07572c80d5a9aa90b0425be90c f0edd9f7e654e2e2ea365f46d64148b9a1b36cffac95827fd7e33d8028feac0f Loading...

	downgoodsk.live/product_details/67093225.html	9.2 kB	2024-05-04	2024-05-04
Pretty URL downgoodsk.live/product_details/67093225.html IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:51:50 Last Seen2024-05-04 20:51:50 Times Seen1 Hash 78b62232ba39e162c00448ad919e1af3 b0d313d11badc623d629b9860f9bbc181549a8ed 2d781a44111841df4a37f603b8824fd103c5c73addf853341e5d4a242066304f Loading...

	unknown	138 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen30 Hash 84b225eff2b105156f8078ed21ff8b64 41b652a36aa6a9952be991ef5114630019dd4336 67ad89b536424cc38a04ab343466949ddc40c946075fbc141cb0417aab44938d Loading...

	unknown	3.7 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen77 Hash 2f797b61ef7cc74388b3bc5c632a4c57 e52321b18d3b6a29875706e551cd1ca6f07e5b08 10ff3612f665baabd79e069759e88e84aaa2ce013789606d079e58673650e4e2 Loading...

	downgoodsk.live/static/default/js/vue.min.js	94 kB	2023-03-07	2024-05-18
Pretty URL downgoodsk.live/static/default/js/vue.min.js IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:40 Last Seen2024-05-18 10:03:13 Times Seen1273 Hash b21b8531847604ab5f2f5caaef51ba31 da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17 Loading...

	unknown	173 B	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:51 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 702ad39682530ae2a3f3f18a501141a0 006f3fdad48fcbca985e7e192d5912b0d4709b0d 644b8e133c3960e743984fad21b16fe7c061af13a4db53639c697215e093fb74 Loading...

	unknown	277 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen31 Hash 41e226399cdec17fc2e96d116c516b8a fedba9c084bee281fbad5b60716c4b72f9a54d5f 07ff00fb8ac5e4ec6d4a8c14292826b9e9c597f949040337a7562b790634b130 Loading...

	unknown	169 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen31 Hash ef210ca63758a5c527614ecb062779e6 a837e8e3690859da53f344a34707c998794eef21 2695864485c5f4a69cc03bb77c46e7890253bdeb6129a87d8158cda9b9fc5cbe Loading...

	downgoodsk.live/product_details/67093225.html	2.0 kB	2024-05-04	2024-05-15
Pretty URL downgoodsk.live/product_details/67093225.html IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:51:51 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 3ab9d3509ccbf392a3562b792f2afdde 27b621dfac1a23804210906fd2add6fc46001c16 c4106d7f7351124f8ef8ac65b9029d67ffdab673d922ffeaa46304c9fb1b35b6 Loading...

	downgoodsk.live/static/default/js/public.js	1.9 kB	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/static/default/js/public.js IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen196 Hash 53ceae9d8b9f4372ad101d91439cdbb7 662fa3a84762aee5bcb1da67ebbe2e37b3eeb79e 535ee4fa0189e79bd9a7d6ae4aa466180c4ac5b82b47647482ddce74587ce249 Loading...

	cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js	15 kB	2023-03-12	2024-05-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen312 Hash 5f4a59735ca9517d0478f395439bd517 f820c08cf114da8ec451e8eedc0da51dfcba5e02 ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9 Loading...

	downgoodsk.live/product_details/67093225.html	79 B	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/product_details/67093225.html IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:00 Times Seen145 Hash a71ddf2ef16448b1a9a116c9969bb84a 38f0cfe879b01e50b2022a5b46ccebe972b57afa f81cdd71a100042bdbdd3a8d1fa89581bc7763e26f2ff6eb7bbefda85e9143a3 Loading...

	unknown	1.5 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen69 Hash b43fa7cc5a45035a9f8a0abe1335b5a7 61933fd0d2e0e61647097d3cc72243ab77c85f1c b4967741000ab470155fd48a923ddec65a0247d5a4d7cd188b8027be2a4c6f69 Loading...

	downgoodsk.live/product_details/67093225.html	696 B	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/product_details/67093225.html IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen145 Hash 207792bcff09eca0993cd75875f72095 1f602949e3de9dd8638601085791e25c6cc0acda ae57e93366c984a79002b078c27040993cd88c77218f277655fc031b6bb3e1d5 Loading...

	unknown	138 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen30 Hash 9a94ae7fe21fea8494e9bcf6bb519b06 a8fa90d1fcb4eb7ed3bf8ea1122cacd25a352819 5a70584b716034fe0ca13de7b57199ec25c237d545721601d151ef50d38e7bf9 Loading...

	downgoodsk.live/product_details/67093225.html	151 B	2023-03-12	2024-05-18
Pretty URL downgoodsk.live/product_details/67093225.html IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen144 Hash 4cc479dfa9707e2f24a8e129c80429b6 a6e2c685240dd740b22e226767035173703473a4 120dbe66705b4abb82ad0b16aabbd8ff3acee9be1fdfc30e77a2557012a1181d Loading...

	unknown	117 B	2023-11-05	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-05 06:19:13 Last Seen2024-05-18 04:47:00 Times Seen16 Hash 649a31ef292d175b992ee024f81c9f38 3cc522ebdecaa6fefd9aca49836645e4c9357c9f faea367244b4f55f0e05e3f8c507271f93e48379c8e5d9ccfa49ec836b58c9cd Loading...

	unknown	868 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen30 Hash 422bb6aa46f23a2a350068e2aac58762 0c814f0e50381800467b1d138913c05a19757304 6aafd2d65c2d12f8799c5a11f0d12ac110d33e18da9cf50b0e35a042a1302d43 Loading...

	unknown	112 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:01 Times Seen31 Hash f4db1827fe4259b9dc5853871bc6045e 639adc0619832cd922f888b7a9dbdc35c9416ab0 88fa931d9cb6eb5bee5d361b3063bd8c3b1213e4c0e588a56a0a26f3ae9919e9 Loading...

	unknown	127 B	2023-11-03	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-05-18 04:47:00 Times Seen30 Hash 1225801b3453e88bd0f17598f771503d 719eeae87b92babb0c95818f127a6338d0b75fb4 ab185ce89cd85daed537ef8d8b22d2d52f8dcbcf118c0678f09f1d10be8fe846 Loading...

	unknown	1.0 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen77 Hash e7e3b8fcf88dd9ccb044ef5dd45915cb 426037acb5a39793686b9b444fe700489bae963c 4079fce41d344828c2fc2659868de4578d5129a9835311215fb1941d2c3773f9 Loading...

	unknown	1.1 kB	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:01 Times Seen69 Hash 45c5402410be51c5c0222c8519cf660d 471fdc790f50cc0271ca1be5461f17d012cc6555 b643a82352094041aa8ef10323c3c64a683a85b61451fb439b1099c79ee02514 Loading...

	unknown	783 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen69 Hash 9d25de5926c79fb8d7af32dfe8f594f6 69976077fe199eb227b0c7c4c34d78798c588b6f 45579e258830652d2bc8751d671b616b0525608d7de4b9c05637788fbb07be24 Loading...

	unknown	189 B	2023-08-10	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-08-10 01:59:25 Last Seen2024-05-18 04:47:00 Times Seen27 Hash f2e94c190d8ebdc795bb0423793cbd07 090e167ddf0cb38b483bdc05a1073ce3b758d115 faf40d9588bc9d96283fd72f0d1d9cc7cd969c40006a2b17b033cc2688aa07ad Loading...

	unknown	209 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen62 Hash 65e6fad0b80e5dae9ba33c36c87cbe46 2f27dd37b7ff2cf116e2932e497181aa8f68a08a 61e07b5ebd6b4033a1043820388f48ffc6be5afbad262f77e80c9e664a499295 Loading...

	cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js	279 kB	2023-03-07	2024-05-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:31 Last Seen2024-05-18 04:47:01 Times Seen306 Hash 0292da744fb4f768ae77370f868a674e 6dbafd633d187d11e2ef0a9a47044fd5646c70fb 068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468 Loading...

	cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js	338 kB	2023-03-07	2024-05-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:09 Last Seen2024-05-18 04:47:01 Times Seen305 Hash de581e420bf52d70e353080a13094ea8 7e727d99fea8c31c2f2e3173105d585ee3289d31 4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5 Loading...

	unknown	6.4 kB	2024-05-04	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:51 Last Seen2024-05-04 20:51:51 Times Seen1 Hash 5f4428a73b98c99cac608b003d4394e3 1c64c65a27b2925944f1fea9dfd1c59c72a1c78d d69812d7c380137143cb2e4494c1e88fc4ec2a533c64197d2a14404e1a8629c1 Loading...

	unknown	199 B	2023-07-26	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-18 04:47:00 Times Seen77 Hash 67a2c7b2c5a50b9967db9e9d1a0f4cc9 802c4eb3b2eaaa9cd03eafb632434d9bfcd6e99d e548dd3a15307e94b635e55caaee70050cfc332df229e5f8f341bee4f9ef1f76 Loading...

	unknown	2.1 kB	2024-05-04	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 20:51:51 Last Seen2024-05-15 06:48:40 Times Seen4 Hash 5fc783f2d2c61550f9ff818b2c27fa78 3179a55dcf4dfd154f7810c02fe64f87277262a8 39110ce317cefc9d36c7aa6b10ada502636e392b5c64047829e6e65e89975964 Loading...

	downgoodsk.live/traffic_statistics?gurl=	0 B	2023-03-07	2024-05-18
Pretty URL downgoodsk.live/traffic_statistics?gurl= IP 104.21.8.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 15:13:18 Times Seen37788290 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - ea47d7a66d8152302cd901d56844cb81	72 B	2023-03-12	2024-05-18
Pretty Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-18 04:47:01 Times Seen148 Hash ea47d7a66d8152302cd901d56844cb81 235d8306b2b513c8851d054491a83beb3e194f94 ee7229be5e00ebb674d9f12a2aba9d62130a20978a0c27162a984e32530a1d5f Loading...

HTTP Transactions (44)

URL IP Response Size

downgoodsk.live/static/logo.png

104.21.8.106

200 OK

4.6 kB

URL GET HTTP/3
downgoodsk.live/static/logo.png
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
PNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4595 bytes)
Hash
e4cdc6959f08294d79ba65acc4767bca
3fae9f20dd977934a6762be64f7e26509cc3eaaa
cd2cd2c4ec5ee724f31ab874d574820567c3407eedc6ee65b94fe6161ea2b0a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/logo.png HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: image/png
content-length: 4595
last-modified: Mon, 09 Oct 2023 06:21:06 GMT
etag: "11f3-6074298668fb6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcqEA8W4RGP3IqzA7tQc0Ig2159RGwntGqUr%2BGfr%2BSyAaxFZhhN09wRVHCBx%2FVlRMWw527ll4U3Wl%2FS6qsQFU9zw%2FgBn73Tsa28fz519x70uqVk6k%2B31T%2BrPieg3Liw%2BgOU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaae63bb5e1c0a-OSL
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/market/img/payment.png

104.21.8.106

200 OK

15 kB

URL GET HTTP/3
downgoodsk.live/static/market/img/payment.png
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
PNG image data, 342 x 26, 8-bit/color RGBA, non-interlaced
Size
15 kB (14874 bytes)
Hash
d9e27afb8d07e73a5d78c58219db8284
2c8e0b0821ae555b66a6d9ad9d3f3a97d8164f99
1567d764b3ee71f11f52d807789d9a970c60dd195b39f2b295d476308d76aeb3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/img/payment.png HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: image/png
content-length: 14874
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: "3a1a-6055d10eca685"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQGSZB1vOByBg2X0doJV544Q6TiiWdM87eoll4L5TW6CLP9rZrsVIO%2BsVzdurfGc%2BB9uC1Z3IPksC%2FU7M%2FZ3xbJCWxJTJHGB50UXh%2BYFFYbX7%2FwQZYrkp77kd3jAF%2FdOWdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaae63bb601c0a-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css

104.17.25.14

200 OK

38 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (38108 bytes)
Hash
9a547188fa485f8ca9b2cc7d6d2524ef
7893335159a1f637eb24cd05aaba96ac156c7f65
897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433

HTTP Headers

GET /ajax/libs/vant/2.12.48/index.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css; charset=utf-8
content-length: 38108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-94dc"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 253772
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=glmAIeMNKB1lbhpAS5NT%2B6SiQ1SEmmw5lZUS55jGiRh1HKlEBtwb7xPRUpytRwst%2BO7%2BkwFmHa2OkxOHNMme3SQStcAz8oPnkfywuPs8LwnxfqeEVMdSQbhWuzP3ZbBinsHVW0TO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae63fe98b515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js

104.17.25.14

200 OK

68 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (57307)
Size
68 kB (67811 bytes)
Hash
0292da744fb4f768ae77370f868a674e
6dbafd633d187d11e2ef0a9a47044fd5646c70fb
068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468

HTTP Headers

GET /ajax/libs/vant/2.12.48/vant.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 67811
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-108e3"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 251788
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBVVnOfOBwxLs9ZFYs5lsq%2F4Nx%2Bts0kr2f5Uv7%2F6cx1DlWBpwGQdm4QqPiZANVJEgNYC9mMzmIDj4iaDsnhUjpguB97s8gItnDUl%2Fz4fe7Jg0sTVHXcwTSnXuL2T4wtndNC58agd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae641ec8b515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js

104.17.25.14

200 OK

50 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
50 kB (49876 bytes)
Hash
de581e420bf52d70e353080a13094ea8
7e727d99fea8c31c2f2e3173105d585ee3289d31
4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 49876
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-c2d4"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 253204
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AajLqXnz6pObzLUoJWCUFf595p2iCwk4QpLY5PA9qQnel2deZY%2BK6kTTUtnsBkvWcOWea8ITxlYChVijfhY1c%2FwKtfTZLdgCSoM5OanxZeq%2BQ%2BLJoZC8poi5oabEzRkE8Al021QT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae642ecfb515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js

104.17.25.14

200 OK

4.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14957)
Size
4.9 kB (4866 bytes)
Hash
5f4a59735ca9517d0478f395439bd517
f820c08cf114da8ec451e8eedc0da51dfcba5e02
ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9

HTTP Headers

GET /ajax/libs/vue-resource/1.5.3/vue-resource.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 4866
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c785b9-1302"
last-modified: Mon, 14 Jun 2021 16:37:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 251782
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azb5qKs6a0sCl%2FXFimhbOtDhx0zy0GRQt9KNpiICQoN65rLBP6pDxDJNvW4JFKkdWIfLAVhWaE9meuCnL8clm1cH1a5wYXE9lmVuopQqLi3LVpg03jdHH3mBf%2F9V028dVYEePivr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae641ebfb515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css

104.17.25.14

200 OK

3.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16213)
Size
3.9 kB (3945 bytes)
Hash
951eae8c8a442c2940c54d180301ed41
771518669a370d915adf0d207f2a22092a768cd1
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css; charset=utf-8
content-length: 3945
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-f69"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 248545
expires: Thu, 24 Apr 2025 18:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yV4p%2FAvq2AXujqsJaVDCNQHGGITVscSsOjDHTiH82mfe5Ic1FfXHKMtYSl9ciNi53r%2FskA9ozSXjLU5tJKTgnWS3IPrTPmUXKj8IYrIXj1orTp5qcFj9dP5yDxbRZ9zfA09Oq5Ug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87eaae642eccb515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

downgoodsk.live/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0

104.21.8.106

200 OK

248 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
248 kB (247960 bytes)
Hash
460a87515a875f40f12fce6252998712
d109154ba594fb13928ee769a833ef6a84eec026
23deb759ba0ace22a67a05c5b6df1ab1eab7b510718debc54925447b0de7d9ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://downgoodsk.live/static/your/css/font-awesome.min.css
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: font/woff2
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"12d68-6055d10ef2f03-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYPPN%2Fh82SujzFmhICEsndAWIwQzrtPvWNCXq4LaBUG00OFrRzjtRKfhW16JdEWcRsmOhXoBVquUCmz6VkHBxVc7BUTd9UWv2M%2F3SBVA9NC4a4ZL9MeqrwU2Yn6k1mdHESE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae67a8781c0a-OSL
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/opencart.css

104.21.8.106

200 OK

1.1 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/opencart.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text
Size
1.1 kB (1122 bytes)
Hash
6af40eff9c7c0646c617bf773fefa669
1738a1e96c289937fda2861d8c26217ee31f18d6
89736a467316752012bb0a952a094c5f943a387813ac1d8a51c224af21e1d4ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/opencart.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"77c-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brUQtLPSoLY9Q4AscOyxlkfjjzs3qUReEL%2BvvpV67Hjs1zH%2FQE5DUzJzE3t8uDqc8fVjhOsjaLLnMOCRG9oFaoApWaOLlXpvY2VKcZC7i%2FvabgtD%2BCkjUSddsQZ%2BADt33%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b201c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/jquery-ui.min.css

104.21.8.106

200 OK

11 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/jquery-ui.min.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (15129)
Size
11 kB (11263 bytes)
Hash
1f29bef8e189e09389ee650069da29d0
85ec0a5126e957e1f0596cf84010cf41e1fa321c
3d94f00ea8118cfa7a40019dd8696ebf16aebdd92f0ff5fec0411e97b8b7c44c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/jquery-ui.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"415a-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKiunYbGxSD9C22BP91bAgDNxh%2FL7znn4fELDE2Fl2Sc%2BfalbIH%2BE7SdmBza%2BiUN%2FnljN%2BwG2i%2Bn51yeH1JAQ%2FntdH9ZwqrRqIbdHYo%2FAAVAQIU2oqkrmyb%2BZQZ9NbOlpcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae639b231c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/default/css/iconfont.css

104.21.8.106

200 OK

9.6 kB

URL GET HTTP/3
downgoodsk.live/static/default/css/iconfont.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text
Size
9.6 kB (9553 bytes)
Hash
717c6e58da97df4ca9866d0cf9f1eecb
53b035e4136e3fcbf6d710633c10562bbb8fb1eb
8b3c92ce43d9af1d42ae13507d542ff6de94684152fec5f111c1e138db769d5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/css/iconfont.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"55c-6055d10ea1636-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CenfrxOcqcTcDeFA50sCKd%2BYCh5xyagtKqCQGlgQBmbt1HLuI8HaN1Sb34cFUnqe3Y6FcXUFzu6ka6TtlT5gIb3Hmpd7l7R8y7fem5uMAhKyH94Ld6sJ3NdNogcWBYWgREQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae639b3a1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/market/js/jquery.min.js

104.21.8.106

200 OK

41 kB

URL GET HTTP/3
downgoodsk.live/static/market/js/jquery.min.js
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JavaScript source, ASCII text, with very long lines (32061)
Size
41 kB (40565 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/js/jquery.min.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"14915-6055d10ecc1dd-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5ircloTxmhl5ZxVot1MGBz1aVf14xrfS6%2BYvcOWw0zKGhEbeGRsHQ8oPSfy%2BreIqiF2lkIQnoD7csiv64mXtee6MJ2YDdBwzkoGccramdUEAFihtAjKeaNyhz2aCi%2FqCLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae639b2d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/default/js/public.js

104.21.8.106

200 OK

4.4 kB

URL GET HTTP/3
downgoodsk.live/static/default/js/public.js
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
4.4 kB (4356 bytes)
Hash
53ceae9d8b9f4372ad101d91439cdbb7
662fa3a84762aee5bcb1da67ebbe2e37b3eeb79e
535ee4fa0189e79bd9a7d6ae4aa466180c4ac5b82b47647482ddce74587ce249

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/public.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"76f-6055d10ea54b7-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmDPRKlymbmI%2FYgqVThjS0qFqRkOsd5HiesSgxjntEhyz6jj2y5VhYcOwuLFXyy8qBgVg1Wv4tdBtYepyKZ7KKUa3ei1HiU0Dg08eHXnYMMAe5Z1c9tYd5JtGbnjlONYxIk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae63ab481c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/traffic_statistics?gurl=

104.21.8.106

200 OK

381 kB

URL GET HTTP/3
downgoodsk.live/traffic_statistics?gurl=
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
data
Size
381 kB (381293 bytes)
Hash
2847d26143b4cfb6d1831517905a46e3
c2eeb30371109bd405656cafc353ca5948da0659
bb7f050911008f1708e2891b7a988fe97480dd6278402d3c14837eb339a10133

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /traffic_statistics?gurl= HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:17 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IisvZXFNUW1EdHYyRmp4UUo2TW9QdUE9PSIsInZhbHVlIjoiZTdDWklYMGtOZVpDZ2ZoMXVMc2kxZTAvdEhiWnRSR1VFSHNUZFJkdkQvbnhlWlEwK3o3aDNpUnRhNm5oYTN4ekNXQ3FJRGl1TnN6NXBnZ0R2djFXaU93OVcyZHpZK3oyUGhtUXNSWVYvTVR3TWplZDBWUlZnaytPTGpXU1hQaUIiLCJtYWMiOiI5OWVlYTBiZjUwYTg5NDliMDcxMTUzMTYzY2VlYmY5OGJmNTNiNzhmODNkNTc1N2MwZWE2MjVhZGUxOWVlNWQxIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:17 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NhhRj0WnQO%2FUXy1cPhLVAUDJX5ynmOdqfFcUK30JGmhfbeCAVzLEHe%2FCDufr1%2FS5fwTl6gYcAx8qaIZ7IKY2kjHozQNCG%2BSyeyM8ev2crydqHdStqvSzJ37UIyoCPMaakFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae68da151c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/owl.carousel.min.css

104.21.8.106

200 OK

1.3 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/owl.carousel.min.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (2846)
Size
1.3 kB (1336 bytes)
Hash
de0dfbabe627afa1b718d848b6b58e97
73d8a692734089983b00005d99ef8e5e5b0dadeb
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/owl.carousel.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"b78-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SWSyFmMnbf96pNO4gdCSafPIMKW8Y1RDU9U1Mys3CBw6DhyLLrS%2FPPoH5ft8bq4dw0ClgX9eWgLxOMYSpB1JFRtmaZBJ1JvRs8urw3KbbPeDuZFgkmkjj41u3JTTmK6vdns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b071c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.redd.it/m0xgmjgc00d71.jpg

151.101.129.140

200 OK

461 kB

URL GET HTTP/2
i.redd.it/m0xgmjgc00d71.jpg
IP
151.101.129.140:443
ASN
#54113 FASTLY

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerDigiCert Inc
Subject*.redd.it
Fingerprint33:78:3E:06:F8:D9:1E:16:2B:2C:23:83:A1:19:F9:33:C7:B8:88:33
ValidityTue, 16 Jan 2024 00:00:00 GMT - Sat, 13 Jul 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2320x3088, components 3
Size
461 kB (461351 bytes)
Hash
6b5face38bbc96e0f320749d7b462e04
7d952c60d1fb21848c22b7734d75c229a1abd7a7
2b7fc91489fa538095eded332bdfa0ad2978513d8445de5331cba4918fa96307

HTTP Headers

GET /m0xgmjgc00d71.jpg HTTP/1.1
Host: i.redd.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Jul 2021 17:35:36 GMT
etag: "6b5face38bbc96e0f320749d7b462e04"
expires: Thu, 31 Dec 2037 23:59:59 GMT
x-amz-version-id: null
content-type: image/jpeg
x-canonical-filename-image-generation: 1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 May 2024 18:51:21 GMT
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 1.0, "failure_fraction": 1.0}
content-length: 461351
X-Firefox-Spdy: h2

assets.adidas.com/images/h_840,f_auto,q_auto,fl_lossy,c_fill,g_auto/684141223f17416f9541ac1c00062bc2_9366/3-Stripes_Quarter-Zip_Pullover_Black_GM0026_01_laydown.jpg

151.101.130.24

200 OK

5.3 kB

URL GET HTTP/2
assets.adidas.com/images/h_840,f_auto,q_auto,fl_lossy,c_fill,g_auto/684141223f17416f9541ac1c00062bc2_9366/3-Stripes_Quarter-Zip_Pullover_Black_GM0026_01_laydown.jpg
IP
151.101.130.24:443
ASN
#54113 FASTLY

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerGlobalSign nv-sa
Subjects1-san.cloudinary.com
Fingerprint37:A4:DE:A2:EE:EB:8C:78:8E:BC:6B:2E:1E:30:8C:3A:A7:0C:FD:E4
ValidityMon, 07 Aug 2023 16:54:08 GMT - Sat, 07 Sep 2024 16:54:07 GMT

File type
ISO Media, AVIF Image
Size
5.3 kB (5316 bytes)
Hash
3b5806fb8e165fc457086a2cd7054306
7e02e5d51cfe24fe832235102dae2f36ead8f294
6003d18b9154fc71e480005156e999542174e23f6f59864ae898b161d3b89904

HTTP Headers

GET /images/h_840,f_auto,q_auto,fl_lossy,c_fill,g_auto/684141223f17416f9541ac1c00062bc2_9366/3-Stripes_Quarter-Zip_Pullover_Black_GM0026_01_laydown.jpg HTTP/1.1
Host: assets.adidas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/avif
etag: "3b5806fb8e165fc457086a2cd7054306"
last-modified: Tue, 20 Jun 2023 06:58:29 GMT
date: Sat, 04 May 2024 18:51:21 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, max-age=86400
server-timing: cld-fastly;dur=211;cpu=1;start=2024-05-04T18:51:21.448Z;desc=miss,rtt;dur=28,content-info;desc="width=840,height=840,owidth=2400,oheight=2400,obytes=2700108",cloudinary;dur=88;start=2024-05-04T18:51:21.511Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5316
X-Firefox-Spdy: h2

s3.amazonaws.com/sandiego.com.br/catalog/product/cache/1/small_image/600x900/9df78eab33525d08d6e5fb8d27136e95/4/8/48344_1004-0019-05.jpg

52.217.133.0

200 OK

151 kB

URL GET HTTP/1.1
s3.amazonaws.com/sandiego.com.br/catalog/product/cache/1/small_image/600x900/9df78eab33525d08d6e5fb8d27136e95/4/8/48344_1004-0019-05.jpg
IP
52.217.133.0:443
ASN
#16509 AMAZON-02

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x900, components 3
Size
151 kB (150831 bytes)
Hash
087d2a6131c2e514b5fb431c73c74069
0cbe06d9f5392057ef210b163f063b91d25f56ef
daa5a41aacd82c73093e77fce091b789ad9bbc26b5aea5f15d4ec3e5d511423c

HTTP Headers

GET /sandiego.com.br/catalog/product/cache/1/small_image/600x900/9df78eab33525d08d6e5fb8d27136e95/4/8/48344_1004-0019-05.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: JvwGj2b4hlWroWAXOJlr+YNE1BOTusVRPvLe/FRI9Lpmw4UF1BVLRO327luCqRdyCY8nhpjy9/g=
x-amz-request-id: BGF811VW6TMXAMKY
Date: Sat, 04 May 2024 18:51:22 GMT
Last-Modified: Mon, 06 Jun 2022 14:22:57 GMT
ETag: "087d2a6131c2e514b5fb431c73c74069"
Cache-Control: max-age
Expires: Wed, 06 Jul 2022 14:22:56 GMT
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 150831

api.reveri.io/api/image/a19ade20-0e2a-4327-8f94-33ffd49d5032

20.49.104.4

200 OK

46 kB

URL GET HTTP/1.1
api.reveri.io/api/image/a19ade20-0e2a-4327-8f94-33ffd49d5032
IP
20.49.104.4:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerGoDaddy.com, Inc.
Subject*.reveri.io
FingerprintA7:99:CC:6A:33:FE:15:4B:4B:48:8F:2E:2F:F9:E3:91:F8:42:77:49
ValiditySun, 18 Jun 2023 10:59:52 GMT - Fri, 19 Jul 2024 10:59:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 800x789, components 3
Size
46 kB (45816 bytes)
Hash
4d29d458c708f1a1963b91b80e57061f
c7a14e32dfecc3e957052694a5b25b58e41afdda
5f17b6ba19dfbcc381c381c86e06e483fd9176423e73ac85371305ca59b55a92

HTTP Headers

GET /api/image/a19ade20-0e2a-4327-8f94-33ffd49d5032 HTTP/1.1
Host: api.reveri.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 45816
Content-Type: image/jpeg
Date: Sat, 04 May 2024 18:51:21 GMT
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=2592000
Request-Context: appId=cid-v1:d9a11eb6-c559-44cf-8d7e-585f307d93d4
X-Powered-By: ASP.NET

downgoodsk.live/api/item/randomByKeyword

104.21.8.106

200 OK

42 kB

URL POST HTTP/3
downgoodsk.live/api/item/randomByKeyword
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JSON text data
Size
42 kB (41791 bytes)
Hash
9316b4e686caf26ce282bce6a708e53e
b3c31700a9d77bfb72a520ce7406617867d2f837
2f4bf012453cb6632aaf93d30b9b0e496c73bf2e41ef8a650cc6ff336d151b2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api/item/randomByKeyword HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 90
Origin: https://downgoodsk.live
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkJWb1NZNVFSUnVYMWNPWlppc0tMQ0E9PSIsInZhbHVlIjoiU1dFTk5qK2RPbzBHeDFFcU5zdTRXZ1FPajdlRTNBODBpTnRMajlXM01PTGdtRGV1UkFhaUlzNjgwelJLV2NnQjRwNFVwK0pHVFZYM1FjUWEyazdpVEkvSXdZb1JYaVZFNzRZTnJkWTd0MjNtNlYwWFM3MkVINjNvWnhNTVpOWlMiLCJtYWMiOiI3MDNhOTBlOTI1MDMwOTMyZTRmODM5NGJkMjUzNzJjNzVhNGQ4NzExYTI1Mzg0YWQ1MzhiYjAwMmQwMzNkZmE2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:21 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IndlakQ2WUJBWGVZQXVObGlQYXNpWXc9PSIsInZhbHVlIjoiQzQxY2RJVmdTdCs4ekQ2UFVxZkNocEZ5OXg4Yi9CR3BRN2VCa3JPRG5OeHgyc0tIaFhhdzh2MEg3eGhKRm5CUVNkUGxnYnR5U0dCcEM2eEtjT29QL3I2UmZqQUZycytNZkpQSFRmZFlPNjQxTjRqK3Z5TTgzOFc5UjU0dWxYRUciLCJtYWMiOiI1ZTJhNzJmNDM4YTRjYzEwMTkxNzA4Y2Y2MWY2N2I1NTFmNjBmMTJmZTU3OWYwYmMyZDIxMzkzMTUxNmMwYzA3IiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7r2dAYIIsXiu75sjEGqkmKIgcnTYqhKfSlB3Clf%2Fq2zLQbn83EtcAGmgWox9Z1VACHNr6B7MzF%2FuCYPBk7SHqwB6M0AzE6j23IeS%2B7a%2BOicR7sJZsoiOzGuVaq%2Bk%2BzFt59A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae74c89c1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s3.amazonaws.com/images.gearjunkie.com/uploads/2020/09/1497_deercamp.jpg

52.217.133.0

200 OK

10 MB

URL GET HTTP/1.1
s3.amazonaws.com/images.gearjunkie.com/uploads/2020/09/1497_deercamp.jpg
IP
52.217.133.0:443
ASN
#16509 AMAZON-02

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 5760x3840, components 3
Size
10 MB (10192540 bytes)
Hash
165bdbb7377fdde01c12256052cbc236
13b3dbe21aa606574b0b74aa388711e28383a855
7065c27fc90d00dfb68530d7ee2cca6cf154d4c289c268b983785301d3bedc7d

HTTP Headers

GET /images.gearjunkie.com/uploads/2020/09/1497_deercamp.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: OyglsyNA/AjVShXc6qr6JKcHN/UTTj8I90LMHH+a+5ZCc0sI9QrBxyaK/k4QGEK7fBEceqqNPFE=
x-amz-request-id: BGF7XYH1EDTQY8FK
Date: Sat, 04 May 2024 18:51:22 GMT
Last-Modified: Thu, 17 Sep 2020 20:16:43 GMT
ETag: "165bdbb7377fdde01c12256052cbc236"
Cache-Control: max-age=31536000
Expires: Fri, 17 Sep 2021 20:16:42 GMT
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 10192540

downgoodsk.live/favicon.ico

104.21.8.106

200 OK

3.1 kB

URL GET HTTP/3
downgoodsk.live/favicon.ico
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JSON text data
Size
3.1 kB (3055 bytes)
Hash
a44c87b0d55afacf14c8327af92e948e
3ccbcb7c5e0d553ce51030580dec3732eb477f9d
a0587eb4f330926619e867180d0f81a594dde4e75ddd471d2f1414024c9163ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IisvZXFNUW1EdHYyRmp4UUo2TW9QdUE9PSIsInZhbHVlIjoiZTdDWklYMGtOZVpDZ2ZoMXVMc2kxZTAvdEhiWnRSR1VFSHNUZFJkdkQvbnhlWlEwK3o3aDNpUnRhNm5oYTN4ekNXQ3FJRGl1TnN6NXBnZ0R2djFXaU93OVcyZHpZK3oyUGhtUXNSWVYvTVR3TWplZDBWUlZnaytPTGpXU1hQaUIiLCJtYWMiOiI5OWVlYTBiZjUwYTg5NDliMDcxMTUzMTYzY2VlYmY5OGJmNTNiNzhmODNkNTc1N2MwZWE2MjVhZGUxOWVlNWQxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:18 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DP4w4fpTZfJpxx67SlR7EROnEBe3MnjpyP5E2oDBcVhkoNtrB14%2FGT1syfPCDId1tZhmJQoEZEEEX5WjVrEy%2BWRs9GlB4LdoYhse5hIY5IoJAzkkYL5nmgSHfMOewowFrDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae6d2f121c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Fi.ebayimg.com%252Fimages%252Fg%252FiCQAAOSwJa5kDYIB%252Fs-l1200.webp

104.21.8.106

200 OK

195 kB

URL GET HTTP/3
downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Fi.ebayimg.com%252Fimages%252Fg%252FiCQAAOSwJa5kDYIB%252Fs-l1200.webp
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JSON text data
Size
195 kB (194798 bytes)
Hash
755a9c7b24467f369b2e4c7de7a65d29
58203bf4761292e2ae1ec4ffc4f3691e23f0d231
1fa0c30fa4dc3f7006388f5293eb0a5cfea55e810a09a9261576f5e0a8ad8a79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Fi.ebayimg.com%252Fimages%252Fg%252FiCQAAOSwJa5kDYIB%252Fs-l1200.webp HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndlakQ2WUJBWGVZQXVObGlQYXNpWXc9PSIsInZhbHVlIjoiQzQxY2RJVmdTdCs4ekQ2UFVxZkNocEZ5OXg4Yi9CR3BRN2VCa3JPRG5OeHgyc0tIaFhhdzh2MEg3eGhKRm5CUVNkUGxnYnR5U0dCcEM2eEtjT29QL3I2UmZqQUZycytNZkpQSFRmZFlPNjQxTjRqK3Z5TTgzOFc5UjU0dWxYRUciLCJtYWMiOiI1ZTJhNzJmNDM4YTRjYzEwMTkxNzA4Y2Y2MWY2N2I1NTFmNjBmMTJmZTU3OWYwYmMyZDIxMzkzMTUxNmMwYzA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:22 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IkdRN3JSM1B3dkUyWXJDbFh2RGpRVWc9PSIsInZhbHVlIjoiQnlMeEJsbGRwTXNvc2JYaytaU0IyeHFuNys2c3VIUmFjNk1lMlZOdCs1NjEyd05maFB6STdhbXRWYXZKcUxZaXpjYVZEWGsxeGZYTGgxN0M4VW55Q2NQVkJza1pRbDlpcW9YcXRrM1R4STh4KzVITGhyVXcvc1F5dHQ4N3hCT0wiLCJtYWMiOiIyMzM2OTM3ZjY1YjcxNGEzMDdiOWFhYzhmNzEzNDZmODk4ZWZhYTU0NjNhMzZjM2FkNDMzZDRkYWJjMTUyMzVmIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:22 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNx2b%2FxpgbrI1neroZIvJCZ3SvJIfdW3c%2B8J%2FkEC3%2BiOXyKFm5izGKtmbTLJ%2BsCGG9TcAE1LxMwkCWwepaAsxQd%2FTdF15rpwBCKX45hWJJj%2BzKHUgphsGFTjeKoNj%2Bk3pK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae81bad81c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/api/cart/index

104.21.8.106

200 OK

5.4 kB

URL GET HTTP/3
downgoodsk.live/api/cart/index
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JSON text data
Size
5.4 kB (5449 bytes)
Hash
5e0f617f8c9758900c9eb72462e10207
269f6f9af785b3f29997b3241d8653a1340b01a4
af9632a94de6f3759c550ed97d55ca1b54ee125dd13863105e8aeb528f2dd1d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/cart/index HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
Authorization: 
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Im9KNDlkcXFCK0FNUTNGTlpSWmtIWkE9PSIsInZhbHVlIjoiTVFpQnlacGFvdC9uU3ZESUNremk1WmcxOVdGWXd2OXZHRmtjZmpJdTNmTmJUbC9xdytkNTVacUJBV0FvV3d4dEJwUGt5UVVyVzBQY1h2STdpbElONm5EN1BLZ2w4SXBSVkRMYytwRG5HeVp6b051YWhpOFZST2Z1cTRKYzJBQWgiLCJtYWMiOiIxMjYyNzE2MTZkNDcyMWI5N2RjYzRkNTVkZDk2MjVjNmI1NDM5MjA4MjNhNjE5MDFiODY2MGVhMGEwNzk5MTA2IiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:17 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qBFwAtnIfJgFS86eyHEoypy37XDPoLP4rDSc1uSg6lc2SZ0YkCHOJzyHIuhaGBCsYKKUccdAu93CWG%2BliC5taKi2qoGclzbH4qnfuNEZ2jWVt6v1HByGkSULXcOAx9Td0ds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae673fe01c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/api/item/secondCate

104.21.8.106

200 OK

76 kB

URL GET HTTP/3
downgoodsk.live/api/item/secondCate
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JSON text data
Size
76 kB (75632 bytes)
Hash
30435c13010b9a33a595e4563a42c5d6
47144e78f49499468c846ab00787a50c9cf65e7e
4ab398f36df6043a1fa0837b628f695f92b0b6f0544ae585572907ae3f7ef5e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/secondCate HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6InRLYU1UQ3AwV21ndVVMUE9KWGVjS3c9PSIsInZhbHVlIjoiZFNjdklyY3FmaHQ5T1FHb1ZvWFg0RjE4UUlxTGdneHpRd0N5YkZrMlkyQXMzQ1VYdGJiUFA3ZlVRRzZTTDJFeUFJM1VRZ2xkRFNYc1JrZE9wZDNwTkZuTk9WaHN2d1p4UHBHbWJaQ3JqcTNjRUlKZm0rRWJrZEtoaWh4dWFkNzEiLCJtYWMiOiJlYTc0YjVlMzA3NmQ1NTI3MmE3NGEzOGMzNDc0NDdkOTk5N2FjODcxOTQxNjc1MjcwOTQwMzc3YzhhNzE1YTUzIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:17 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5OzzXq63ah20bQE9ziFXT0sagrGtK%2FMWsKzwV3lUNQ%2FTKR7WrOn4BXf4LsPJ%2FgxNUSE551Jh60liODY2Bfysktj8MzsCSny17L2yHWfytdi9uJjBy33EPOnXgLTYsL9%2Fb1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae672fda1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ae01.alicdn.com/kf/S01c0b74979e149ac9b0ca322a982d1aaF/Airsoft-Paintball-Work-Clothing-Military-Shooting-Uniform-Tactical-Combat-Camouflage-Shirts-Cargo-Knee-Pads-Pants-Army.png

47.246.44.251

200 OK

40 kB

URL GET HTTP/2
ae01.alicdn.com/kf/S01c0b74979e149ac9b0ca322a982d1aaF/Airsoft-Paintball-Work-Clothing-Military-Shooting-Uniform-Tactical-Combat-Camouflage-Shirts-Cargo-Knee-Pads-Pants-Army.png
IP
47.246.44.251:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp
Size
40 kB (40460 bytes)
Hash
c3133739203afbff2b3efd365e0832db
81d11049e27ea3e47e377fbb55237b18e7ef3d3a
964c10378db9fdde784f858f1a6d6907f9d64e643366eb98a2998ded913c3d18

HTTP Headers

GET /kf/S01c0b74979e149ac9b0ca322a982d1aaF/Airsoft-Paintball-Work-Clothing-Military-Shooting-Uniform-Tactical-Combat-Camouflage-Shirts-Cargo-Knee-Pads-Pants-Army.png HTTP/1.1
Host: ae01.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/webp
content-length: 40460
date: Sat, 04 May 2024 18:51:22 GMT
traceid: 2ff62c9d17148486822815872e
last-modified: Thu, 17 Nov 2022 18:29:03 GMT
cache-control: max-age=86400000
access-control-allow-origin: *
eagleeye-traceid: 2ff62c9d17148486822815872e
strict-transport-security: max-age=0
timing-allow-origin: *, *
ali-swift-global-savetime: 1714848682
via: cache2.l2de2[410,410,200-0,M], cache9.l2de2[411,0], ens-cache18.se2[433,432,200-0,M], ens-cache9.se2[434,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 May 2024 18:51:22 GMT
x-swift-cachetime: 31104000
cdn-type: alibaba
eagleid: 2ff62c9d17148486822815872e
X-Firefox-Spdy: h2

downgoodsk.live/static/your/css/lightbox.css

104.21.8.106

200 OK

3.5 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/lightbox.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (3638), with no line terminators
Size
3.5 kB (3470 bytes)
Hash
313f1bf7c27b92bf95c8c5a09456017b
8cbc95754b0ca2df9ca15484a994a1a9989db819
b0ac5f3e113197f2a22d84177033a0e586247ada4ec1d0427137fb2a15b144af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/lightbox.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"d8e-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wsC0Avs9fOZooF5R6zs%2F93UKbt9r5u3pPV6JtXgLipT7Vsvyof1f%2BSOZkaB7Xw%2BztEwKNzMKxtzZDW%2BLlURudxLNyurCuzFOQDHmng3l7JR0aIyhC1wBJnU9x%2BG2x45gtk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae637b051c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/default/js/delighters.js

104.21.8.106

200 OK

2.6 kB

URL GET HTTP/3
downgoodsk.live/static/default/js/delighters.js
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
Unicode text, UTF-8 text, with very long lines (2931), with no line terminators
Size
2.6 kB (2635 bytes)
Hash
cea7916cd59794680bc1752664077410
d4422dde39ad8be545e06aa2885d86c1cf64eae4
4bca5b5d62a05152ccea31e00d2357202f87d7dded717de41ef17d5fec719ff9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/delighters.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"a4b-6055d10ea50cf-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0K3bFEwsQMuAh%2FcLtdfL0Vi%2FVG1xdvhSzwFHkabSoNOtjA8faxbyD8OupJf8m1zAjDkx0WFwqrdesrPjppP5xob3GDRb9Xy8li%2BepxRgC%2F9eDWw39MUWZ43LQAE8ClDMptI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae63bb5d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/stylesheet.css

104.21.8.106

200 OK

92 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/stylesheet.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (529)
Size
92 kB (91491 bytes)
Hash
9a06a247e039b7a8e36cc1059d7c5c39
4a42d4ebcf871ec3ac45c47eb1110462616f2390
8cab6c22f51f0c08736e6ef55849ad723519a715a79568b749f9123a074878b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/stylesheet.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"16563-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uKR6pgr2Ih4dzHtoTdl1%2BwRM75R1mFUynzCHyP7Y4h2pmAc%2FEADFZ4Ko3mHeO9ySdfg0sAot5LB9e1CaaxAO2SYPOPSZc3jJisURBRKRn3adENS0s8g4%2BDl96XEhBeCL1EE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b181c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

preview.redd.it/cr27nao7uxn21.jpg?auto=webp&s=8980b54a586f718d73138a51fc8d13067c287107

151.101.129.140

200 OK

381 kB

URL GET HTTP/2
preview.redd.it/cr27nao7uxn21.jpg?auto=webp&s=8980b54a586f718d73138a51fc8d13067c287107
IP
151.101.129.140:443
ASN
#54113 FASTLY

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerDigiCert Inc
Subject*.redd.it
Fingerprint33:78:3E:06:F8:D9:1E:16:2B:2C:23:83:A1:19:F9:33:C7:B8:88:33
ValidityTue, 16 Jan 2024 00:00:00 GMT - Sat, 13 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1536x2414, Scaling: [none]x[none], YUV color, decoders should clamp
Size
381 kB (381292 bytes)
Hash
3b4988389f04e082c8049f5721d9370a
94a6820bfb93c6526555daa05cbd903e7a54265f
900790f32092087f9c351fcc44336e0f2f60d035ef9d9486581be3db6e3897ec

HTTP Headers

GET /cr27nao7uxn21.jpg?auto=webp&s=8980b54a586f718d73138a51fc8d13067c287107 HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
content-type: image/webp
reddit-io-info: ifsz=442225 idim=1536x2414 ifmt=jpg ofsz=381292 odim=1536x2414 ofmt=webp
reddit-stats: io=1
x-envoy-upstream-service-time: 1059
x-imo-features: auto=webp
x-reddit-backend: 19c9ef79748590ad9aa38d61e4619c670768a73193aec6424a9f9b913b91
x-reddit-pod-ip: 10.99.19.70:8080
x-canonical-filename-image-generation: 1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Sat, 04 May 2024 18:51:19 GMT
vary: Accept,X-Imo-Features,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 381292
X-Firefox-Spdy: h2

downgoodsk.live/static/your/css/css.css

104.21.8.106

200 OK

61 B

URL GET HTTP/3
downgoodsk.live/static/your/css/css.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
2d963171282c4de9d6969472b23e47e3
1ea3d4ba9fe4b01b4edf5b7dcd20ac246d2187d8
87ed5a5a37969aa977d6f4fc16ae7a094bc1abc454307e011b65036646b4d3ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/css.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4A9kP8qestZ3ZXz13whRcqctdCzsB2tjEJIfDNh7%2FvGgvqIYhPjzrRxgnNd9JHJEJywfNto5djvOJVII3uxdchAWQCwSg95De49qADhT5alGKYWxkicHglq%2Bn0hV8LnJI2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae637af71c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/store/css/checkout.css

104.21.8.106

200 OK

4.8 kB

URL GET HTTP/3
downgoodsk.live/static/store/css/checkout.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (5046), with no line terminators
Size
4.8 kB (4824 bytes)
Hash
78004bf5e334b836b476f48fcb42d6b2
1b118f3acfd8329b2219397946fbdcdd2eb8a8a1
36ec4ba8f16410525a9046d41eab8c0acb179340bed5d10a795edb52fc899bb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/store/css/checkout.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Tue, 21 Nov 2023 09:40:24 GMT
etag: W/"12d8-60aa6645dbe96-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3pEok%2FeFgNuPP3dWChW%2FQt3G1MCIQuTNasPtFPvcNvyimU%2Bz7Osg11Oidc0CKofimzWMmIVS7B4gwejJVewvgNcyUePejw5UuplDRguAr90X3pTJpxFf1WmwKA3QyRi33Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae639b2b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/font-awesome.min.css

104.21.8.106

200 OK

31 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/font-awesome.min.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (30813)
Size
31 kB (30976 bytes)
Hash
ba098bc004de79c602b8a80093ecfb6d
07e2a0eae9e2a64f753638b5281b878b586f054d
ad6ed6588f8299f92680d0b1e7d3103621f713060409ac419094140e6fdaeb84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/font-awesome.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"7900-6055d10ef234b-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjb80RwPaEZODLqIvQMyUxAOir7l2zvhJxasMNYri6SeYUFB2VOiR%2Bvy%2BYkG6qMKWurvt9K1Wg00tCtEJ%2FL9ASHxGvN3wHONHXGHjHHUbLU0Sahwb39%2F2EOnRRMg5Y2XY5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae637afe1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/owl.theme.default.min.css

104.21.8.106

200 OK

936 B

URL GET HTTP/3
downgoodsk.live/static/your/css/owl.theme.default.min.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (941), with no line terminators
Size
936 B (936 bytes)
Hash
e781dd464fc6867934d0e6d39e490437
e5097e41900eab39cfba063f915261f09c96288f
c7872c41846b478f0977ef824a1ccc08911439c4c29a6055725cb5c8190fc872

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/owl.theme.default.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"3a8-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tup0OkjP6zYBSHW%2BuhrITB%2F2T5K23Xxg8mihroyzL6Di9GeNJmePKDt7FJ4Dm103xinh%2BIjhISyZp4JNkt7z%2FHAqiKD4H2JMfo7jViiIWjzK14XhFqyYanF7hL1U8eNely0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b0b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/default/js/delighters.js

104.21.8.106

200 OK

2.6 kB

URL GET HTTP/3
downgoodsk.live/static/default/js/delighters.js
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
Unicode text, UTF-8 text, with very long lines (2931), with no line terminators
Size
2.6 kB (2635 bytes)
Hash
cea7916cd59794680bc1752664077410
d4422dde39ad8be545e06aa2885d86c1cf64eae4
4bca5b5d62a05152ccea31e00d2357202f87d7dded717de41ef17d5fec719ff9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/delighters.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"a4b-6055d10ea50cf-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdVmzMnlvppQy5lKaLdV3KUdCL436recdYtmfcTSqephymz%2B8MQgeiBEuDYb%2F83SwsX%2BXGxg%2BwqCJdRjRYhfF7JQZXy7hLS2hVo93jicCBF5CN6ESEUA%2FGM4VjWezH7zXhE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae66ff801c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/api/item/info?id=67093225

104.21.8.106

200 OK

7.9 kB

URL GET HTTP/3
downgoodsk.live/api/item/info?id=67093225
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (8954), with no line terminators
Size
7.9 kB (7939 bytes)
Hash
0bf64738922aca11d09190e7f49c3b33
4eada62a4b68c85d58aeabde8cfd83b15509dc9c
3a5cad71b51a558b50bf1087670e1d78073e617262555eec651d29c19651df43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/info?id=67093225 HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:19 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IkJWb1NZNVFSUnVYMWNPWlppc0tMQ0E9PSIsInZhbHVlIjoiU1dFTk5qK2RPbzBHeDFFcU5zdTRXZ1FPajdlRTNBODBpTnRMajlXM01PTGdtRGV1UkFhaUlzNjgwelJLV2NnQjRwNFVwK0pHVFZYM1FjUWEyazdpVEkvSXdZb1JYaVZFNzRZTnJkWTd0MjNtNlYwWFM3MkVINjNvWnhNTVpOWlMiLCJtYWMiOiI3MDNhOTBlOTI1MDMwOTMyZTRmODM5NGJkMjUzNzJjNzVhNGQ4NzExYTI1Mzg0YWQ1MzhiYjAwMmQwMzNkZmE2IiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:19 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvC6CTcQAyVi7rt4qQ165sDajonPfXZwFKJDRyVvksPmItDVHMoWPPKhV90MHwuST6v3DhEfFhP0K8NaDEtBWgt%2FBFsZFgDdU0nMGka1SyImKp8LwEUwfsD0VjS3XIVgWgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae67c8b91c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/product_details/67093225.html

104.21.8.106

200 OK

76 kB

URL User Request GET HTTP/2
downgoodsk.live/product_details/67093225.html
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type

Size
76 kB (75833 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /product_details/67093225.html HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:16 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:16 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBtaHCAmgsJhUzjNP68gfxdfs1q1gmnTkwSNd%2FRPC1gnc09X%2FUBmQPitwoFvCzdy1Yxp02Rn2ypaLJrLI85MtciJz3MLa1WP9mm2OgQze8QWDr2aub6nQ1n4%2FIUyCJleYKw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae5f7c8956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D3975807799147800

104.21.8.106

200 OK

224 kB

URL GET HTTP/3
downgoodsk.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D3975807799147800
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JSON text data
Size
224 kB (224019 bytes)
Hash
fc50f3ca72f2e84651f50cca45139283
3c5a782c337adbe4b9322d5674ce9ead2d9295bb
102ddaa5d8ccf7a8480678565046ffb02c591d2820f8ecd6e70dc9ffbee978bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D3975807799147800 HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJ4OHQwcW9ocGNxaHRqY2VKamM4V3c9PSIsInZhbHVlIjoicVFUTWdxR0lTaGVnU2loQ0Jrdk1VSTdqdC9uSkZmT2EzelNudjdUYzN2QWNlcVo2S24xTUY1eWxyR2hjWm9GeHE1cEZkQmdwbHhRUERmbldNd1RCTVp0RC9UeWFoVS9MZ0svWHNLUys0SmU3VDNxVVFMa1lvTUZxRUYvKzg0dEIiLCJtYWMiOiJlZjc4MWQyODEzNmY3MmQzNjQ1YTczOGYzNmU4ZjM4MWE4NzQwNDkyZDhmYThjYWMxMDMxYjQzY2YxMzNmYTBlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndlakQ2WUJBWGVZQXVObGlQYXNpWXc9PSIsInZhbHVlIjoiQzQxY2RJVmdTdCs4ekQ2UFVxZkNocEZ5OXg4Yi9CR3BRN2VCa3JPRG5OeHgyc0tIaFhhdzh2MEg3eGhKRm5CUVNkUGxnYnR5U0dCcEM2eEtjT29QL3I2UmZqQUZycytNZkpQSFRmZFlPNjQxTjRqK3Z5TTgzOFc5UjU0dWxYRUciLCJtYWMiOiI1ZTJhNzJmNDM4YTRjYzEwMTkxNzA4Y2Y2MWY2N2I1NTFmNjBmMTJmZTU3OWYwYmMyZDIxMzkzMTUxNmMwYzA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:23 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IklMZmxJYVhpVG5HVTBHU2NZdkZCT1E9PSIsInZhbHVlIjoiemJXK2JPa2xRTjQ0UlA0K2cvQ2d2dzh2Zm9WeTB1dCsvSEsrQXl2T3dEYVd6MlF4MDNkTE1IYTBMbUFaZ0JKMDNrTU0wQitZMHZsdHRFbXJ0VHlaL25QZ1d0dkk2TTNibVQxOVk5alBFbUxpK01walc1a3E3UXNSL1dBa0hFV0ciLCJtYWMiOiI2MDRjMGI3YzQ2Mzg1MmQ5ZjAzNWVjNjc0N2ZhOWVjMDZiZTg3MTYxNTYzN2IzNjRmMTc1YzRiZDUwMTdhYWZjIiwidGFnIjoiIn0%3D; expires=Sat, 04-May-2024 20:51:23 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6VuMdeiXlWf%2F2LxIoSRWclarWVmS5i2RqV02T3eV8cNAo6nxgzkc0%2F%2F79sM3o8Htn9U6Q2jYONZJgFtv8ZrTwUEfa%2Fad2YC6rjBHgy%2B25dix0IU%2FBbna7bMugzZXj3AErU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae81cae01c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/swiper.min.css

104.21.8.106

200 OK

18 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/swiper.min.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (17459)
Size
18 kB (17759 bytes)
Hash
6af34d0737ad0ca608111771cf74cc79
15d0417baa08a741c6aee19fdfbf4813635f98f8
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/swiper.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"455f-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCv%2F10ralO7HOAKw%2FnW41O4akprpDvl%2FyYblXdXt3NdtrcdvaflthcUt88EOHwBK70MmlSL4IVPOJ1tbIG1j9tbhQoRIK5RSmdvGEb21Bor0an0B2fHl0ElbrFtf0iacj34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b1d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/default/js/vue.min.js

104.21.8.106

200 OK

94 kB

URL GET HTTP/3
downgoodsk.live/static/default/js/vue.min.js
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65449)
Size
94 kB (94151 bytes)
Hash
b21b8531847604ab5f2f5caaef51ba31
da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/vue.min.js HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"16fc7-6055d10ea6458-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ONahDgpD8Zzj5wVYPTiihjIe%2FEVw6O3823FAH7KYpKm5CpZvQ%2FQB1zfSqBP7vcjeFuBudPn3%2BPV3ZTFqHdelOUyRvNZmB3jlxQRLer7S3aXeE4W6RIcvd8ZewBDO%2FwYS%2BLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae63ab461c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/bootstrap.min.css

104.21.8.106

200 OK

120 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/bootstrap.min.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (65371)
Size
120 kB (119508 bytes)
Hash
3fc294a6e2e1cdcc652fc702f0ecda80
87fdf5f58d2bc3bd19940403f33a2a7f9869c446
ff95d530a782ce6fa179cd74b1da4a39764e9405666f5aaeed2f34aa9c66ce66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/bootstrap.min.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"1d2d4-6055d10ef234b-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g60YwJv9abDk4bCUBviajBlFY3mNWKTHmUyYMZfmac7spwM2WosjXiLyyDeqbikWVFxdqei07QryFkVFkj6yZXm9tZB5dMUC788tjCwvPr4IROUBTUe3yIu5%2BwgBKaHroqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae637b001c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/magnific-popup.css

104.21.8.106

200 OK

7.7 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/magnific-popup.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (8049), with no line terminators
Size
7.7 kB (7686 bytes)
Hash
ff38520855bf32e67380f0c900e6e71a
33dbded62e37764281e0d5bcc38e48d77760a20d
7b5d633f10e5f270180f5fd9198be0406dfeed30a183f142f3b657fe3c4c6d1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/magnific-popup.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"1e06-6055d10ef36d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRRE0IbZ7DgELPA7thhGbtJRxRzRgRIXjmF8jWVl5lREC66aDuYmAgFFEzjPx43MBmMNSj4kTcMc1LUSa8T%2Bb5hVqPs%2B9peuN0Pqi7eaOi9JsTM90wHx6VAOhQNd%2FROqB5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b141c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/css/animate.css

104.21.8.106

200 OK

58 kB

URL GET HTTP/3
downgoodsk.live/static/your/css/animate.css
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
ASCII text, with very long lines (460)
Size
58 kB (58273 bytes)
Hash
77a5c1c68584ef4f63535fd1b8f9ea8a
d0700bd7ef9ef7b5c17f7ae46930dabb23e18f81
a8b27255a12c6f055e0df480753920dbfda0f4057f0d701b5d715e03a550a46b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/animate.css HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://downgoodsk.live/product_details/67093225.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:16 GMT
content-type: text/css
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: W/"e3a1-6055d10ef1f63-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRfubtD595p9SWAzf0Lzyi0%2Bo8XvzWXGW9U4JSX5v2XFI62KBorRVtOQF1dDLumWAZtwJg%2FnUFye5k%2FjyIacj39md5y6XqWhib8txRaukIhq1Kc6kGLD8Hycq3jyMq2jIRM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eaae638b191c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downgoodsk.live/static/your/img/footer-bg.jpg

104.21.8.106

200 OK

171 kB

URL GET HTTP/3
downgoodsk.live/static/your/img/footer-bg.jpg
IP
104.21.8.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://downgoodsk.live/product_details/67093225.html
Certificate
IssuerLet's Encrypt
Subjectdowngoodsk.live
Fingerprint5D:43:79:41:BD:68:DF:D3:57:18:1E:70:CB:CC:1F:06:49:BE:F8:34
ValiditySat, 06 Apr 2024 01:33:59 GMT - Fri, 05 Jul 2024 01:33:58 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x425, components 3
Size
171 kB (170800 bytes)
Hash
01aad85abef2e701361ee4ded47754e4
cc6770719c0b7639740145824e048f339340c0c7
73eb0994db66a8e45749f3fd6b0b5d32416d5654eb867f0bf9819a6cd65e8aba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/img/footer-bg.jpg HTTP/1.1
Host: downgoodsk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://downgoodsk.live/static/your/css/stylesheet.css
Cookie: XSRF-TOKEN=eyJpdiI6IjJxQkFkVDNKWTREZmNQZnBYL2duYXc9PSIsInZhbHVlIjoiOHdrdjl4bzVFRU5wSHBnY0dSaE9WTDVkQUZheUdPWDltYnRMazlhTWFoZ1A0L1MyQXZneUJ3c3B6OEMvYzR0ZEdDRXdmdWxuWGVPY2xIS3NVYW1leklhTU9wVFU2K3dTNUdqNTFhOExYTVBlamEwYXdPQ1RnRmxIa1dYbzZUd3AiLCJtYWMiOiJlMWJlYmNmNjc0YTdlMDY4MmYyMGE4NmYzZTQxMDVkM2Q2NmU5ZjIyNjYzMjY3Nzc2NTJkNzM3ZDc3ZmY3N2FiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9wd2hsNG1wQ0dVa0pqbUhqTWdiRmc9PSIsInZhbHVlIjoiYWxhR0xYL3RRZ0hEN2x0MW5rWEdlakpicUE3c1ZjdGg5TzBzaVlRUnhnVVJjVjYxZHNLTjNvMDJxMXNMbFNUdXRDQ0k3b2VtdkI2NmRHbEdZSUFKRE4rYjEyS1pkalJVVEppWnd1N1NlMUdINE5xdjVIMEFkNzBRR2VOZDBXR2UiLCJtYWMiOiI3Y2RhMGNmYzU5YmE1NWQyZTkzYzcwMzZlMTE4NDliMGE0ZmZhMGZjYmNkZjRkNjMyNzAyNzg4M2YwMTJiOWUzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:51:17 GMT
content-type: image/jpeg
content-length: 170800
last-modified: Fri, 15 Sep 2023 03:05:34 GMT
etag: "29b30-6055d10ef5de4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1740
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mrgh8I8iDou770F09I4nrkweFHxjP0QP3jPJlScq32PuIMdeE6k%2FiUY%2FLh19XZOYIaBcT0SsAuW3v9oxD0NpO%2F6AvwlIzwKJ5r5DxjmTpgnPVI9YxmG%2FOeB%2B8v%2FCVGTQCLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eaae68da181c0a-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (49)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash