Report - czzkea.com/checkouts/af5ce59ca3a43268b7ade9bd3f1430f2?isShowCart=1&step=contact

Report Overview

Submitted URL
czzkea.com/checkouts/af5ce59ca3a43268b7ade9bd3f1430f2?isShowCart=1&step=contact_information
IP
47.251.80.194
ASN
#45102 Alibaba US Technology Co., Ltd.
Submitted
2024-05-18 10:41:22
Access
public
Website Title
Pagar - Amazon
Final URL
www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
img.shopymn.com	unknown	2023-07-04	2023-11-13	2024-05-08	1.4 kB	56 kB	103.160.204.8
czzkea.com	unknown	2024-03-14	2024-04-14	2024-04-15	1.3 kB	926 kB	47.251.80.194
fonts.shopymn.com	unknown	2023-07-04	2023-08-02	2024-05-08	1.1 kB	742 kB	103.160.204.248
www.czzkea.com	unknown	unknown	No data	No data	12 kB	785 kB	47.251.80.194
at.alicdn.com	11137	2008-06-25	2013-11-28	2024-05-16	518 B	46 kB	47.246.44.184
static.shopymn.com	unknown	2023-07-04	2023-08-02	2024-05-08	6.9 kB	3.5 MB	103.160.204.8

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed
2024-05-18	medium	czzkea.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information	1.2 kB	2023-05-08	2024-05-31
Pretty URL www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information IP 47.251.80.194 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 16:18:51 Last Seen2024-05-31 00:16:01 Times Seen106 Hash 7e90ec925a6f835b69d76067e6f6616b d5d9c2c79d4ca7977e2cb550ac750910fa5da122 a2e3d8f1f419be3c8db4ae14470148d3ff70fc4a641c667066ee46a222dc04bb Loading...

	www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information	93 kB	2023-05-08	2024-05-31
Pretty URL www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information IP 47.251.80.194 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 16:18:52 Last Seen2024-05-31 00:16:01 Times Seen108 Hash 7a34bac967d41453f8c5365300579bff 381d929643ba853db61763a1a628570d42ad88c2 1e2b86546eefbf5fadc5bd0d91541a0eea41692d91caf231466604e14688d176 Loading...

	www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information	29 kB	2023-05-08	2024-05-31
Pretty URL www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information IP 47.251.80.194 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 16:18:52 Last Seen2024-05-31 00:16:01 Times Seen107 Hash a62336188f106b3464ccd74381900d42 815bd294ba83cce61e6272dd1b1278d7c6ea3ff2 7dccdf73e4500a672418b70945b1d572435cbe43fd94daec43b14711731613fc Loading...

	static.shopymn.com/liquid/buyer/public/js/plug/vendor.min.js?t=20240506183654	100 kB	2024-05-02	2024-05-20
Pretty URL static.shopymn.com/liquid/buyer/public/js/plug/vendor.min.js?t=20240506183654 IP 103.160.204.8 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 05:42:21 Last Seen2024-05-20 14:44:18 Times Seen32 Hash 5ec56d35f912444d1c18f2ef0db7c6b1 79c0bf28a02e219ca4b28595a618f0bec04b3b10 ad3d29776c4da92f7cb645421d1403754da4f3b810608d139b0e974211579c74 Loading...

	static.shopymn.com/liquid/buyer/public/js/lib/countriesLocales.js?t=20240506183654	1.3 MB	2024-02-01	2024-05-20
Pretty URL static.shopymn.com/liquid/buyer/public/js/lib/countriesLocales.js?t=20240506183654 IP 103.160.204.8 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-01 22:46:41 Last Seen2024-05-20 14:44:18 Times Seen36 Hash f548e9f5e159f70021b9ac8597c0e363 4befd7715bf12c3d7a27bb69fa63f7047c834bd1 f5c577e8f1c9b9afd180fc6b66c9606baf63955b3dafc5784f5e7518ad69ad30 Loading...

	static.shopymn.com/liquid/buyer/public/js/plug/libphonenumber-js.min.js?t=20240506183654	143 kB	2023-08-03	2024-05-20
Pretty URL static.shopymn.com/liquid/buyer/public/js/plug/libphonenumber-js.min.js?t=20240506183654 IP 103.160.204.8 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-03 18:09:29 Last Seen2024-05-20 14:44:18 Times Seen39 Hash c7ea95919b74675307be44e29ec68e75 fd313cef5f324ec17cffd4bb5c1cab5ca95e0f0c 658e0c356123fcb9e829eb0ae302316f61d34db0a9d55beb618a609bdf4c88aa Loading...

	www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information	10 kB	2023-05-08	2024-05-31
Pretty URL www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information IP 47.251.80.194 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 16:18:52 Last Seen2024-05-31 00:16:01 Times Seen107 Hash 5b8df02f422d05562169468e18cab3c6 f784ee38c626996121c187828478e83703b2bef5 5071f48119d5e8b9b883ade4f54add571678dd8f2ca7156a43471a32ef612850 Loading...

	static.shopymn.com/liquid/buyer/public/js/lib/event.js?t=20240506183654	5.9 kB	2023-03-09	2024-05-31
Pretty URL static.shopymn.com/liquid/buyer/public/js/lib/event.js?t=20240506183654 IP 103.160.204.8 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:09:17 Last Seen2024-05-31 00:16:01 Times Seen136 Hash a0fad9ba8040bb1a064b8d7b0835ce25 ac0145a183e52050c437de07d578a88b0186bb1b 8621aebc858f5777ae5a04bb469b60d26eaa097300b522b2d8c83f23ffd6bd36 Loading...

	www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information	40 B	2023-03-09	2024-05-31
Pretty URL www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information IP 47.251.80.194 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 01:27:16 Last Seen2024-05-31 00:16:01 Times Seen94 Hash 92c473e6747aea4277402b2e67b1a49c dd88d4a0cf4fa4305a5765eb777e0c639bea63de 4afe29449a3b43b993cf63e97d4646082a54ed4cefb950fd0bf631d7ec8ddeb1 Loading...

	www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information	62 B	2023-05-08	2024-05-31
Pretty URL www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information IP 47.251.80.194 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 16:18:52 Last Seen2024-05-31 00:16:01 Times Seen101 Hash 96f0c9d0a161026ac3e6f72921fa0640 3471f453af6e6f30d3317522c0cdefeb37313917 a4cc493ec016ad85a4450781578020eade3c338803ac2e550fec2ba8c6248a20 Loading...

	www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information	2.8 kB	2024-05-02	2024-05-20
Pretty URL www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information IP 47.251.80.194 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 09:52:47 Last Seen2024-05-20 14:44:18 Times Seen31 Hash a61f67067dba2cc45babbfc1a3103808 ad3da96eab3cba64e3ebcef4b19cd30d209336e2 3544475135b178b5ec05fc6591fb9a7d7b4bb7a3719779aa9e18e1b20c2eeddb Loading...

	static.shopymn.com/liquid/buyer/public/js/plug/Swiper.js	125 kB	2023-03-07	2024-05-31
Pretty URL static.shopymn.com/liquid/buyer/public/js/plug/Swiper.js IP 103.160.204.8 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:54 Last Seen2024-05-31 00:16:02 Times Seen294 Hash d4ff815d60c83028c87324f6fce8e634 c8032fe56b5c847d2fa83d448810728e7f628900 bd701c6685c39c2d8fa3fa663823006dc49086ea7a058ba316214ea9736c05dd Loading...

	static.shopymn.com/liquid/buyer/public/js/lib/index.js?t=20240506183654	948 kB	2024-05-11	2024-05-20
Pretty URL static.shopymn.com/liquid/buyer/public/js/lib/index.js?t=20240506183654 IP 103.160.204.8 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 08:39:13 Last Seen2024-05-20 14:44:18 Times Seen14 Hash 2cb10d32477cddb82fd0ac2b0aaccdc6 d6cf528e066da841daaae563cf546d4d71cf279d 7054bd564d209c8c5dc66e93344dc812e7e40089f5e486ecb08a550ac3e3cc81 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 40800b67a49326f20c7b5b805a0bd142	18 B	2023-03-08	2024-05-23
Pretty Observations First Seen2023-03-08 13:39:31 Last Seen2024-05-23 22:50:58 Times Seen85 Hash 40800b67a49326f20c7b5b805a0bd142 b469ef0764f7e4682fcfe739b6d45473a065e6d0 54eb0f94fb99af0b39e04ec84eb198501bf049eb60b2686e5fc96e5ee1720825 Loading...

HTTP Transactions (35)

URL IP Response Size

static.shopymn.com/liquid/buyer/public/img/methods-load.png

103.160.204.8

200 OK

3.3 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/img/methods-load.png
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
PNG image data, 74 x 74, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3318 bytes)
Hash
b8958a96b9962bfcdef04b8eae05f306
0495cfbafbae5a1887a4f361c8a00a12489535a7
90d45f9bee456487cd3a84f6dc4348e02d38a02b6b81cf3459a017bdaf54de58

HTTP Headers

GET /liquid/buyer/public/img/methods-load.png HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/png
content-length: 3318
last-modified: Mon, 06 May 2024 06:55:52 GMT
etag: "66387ef8-cf6"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
cf-cache-status: HIT
age: 43355
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b3b5f4f831c0a-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/img/cnpj.png

103.160.204.8

200 OK

34 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/img/cnpj.png
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
PNG image data, 340 x 212, 8-bit colormap, non-interlaced
Size
34 kB (33501 bytes)
Hash
f0f847080e0d94c7c86f6b4ae29edb3a
d26daf937d4eedeb99140c613a07185eb0cd6a66
6ed699cd22bce381364525e877dc4e37a5a0c8bf128e0a3b6208c8a0563fc25e

HTTP Headers

GET /liquid/buyer/public/img/cnpj.png HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/png
content-length: 33501
last-modified: Mon, 06 May 2024 06:55:52 GMT
etag: "66387ef8-82dd"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
cf-cache-status: HIT
age: 218538
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b3b5f4f7c1c0a-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/img/cpf.png

103.160.204.8

200 OK

48 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/img/cpf.png
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
PNG image data, 340 x 212, 8-bit colormap, non-interlaced
Size
48 kB (48547 bytes)
Hash
07652b64d8878934aea6872dcf70817b
9c2d6d2ed351c87fbc5b55be90863ba5f3cad3e7
d07723eceb05f493889dcff6789ea8caca8f6bd1e6d58eeed7c7443e4fee8303

HTTP Headers

GET /liquid/buyer/public/img/cpf.png HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/png
content-length: 48547
last-modified: Mon, 06 May 2024 06:55:52 GMT
etag: "66387ef8-bda3"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
cf-cache-status: HIT
age: 248904
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b3b5f4f7d1c0a-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/img/shippingMethods.png

103.160.204.8

200 OK

3.4 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/img/shippingMethods.png
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
PNG image data, 109 x 65, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3403 bytes)
Hash
f849600db5f92b8bafd376c94adfe2d7
f20467971f8f8ef25e956047efbb614d0f948b1f
232509482052c22cb79b9cd2350ec3bb323258bb62c9b765a94c74138bf9e124

HTTP Headers

GET /liquid/buyer/public/img/shippingMethods.png HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/png
content-length: 3403
last-modified: Mon, 06 May 2024 06:55:52 GMT
etag: "66387ef8-d4b"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
cf-cache-status: HIT
age: 331421
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b3b5f4f801c0a-OSL
X-Firefox-Spdy: h2

img.shopymn.com/uploader/f4cc279519e30d9416381a327424bc6d.jpg

103.160.204.8

200 OK

5.7 kB

URL GET HTTP/2
img.shopymn.com/uploader/f4cc279519e30d9416381a327424bc6d.jpg
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
PNG image data, 216 x 64, 8-bit/color RGBA, non-interlaced
Size
5.7 kB (5678 bytes)
Hash
91723ce4aa6d76d6bcf3c02abaf121ef
2af15229c08d14466511b8109f43aeedec16576c
bce33812bf1547e66d16211fab42fc100affc89316c349a84aac39802c292853

HTTP Headers

GET /uploader/f4cc279519e30d9416381a327424bc6d.jpg HTTP/1.1
Host: img.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/jpeg
content-length: 5678
cf-bgj: h2pri
content-md5: kXI85Kptdta888AquvEh7w==
etag: "91723CE4AA6D76D6BCF3C02ABAF121EF"
last-modified: Mon, 19 Feb 2024 05:45:56 GMT
x-oss-hash-crc64ecma: 641587910895986355
x-oss-object-type: Normal
x-oss-request-id: 662F15369979C7343349FFA9
x-oss-server-time: 63
x-oss-storage-class: Standard
cf-cache-status: HIT
age: 30179
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b3b5f5f951c0a-OSL
X-Firefox-Spdy: h2

czzkea.com/checkouts/af5ce59ca3a43268b7ade9bd3f1430f2?isShowCart=1&step=contact_information

47.251.80.194

302 Found

204 kB

URL User Request GET HTTP/2
czzkea.com/checkouts/af5ce59ca3a43268b7ade9bd3f1430f2?isShowCart=1&step=contact_information
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
gzip compressed data, from Unix
Size
204 kB (204142 bytes)
Hash
edb64599c9cc425247945784e1ed666b
d35afbcdc531a8bd0be1afc4a11a8b1d79f205b1
53ba3f49864e907df9c23c738816beefa6b922efadf9bf0752fd87a3aa7a3db4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checkouts/af5ce59ca3a43268b7ade9bd3f1430f2?isShowCart=1&step=contact_information HTTP/1.1
Host: czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty
date: Sat, 18 May 2024 10:40:54 GMT
content-type: text/html; charset=UTF-8
location: https://czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:54 GMT; Max-Age=86400; path=/; domain=czzkea.com; HttpOnly
utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; expires=Mon, 17-Jun-2024 10:40:54 GMT; Max-Age=2592000; path=/; domain=czzkea.com; HttpOnly
X-Firefox-Spdy: h2

fonts.shopymn.com/liquid/buyer/public/css/font/Roboto-Regular.ttf

103.160.204.248

200 OK

172 kB

URL GET HTTP/2
fonts.shopymn.com/liquid/buyer/public/css/font/Roboto-Regular.ttf
IP
103.160.204.248:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob
Size
172 kB (171676 bytes)
Hash
3e1af3ef546b9e6ecef9f3ba197bf7d2
dd1b1db13ff1f72138c134c62f38fef83749f36a
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

HTTP Headers

GET /liquid/buyer/public/css/font/Roboto-Regular.ttf HTTP/1.1
Host: fonts.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: application/octet-stream
content-length: 171676
last-modified: Mon, 06 May 2024 06:55:52 GMT
etag: "66387ef8-29e9c"
access-control-allow-origin: https://www.czzkea.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
cf-cache-status: HIT
age: 230770
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b3b62f8bd0b51-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/img/payment/maestro.svg

103.160.204.8

200 OK

175 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/img/payment/maestro.svg
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
gzip compressed data, from Unix
Size
175 kB (175187 bytes)
Hash
0e0d0e9c32a5875722cb008dbafcc53d
f03ae51e9d3331d809269b3380d3cf85dca9506c
403dccf32916110b6676eac57f8ae5a832d1135f9e33ac1b6b0018974081e60d

HTTP Headers

GET /liquid/buyer/public/img/payment/maestro.svg HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/svg+xml
last-modified: Mon, 06 May 2024 06:55:52 GMT
vary: Accept-Encoding
etag: W/"66387ef8-20a8"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 304711
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f4f8a1c0a-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/img/payment/visa1.svg

103.160.204.8

200 OK

571 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/img/payment/visa1.svg
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
gzip compressed data, from Unix
Size
571 kB (570795 bytes)
Hash
c34a2fee6eec2ddbdacd231800e01fb2
a0f3beda01aed48bc4c1c60b1c6a48c00ee0e31d
ca68f6d1b553de1405f4400d7a888f2629b04d3393776d283752aebbff078979

HTTP Headers

GET /liquid/buyer/public/img/payment/visa1.svg HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/svg+xml
last-modified: Mon, 06 May 2024 06:55:52 GMT
vary: Accept-Encoding
etag: W/"66387ef8-e1e"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 304711
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f4f861c0a-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/js/plug/vendor.min.js?t=20240506183654

103.160.204.8

200 OK

70 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/js/plug/vendor.min.js?t=20240506183654
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
gzip compressed data, from Unix
Size
70 kB (69965 bytes)
Hash
dd019e21970002edf80cab3e41dfa903
e0c209b5e099d7571ac12e5320c30454845f3f63
29193dbe6fcd382419c4c4515bdacdd11f9ec24f0a5a3b0369e10a4980ee5e4d

HTTP Headers

GET /liquid/buyer/public/js/plug/vendor.min.js?t=20240506183654 HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 06:55:42 GMT
vary: Accept-Encoding
etag: W/"66387eee-1886f"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 428914
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f5f971c0a-OSL
X-Firefox-Spdy: h2

www.czzkea.com/buyer/checkout

47.251.80.194

200 OK

50 kB

URL POST HTTP/2
www.czzkea.com/buyer/checkout
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
gzip compressed data, from Unix
Size
50 kB (49526 bytes)
Hash
fa0a10e1cdd9a2e8108290597af05a9a
9b2942d21d8bfbfb0911bc0bc5a700ec0b3c9532
a61db8d5154d379b67cac58c8193c92e81ac32535aee5fc09e50a82820fa49fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /buyer/checkout HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 289
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:57 GMT; Max-Age=86400; path=/; domain=www.czzkea.com; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

www.czzkea.com/buyer/order/order-cache-billing-info

47.251.80.194

200 OK

1.0 kB

URL POST HTTP/2
www.czzkea.com/buyer/order/order-cache-billing-info
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
gzip compressed data, from Unix
Size
1.0 kB (1044 bytes)
Hash
0ed9f4af104033fc43b9beea8538d701
c3b340dcfabf3517273c351ee2096cdcbe2a916e
1e74fba46f4959d87d0331f9f899525b4ac0659ef32b2569ff5b5c9a64b578eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /buyer/order/order-cache-billing-info HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 2
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:57 GMT; Max-Age=86400; path=/; domain=www.czzkea.com; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

www.czzkea.com/payment/asiabill-local/get-pay-way

47.251.80.194

200 OK

9.6 kB

URL POST HTTP/2
www.czzkea.com/payment/asiabill-local/get-pay-way
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
gzip compressed data, from Unix
Size
9.6 kB (9617 bytes)
Hash
98d1b901d154b4cb60ece5ca52c5bfa1
50741dbd70d7711b45605e8041563efee722d394
fdfec31180321854a3383fb1091aab0a63e9e9f85346dd23918f69d581d3475c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /payment/asiabill-local/get-pay-way HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 17
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:57 GMT; Max-Age=86400; path=/; domain=www.czzkea.com; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/js/lib/index.js?t=20240506183654

103.160.204.8

200 OK

948 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/js/lib/index.js?t=20240506183654
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type

Size
948 kB (948430 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /liquid/buyer/public/js/lib/index.js?t=20240506183654 HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 06:55:47 GMT
vary: Accept-Encoding
etag: W/"66387ef3-e78ce"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 428914
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f8fbe1c0a-OSL
X-Firefox-Spdy: h2

www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information

47.251.80.194

200 OK

721 kB

URL User Request GET HTTP/2
www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type

Size
721 kB (720927 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:55 GMT; Max-Age=86400; path=/; domain=www.czzkea.com; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

at.alicdn.com/t/c/font_871426_xa0zaxz404.woff2?t=1699608289611

47.246.44.184

200 OK

45 kB

URL GET HTTP/2
at.alicdn.com/t/c/font_871426_xa0zaxz404.woff2?t=1699608289611
IP
47.246.44.184:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44732, version 1.0
Size
45 kB (44732 bytes)
Hash
07ecc14b8254f9b0c6aab1e7826fadd3
c2239d0178f18ef65a2813755f691ef527f11113
12ef551e68f7b89f5eb4f8358c763eaf31155cb051f6829a43135f408857dae6

HTTP Headers

GET /t/c/font_871426_xa0zaxz404.woff2?t=1699608289611 HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 44732
date: Tue, 02 Apr 2024 08:36:39 GMT
x-oss-request-id: 660BC397E3367F3634438AFE
vary: Origin
accept-ranges: bytes
etag: "07ECC14B8254F9B0C6AAB1E7826FADD3"
last-modified: Fri, 10 Nov 2023 09:24:49 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2761910849886444616
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: B+zBS4JU+bDGqrHngm+t0w==
x-oss-server-time: 3
ali-swift-global-savetime: 1712046999
via: cache20.l2de2[0,10,200-0,H], cache17.l2de2[12,0], ens-cache19.se2[0,7,200-0,H], ens-cache1.se2[9,0]
age: 3981857
x-cache: HIT TCP_HIT dirn:1:90891639
x-swift-savetime: Sat, 11 May 2024 06:16:11 GMT
x-swift-cachetime: 27742828
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9517160288569735875e
X-Firefox-Spdy: h2

img.shopymn.com/uploader/5ae4ebfd939b9cdcba4aa1b8b39bdfb02f755b77.jpg

103.160.204.8

200 OK

48 kB

URL GET HTTP/2
img.shopymn.com/uploader/5ae4ebfd939b9cdcba4aa1b8b39bdfb02f755b77.jpg
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
JPEG image data, progressive, precision 8, 700x700, components 3
Size
48 kB (47650 bytes)
Hash
8097362e5db1d9c8a7c5650c80401208
331134aeb311ac2d496bef2f0bc4224bc1a09971
89624e475ea11913ae2dc07cc7878039e6b6431a589fe8d6c86abd2d9010e419

HTTP Headers

GET /uploader/5ae4ebfd939b9cdcba4aa1b8b39bdfb02f755b77.jpg HTTP/1.1
Host: img.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:57 GMT
content-type: image/jpeg
content-length: 47650
cf-bgj: h2pri
content-disposition: inline; filename="56717e5cadd61f6273645ffc17d466fe44e95863_567"
content-md5: gJc2Ll2x2cinxWUMgEASCA==
etag: "8097362E5DB1D9C8A7C5650C80401208"
last-modified: Tue, 20 Feb 2024 06:17:44 GMT
x-oss-hash-crc64ecma: 4219830363884027695
x-oss-object-type: Normal
x-oss-request-id: 664500478BAF673937141B2D
x-oss-server-time: 49
x-oss-storage-class: Standard
cf-cache-status: HIT
age: 230770
expires: Sat, 18 May 2024 14:40:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b3b676ef11c0a-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/img/payment/paypal.svg

103.160.204.8

200 OK

5.4 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/img/payment/paypal.svg
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
SVG Scalable Vector Graphics image
Size
5.4 kB (5398 bytes)
Hash
2244986fb43a676097459fcce0dce22c
3c4dd5c7bd27fcf8c900617db33122d17d744f14
2fd387058bd67dfcec920922f331961b4a06d174377dc812a4a23f893da6bc84

HTTP Headers

GET /liquid/buyer/public/img/payment/paypal.svg HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/svg+xml
last-modified: Mon, 06 May 2024 06:55:52 GMT
vary: Accept-Encoding
etag: W/"66387ef8-1516"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 304711
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f4f841c0a-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/img/payment/mastercard.svg

103.160.204.8

200 OK

12 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/img/payment/mastercard.svg
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type

Size
12 kB (12166 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /liquid/buyer/public/img/payment/mastercard.svg HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/svg+xml
last-modified: Mon, 06 May 2024 06:55:52 GMT
vary: Accept-Encoding
etag: W/"66387ef8-2f86"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 319249
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f4f881c0a-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/img/payment/AmericanExpress.svg

103.160.204.8

200 OK

10 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/img/payment/AmericanExpress.svg
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type

Size
10 kB (10501 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /liquid/buyer/public/img/payment/AmericanExpress.svg HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: image/svg+xml
last-modified: Mon, 06 May 2024 06:55:36 GMT
vary: Accept-Encoding
etag: W/"66387ee8-2905"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 304711
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f4f8e1c0a-OSL
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/js/plug/Swiper.js

103.160.204.8

200 OK

125 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/js/plug/Swiper.js
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65269)
Size
125 kB (124671 bytes)
Hash
d4ff815d60c83028c87324f6fce8e634
c8032fe56b5c847d2fa83d448810728e7f628900
bd701c6685c39c2d8fa3fa663823006dc49086ea7a058ba316214ea9736c05dd

HTTP Headers

GET /liquid/buyer/public/js/plug/Swiper.js HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 06:55:36 GMT
vary: Accept-Encoding
etag: W/"66387ee8-1e6ff"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 319147
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f4f7a1c0a-OSL
X-Firefox-Spdy: h2

www.czzkea.com/buyer/express/get-phone-rules

47.251.80.194

200 OK

64 B

URL POST HTTP/2
www.czzkea.com/buyer/express/get-phone-rules
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
5135df079fd0a7b931041792ee96e650
7c796fffa3e64b9471d09bee32fe40fd674914b8
01ad9ca562e42f39e2cbf23d37943f85c279f9b8789e032d58843819667b36e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /buyer/express/get-phone-rules HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:57 GMT; Max-Age=86400; path=/; domain=www.czzkea.com; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

www.czzkea.com/sl.png?ul=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&ht=www.czzkea.com&lp=true&sr=direct&rl=&s=567&u=274612359&ev=PageView&fu=c196d2582563d4f29c99b959843685fb&p=orders&ts=1716028856869&cd=%7B%7D&utmso=&utmmd=&utmcp=&utmct=&utmtm=&lib=JS&latest_ref=&latest_url=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&customer_id=&is_login=false&session_id=s.1.1716028856870.f15b9f4e496238

47.251.80.194

200 OK

70 B

URL GET HTTP/2
www.czzkea.com/sl.png?ul=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&ht=www.czzkea.com&lp=true&sr=direct&rl=&s=567&u=274612359&ev=PageView&fu=c196d2582563d4f29c99b959843685fb&p=orders&ts=1716028856869&cd=%7B%7D&utmso=&utmmd=&utmcp=&utmct=&utmtm=&lib=JS&latest_ref=&latest_url=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&customer_id=&is_login=false&session_id=s.1.1716028856870.f15b9f4e496238
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
ASCII text, with no line terminators
Size
70 B (70 bytes)
Hash
6ead198554c0d08245ef09f90978f247
c53aa12a7a507d43673fdcd5ad4d0de2e2c68225
84ae4688965bb1862d333e50e86d9a1baa9ab463803e9e09d45196339f2f24d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sl.png?ul=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&ht=www.czzkea.com&lp=true&sr=direct&rl=&s=567&u=274612359&ev=PageView&fu=c196d2582563d4f29c99b959843685fb&p=orders&ts=1716028856869&cd=%7B%7D&utmso=&utmmd=&utmcp=&utmct=&utmtm=&lib=JS&latest_ref=&latest_url=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&customer_id=&is_login=false&session_id=s.1.1716028856870.f15b9f4e496238 HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.czzkea.com/buyer/user/ip-detail

47.251.80.194

200 OK

154 B

URL POST HTTP/2
www.czzkea.com/buyer/user/ip-detail
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
154 B (154 bytes)
Hash
f4a49638f7f420805c664baf2bdecd81
4a16ebbbbcd1578bc88bdfd1383aa12f146f7d8d
b78f08be4973c27ab94c9168a4f7e9f94a5e7aa7d692a3896c7b73ef94ceabd8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /buyer/user/ip-detail HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:57 GMT; Max-Age=86400; path=/; domain=www.czzkea.com; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/js/plug/libphonenumber-js.min.js?t=20240506183654

103.160.204.8

200 OK

143 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/js/plug/libphonenumber-js.min.js?t=20240506183654
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type

Size
143 kB (142752 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /liquid/buyer/public/js/plug/libphonenumber-js.min.js?t=20240506183654 HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 06:55:52 GMT
vary: Accept-Encoding
etag: W/"66387ef8-22da0"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 422705
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f5f9b1c0a-OSL
X-Firefox-Spdy: h2

czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information

47.251.80.194

302 Found

721 kB

URL User Request GET HTTP/2
czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type

Size
721 kB (720927 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information HTTP/1.1
Host: czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty
date: Sat, 18 May 2024 10:40:54 GMT
content-type: text/html; charset=UTF-8
location: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:54 GMT; Max-Age=86400; path=/; domain=czzkea.com; HttpOnly
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/js/lib/countriesLocales.js?t=20240506183654

103.160.204.8

200 OK

1.3 MB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/js/lib/countriesLocales.js?t=20240506183654
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type

Size
1.3 MB (1340170 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /liquid/buyer/public/js/lib/countriesLocales.js?t=20240506183654 HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 06:55:52 GMT
vary: Accept-Encoding
etag: W/"66387ef8-14730a"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 218538
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f5f9a1c0a-OSL
X-Firefox-Spdy: h2

www.czzkea.com/buyer/user/user-capi

47.251.80.194

200 OK

64 B

URL POST HTTP/2
www.czzkea.com/buyer/user/user-capi
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
5135df079fd0a7b931041792ee96e650
7c796fffa3e64b9471d09bee32fe40fd674914b8
01ad9ca562e42f39e2cbf23d37943f85c279f9b8789e032d58843819667b36e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /buyer/user/user-capi HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 604
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:57 GMT; Max-Age=86400; path=/; domain=www.czzkea.com; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

www.czzkea.com/sl.png?ul=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&ht=www.czzkea.com&lp=false&sr=direct&rl=&s=567&u=274612359&ev=InitiateCheckout&fu=c196d2582563d4f29c99b959843685fb&p=orders&ts=1716028857510&cd=%7B%22content_ids%22%3A%5B19043282%5D%2C%22content_type%22%3A%22product%22%2C%22currency%22%3A%22MXN%22%2C%22value%22%3A650%2C%22num_items%22%3A1%7D&utmso=&utmmd=&utmcp=&utmct=&utmtm=&lib=JS&latest_ref=&latest_url=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&customer_id=&is_login=false&session_id=s.1.1716028856870.f15b9f4e496238

47.251.80.194

200 OK

70 B

URL GET HTTP/2
www.czzkea.com/sl.png?ul=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&ht=www.czzkea.com&lp=false&sr=direct&rl=&s=567&u=274612359&ev=InitiateCheckout&fu=c196d2582563d4f29c99b959843685fb&p=orders&ts=1716028857510&cd=%7B%22content_ids%22%3A%5B19043282%5D%2C%22content_type%22%3A%22product%22%2C%22currency%22%3A%22MXN%22%2C%22value%22%3A650%2C%22num_items%22%3A1%7D&utmso=&utmmd=&utmcp=&utmct=&utmtm=&lib=JS&latest_ref=&latest_url=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&customer_id=&is_login=false&session_id=s.1.1716028856870.f15b9f4e496238
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
ASCII text, with no line terminators
Size
70 B (70 bytes)
Hash
6ead198554c0d08245ef09f90978f247
c53aa12a7a507d43673fdcd5ad4d0de2e2c68225
84ae4688965bb1862d333e50e86d9a1baa9ab463803e9e09d45196339f2f24d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sl.png?ul=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&ht=www.czzkea.com&lp=false&sr=direct&rl=&s=567&u=274612359&ev=InitiateCheckout&fu=c196d2582563d4f29c99b959843685fb&p=orders&ts=1716028857510&cd=%7B%22content_ids%22%3A%5B19043282%5D%2C%22content_type%22%3A%22product%22%2C%22currency%22%3A%22MXN%22%2C%22value%22%3A650%2C%22num_items%22%3A1%7D&utmso=&utmmd=&utmcp=&utmct=&utmtm=&lib=JS&latest_ref=&latest_url=https%3A%2F%2Fwww.czzkea.com%2Fcheckouts%2Ffc418d2d7fd54502cc8692ed5154775b%3FisShowCart%3D1%26step%3Dcontact_information&customer_id=&is_login=false&session_id=s.1.1716028856870.f15b9f4e496238 HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: image/png
X-Firefox-Spdy: h2

img.shopymn.com/uploader/44b78704c4d877c446f98611420ca968fd27d0df.png

103.160.204.8

200 OK

844 B

URL GET HTTP/2
img.shopymn.com/uploader/44b78704c4d877c446f98611420ca968fd27d0df.png
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
844 B (844 bytes)
Hash
ebe165a306ba9ce5a90f6b6608c001f2
4b7b6a9da122d5894fdb02120b4772615bbfd822
8749c4391c239bead97907b4fcc9118f89ea2fa7f1b3c0a6c1f409284a2fb6ef

HTTP Headers

GET /uploader/44b78704c4d877c446f98611420ca968fd27d0df.png HTTP/1.1
Host: img.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:57 GMT
content-type: image/png
content-length: 844
x-oss-request-id: 66311FC15EDFF633335AEE3B
etag: "EBE165A306BA9CE5A90F6B6608C001F2"
last-modified: Thu, 01 Feb 2024 09:00:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1671446559661409097
x-oss-storage-class: Standard
content-disposition: inline; filename="1706778048-QQ%E5%9B%BE%E7%89%8720240201170015"
content-md5: 6+Flowa6nOWpD2tmCMAB8g==
x-oss-server-time: 103
cf-cache-status: HIT
age: 286169
expires: Sat, 18 May 2024 14:40:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b3b6948591c0a-OSL
X-Firefox-Spdy: h2

www.czzkea.com/buyer/plugin/count-down

47.251.80.194

200 OK

270 B

URL POST HTTP/2
www.czzkea.com/buyer/plugin/count-down
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (313), with no line terminators
Size
270 B (270 bytes)
Hash
82ea1141f7e372efc25d5fc2977cac02
3378cf65c9a2e1123158756dfb4cfda2991fb6cb
1200bdf4f14c146ce9b771116057154edb56670e3c0d3f2473b13ed1673f3390

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /buyer/plugin/count-down HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 64
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:57 GMT; Max-Age=86400; path=/; domain=www.czzkea.com; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

www.czzkea.com/buyer/user-center/get-address

47.251.80.194

200 OK

48 B

URL POST HTTP/2
www.czzkea.com/buyer/user-center/get-address
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
48 B (48 bytes)
Hash
5d3353d1d05e6e0ed6145f106c67af5a
93f2313861f8bbba0f6b50a13bafee8fa61fd50d
1c844f14e3b7033cbbefe8cf3eef709ab1cce2c7249eb6b55aaaff7898612958

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /buyer/user-center/get-address HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 2
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.shopymn.com/liquid/buyer/public/css/font/HelveticaNeue.ttf

103.160.204.248

200 OK

569 kB

URL GET HTTP/2
fonts.shopymn.com/liquid/buyer/public/css/font/HelveticaNeue.ttf
IP
103.160.204.248:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
TrueType Font data, 17 tables, 1st "FFTM", 40 names, Macintosh
Size
569 kB (568916 bytes)
Hash
704296a1703d25d7285a8025b4cf7e7b
f1429b867bdd486f2b98dc26bd3fcae2e981df87
3981fe60f06501b3f691f2382b2d301fc958da391937995c6304a28c1ccebafb

HTTP Headers

GET /liquid/buyer/public/css/font/HelveticaNeue.ttf HTTP/1.1
Host: fonts.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: application/octet-stream
content-length: 568916
last-modified: Mon, 06 May 2024 06:55:52 GMT
etag: "66387ef8-8ae54"
access-control-allow-origin: https://www.czzkea.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
cf-cache-status: HIT
age: 230769
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 885b3b62f8ba0b51-OSL
X-Firefox-Spdy: h2

www.czzkea.com/buyer/user/user-capi

47.251.80.194

200 OK

64 B

URL POST HTTP/2
www.czzkea.com/buyer/user/user-capi
IP
47.251.80.194:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerLet's Encrypt
Subjectczzkea.com
Fingerprint1E:10:A4:60:85:F4:90:1C:AE:E3:66:BE:33:A3:ED:53:2C:7E:EF:42
ValidityTue, 02 Apr 2024 07:26:52 GMT - Mon, 01 Jul 2024 07:26:51 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
5135df079fd0a7b931041792ee96e650
7c796fffa3e64b9471d09bee32fe40fd674914b8
01ad9ca562e42f39e2cbf23d37943f85c279f9b8789e032d58843819667b36e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /buyer/user/user-capi HTTP/1.1
Host: www.czzkea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 497
Origin: https://www.czzkea.com
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Cookie: ssid=567; utuni=ecc82a4792891dc07aaaa86263299d334f0609079ff97e4e163220ac75523fe2a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A274612359%3B%7D; ssid=567; client_id=1716028856621180; ga_utm={"isShowCart":"1","step":"contact_information"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 18 May 2024 10:40:57 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
set-cookie: ssid=567; expires=Sun, 19-May-2024 10:40:57 GMT; Max-Age=86400; path=/; domain=www.czzkea.com; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

static.shopymn.com/liquid/buyer/public/js/lib/event.js?t=20240506183654

103.160.204.8

200 OK

5.9 kB

URL GET HTTP/2
static.shopymn.com/liquid/buyer/public/js/lib/event.js?t=20240506183654
IP
103.160.204.8:443
ASN
#209242 Cloudflare London, LLC

Requested by
https://www.czzkea.com/checkouts/fc418d2d7fd54502cc8692ed5154775b?isShowCart=1&step=contact_information
Certificate
IssuerGoogle Trust Services LLC
Subjectshopymn.com
Fingerprint75:71:AB:AC:6D:56:64:81:5E:9F:67:BC:8E:25:04:DA:71:00:05:42
ValiditySat, 04 May 2024 06:26:12 GMT - Fri, 02 Aug 2024 06:26:11 GMT

File type
JavaScript source, ASCII text, with very long lines (6316), with no line terminators
Size
5.9 kB (5908 bytes)
Hash
d96a8508c24412e794dae93c0797dc7f
35d7bc323ee85b0c764f93b4d222b2e863f530c5
3c7762edd1e19b88d29d745e8fe522c09b4585e5304d192e0d65e2e5fca4928a

HTTP Headers

GET /liquid/buyer/public/js/lib/event.js?t=20240506183654 HTTP/1.1
Host: static.shopymn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.czzkea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 18 May 2024 10:40:56 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 06:55:52 GMT
vary: Accept-Encoding
etag: W/"66387ef8-1714"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 428914
expires: Sat, 18 May 2024 14:40:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 885b3b5f7fb71c0a-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML