Report - salepeaket.live

Report Overview

Submitted URL
salepeaket.live
IP
104.21.38.171
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 19:08:10
Access
public
Website Title
Online Store
Final URL
salepeaket.live/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
74

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
149346886.v2.pressablecdn.com	820133	2019-05-08	2019-12-13	2024-01-18	458 B	332 kB	192.0.77.39
www.filecroco.com	unknown	2013-05-10	2017-02-06	2024-03-11	425 B	81 kB	172.67.144.157
www.indianhealthyrecipes.com	249422	2012-09-18	2013-04-21	2023-12-01	442 B	73 kB	2.21.240.20
satijalab.org	unknown	2014-07-30	2014-12-31	2023-10-17	449 B	448 B	75.2.60.5
p16-sign.tiktokcdn-us.com	1274	2021-08-18	2021-09-18	2024-04-13	544 B	1.1 kB	23.204.152.20
www.palindrometech.com	unknown	unknown	No data	No data	444 B	230 kB	52.86.25.220
imgv2-1-f.scribdassets.com	42675	2009-08-31	2015-09-14	2024-02-28	446 B	51 kB	151.101.66.152
images.oreillyauto.com	52676	unknown	No data	No data	427 B	26 kB	104.110.15.105
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-17	2.0 kB	170 kB	104.17.24.14
i.ytimg.com	109	2007-12-11	2012-10-03	2024-04-17	1.3 kB	241 kB	216.58.207.214
lh5.googleusercontent.com	157	2008-11-17	2012-05-22	2024-04-06	524 B	16 kB	142.250.74.129
www.mcrsafety.com	unknown	2003-07-15	2012-08-19	2023-06-14	423 B	1.9 MB	66.192.228.168
ae01.alicdn.com	7254	2008-06-25	2015-11-26	2024-04-15	438 B	15 kB	47.246.44.250
merchbar.imgix.net	280824	2011-06-23	2019-04-05	2024-02-14	453 B	213 kB	151.101.130.208
www.babycubby.com	990985	2005-10-02	2014-07-15	2024-03-27	463 B	222 kB	23.227.38.74
salepeaket.live	unknown	unknown	No data	No data	44 kB	3.8 MB	104.21.38.171
static.wixstatic.com	5648	2013-04-10	2013-06-07	2024-04-15	521 B	17 kB	54.230.111.85

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed
2024-04-17	medium	salepeaket.live	Sinkholed

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	unknown	303 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:30 Times Seen13 Hash 28e6020b593ddcc1ed5f62e0875d7e48 170114850b2228b38f087530b9baf9370f285dcb f9579e2db05a7e4b072593dd0c4c5bb2aa3e0880c9dbc7524f8e0d1c2aace3fb Loading...

	salepeaket.live/traffic_statistics?gurl=	0 B	2023-03-07	2024-04-30
Pretty URL salepeaket.live/traffic_statistics?gurl= IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-30 18:56:46 Times Seen37223333 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	salepeaket.live/static/market/js/jquery.min.js	84 kB	2023-03-07	2024-04-30
Pretty URL salepeaket.live/static/market/js/jquery.min.js IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-30 18:30:48 Times Seen13886 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	unknown	169 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:30 Times Seen22 Hash ef210ca63758a5c527614ecb062779e6 a837e8e3690859da53f344a34707c998794eef21 2695864485c5f4a69cc03bb77c46e7890253bdeb6129a87d8158cda9b9fc5cbe Loading...

	unknown	183 B	2024-04-17	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:17 Times Seen1 Hash 8043814f69a8de1093c1eef7b1d523aa a04bde1f71c9c00890b176f8a1802cd2191f384a a0b5515076f4999e75a552017049979975bf44288a5d0ba78fbc6f5d7736319e Loading...

	unknown	1.7 kB	2024-04-17	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:17 Times Seen1 Hash 15d502954181d15bec1c5c16a908e5a1 929bf6bd550299ef5483f396265897d6f53242a8 793057434c791ea34b542b46d72b74f526bcfc0e3e7dd2e54a3b46ced477d24c Loading...

	salepeaket.live/	543 B	2023-11-03	2024-04-26
Pretty URL salepeaket.live/ IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen22 Hash 7522976f970077f1a808fe762a7e06a6 924a3e0922dd6d59d942f36e965a607a3720f992 d533860458eb73ade8fc419d1f6486297309665cb4edfb979f825493698079b1 Loading...

	cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js	279 kB	2023-03-07	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:31 Last Seen2024-04-30 16:47:03 Times Seen236 Hash 0292da744fb4f768ae77370f868a674e 6dbafd633d187d11e2ef0a9a47044fd5646c70fb 068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468 Loading...

	unknown	291 B	2024-04-17	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:17 Times Seen1 Hash 666e0f5905321d036322e1bb233e89f2 814981643d3bfe0aa1e516e60e940cc16526be95 69288f109484d8bf545287bc0b0a7feb853815e3c9f640995ada0a039fb0bda1 Loading...

	salepeaket.live/	8.6 kB	2024-04-17	2024-04-17
Pretty URL salepeaket.live/ IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:17 Times Seen1 Hash b2cbdb784976d2b4b4245620f49681d6 f38705873012969fa193498cce5623f9af39a795 5f75ebcfcf18e1ffd30b01729023a3ddf3808ce4438a5f9731608f83631f13d4 Loading...

	unknown	868 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen21 Hash 422bb6aa46f23a2a350068e2aac58762 0c814f0e50381800467b1d138913c05a19757304 6aafd2d65c2d12f8799c5a11f0d12ac110d33e18da9cf50b0e35a042a1302d43 Loading...

	unknown	138 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen21 Hash 9a94ae7fe21fea8494e9bcf6bb519b06 a8fa90d1fcb4eb7ed3bf8ea1122cacd25a352819 5a70584b716034fe0ca13de7b57199ec25c237d545721601d151ef50d38e7bf9 Loading...

	unknown	50 B	2023-04-12	2024-04-30
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 00:31:29 Last Seen2024-04-30 16:47:03 Times Seen754 Hash 67a516f6876a6d5a6acd917aabe0571f 3cafb807a2d7fcf75a5092484795de52336ae1d0 cb909329532746539d41f5fe0c5f508bbf8191744c706dd5969753aa14948bc3 Loading...

	salepeaket.live/static/default/js/vue.min.js	94 kB	2023-03-07	2024-04-30
Pretty URL salepeaket.live/static/default/js/vue.min.js IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:40 Last Seen2024-04-30 16:47:04 Times Seen1172 Hash b21b8531847604ab5f2f5caaef51ba31 da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17 Loading...

	salepeaket.live/static/default/js/public.js	1.9 kB	2023-03-12	2024-04-30
Pretty URL salepeaket.live/static/default/js/public.js IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-04-30 16:47:03 Times Seen141 Hash 53ceae9d8b9f4372ad101d91439cdbb7 662fa3a84762aee5bcb1da67ebbe2e37b3eeb79e 535ee4fa0189e79bd9a7d6ae4aa466180c4ac5b82b47647482ddce74587ce249 Loading...

	unknown	6.4 kB	2024-04-17	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:17 Times Seen1 Hash cab2f75bb220e0d24601805cfe6a8846 f3e0fa872db3bee690a0a92278c6332681949997 971d6e0f95ea884955ac2d8ecc5b0e08b82876ed7ab3906a036b4d6ad75d019a Loading...

	unknown	512 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen12 Hash e1f386d6516c0db1d3bc1f4b63a5ba81 f180277f3e5491d0597c6f7f009210e17dca75e9 3d26f6e0055061b50e149c0ad76b6b2f15bd0c4bee763be329b942014d1e4919 Loading...

	salepeaket.live/	9.2 kB	2024-04-17	2024-04-17
Pretty URL salepeaket.live/ IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:17 Times Seen1 Hash abc370e687b1a932fd1126792d580612 8070229f37dca7f77fe22d06051c300dbe0732a9 32bf67c2c31ea61cb08939276c518d3354104324c6828504ec0cc9d8451d19fa Loading...

	salepeaket.live/	10 kB	2024-04-17	2024-04-17
Pretty URL salepeaket.live/ IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:17 Times Seen1 Hash b1fcd74bed205c68d316bd848c5f46e0 803b8ee5339b5f156199c48b3084e46ff5fb9333 39c3a0ee7c2ac3d25afbf18d8007712c4d23efd4915b9f171bb87731b6549568 Loading...

	unknown	112 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen22 Hash f4db1827fe4259b9dc5853871bc6045e 639adc0619832cd922f888b7a9dbdc35c9416ab0 88fa931d9cb6eb5bee5d361b3063bd8c3b1213e4c0e588a56a0a26f3ae9919e9 Loading...

	unknown	138 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen21 Hash 84b225eff2b105156f8078ed21ff8b64 41b652a36aa6a9952be991ef5114630019dd4336 67ad89b536424cc38a04ab343466949ddc40c946075fbc141cb0417aab44938d Loading...

	salepeaket.live/	765 B	2024-04-17	2024-04-17
Pretty URL salepeaket.live/ IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:17 Times Seen1 Hash 31617ce1d48767c69a08d2837c9de0a6 2a90dbd9bb8c2f65caf6ff11a871bb94263f72df f2069bdf0307e7c59227db31906ba074a78da6c4f74f6898a589e1dd1180ebd6 Loading...

	unknown	110 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen13 Hash 87ffe49bbe3e28294b4417fe23ce5521 5202ffee41d1006c44029ef4d5d163f4e9232e8c b3f130dc25bc52a1841a767266bcb48774163c509bb57af1e5d5354f1e41503a Loading...

	unknown	117 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:30 Times Seen13 Hash e113009d6ff208b75e3a98b89de75953 97d6b22872399aaa7001d212e5b76a75cfe2f2df c043a2c23ff807b13df90c80fc323989cb7059ce59973b44c8afdf5cce2120aa Loading...

	cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js	15 kB	2023-03-12	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-04-30 16:47:03 Times Seen240 Hash 5f4a59735ca9517d0478f395439bd517 f820c08cf114da8ec451e8eedc0da51dfcba5e02 ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9 Loading...

	unknown	223 B	2024-04-17	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:17 Times Seen1 Hash b7d3fe11856daa34c3b63f90006069e7 a279f5477adae9e09c7e62dea125beb1c17df7e9 4f45377e10980cc429b6c824bf0541914dd55c433042bc66af31b36ee8f7dbc4 Loading...

	unknown	172 B	2024-04-17	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-17 21:08:17 Last Seen2024-04-17 21:08:18 Times Seen1 Hash 8454cef5b0d420f3f434fbd755e07dfc e3a17d73283721678f761b38e01d62790a7f952e c685779431526fe42c4be059334a7ed2c55c545d526b7d6887c38fbc5b3508e4 Loading...

	unknown	2.5 kB	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen13 Hash f03f5b17ec5c6051671257ddd2018eea 7f74ad67e4db332f3c7ab88417f7449cba7240a2 f31054763242a40a799d3ef8c93394cbef4e71823ff46712c2678f59fb804ed0 Loading...

	salepeaket.live/	2.0 kB	2024-04-17	2024-04-17
Pretty URL salepeaket.live/ IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 21:08:18 Last Seen2024-04-17 21:08:18 Times Seen1 Hash 1f878b6304194996c68e02b6aacab7b9 956ea39ca1088f7bd291e739744462a9d6397bf6 371301e82318e977133c530d8f03745906e43fbc161541b40555f62a98ce92aa Loading...

	salepeaket.live/	79 B	2023-03-12	2024-04-30
Pretty URL salepeaket.live/ IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-04-30 16:47:03 Times Seen111 Hash a71ddf2ef16448b1a9a116c9969bb84a 38f0cfe879b01e50b2022a5b46ccebe972b57afa f81cdd71a100042bdbdd3a8d1fa89581bc7763e26f2ff6eb7bbefda85e9143a3 Loading...

	unknown	2.1 kB	2024-04-17	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-17 21:08:18 Last Seen2024-04-17 21:08:18 Times Seen1 Hash e3cb01dfef7aa87b1d0e77161c5abc9f 1ae64e0408bcff45669e905a4deac9128a6ab725 83f56ba580b03ea5a6d18f35db9c1926a5a80e7a388c53b72a4b2fcbb3873b5f Loading...

	cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js	338 kB	2023-03-07	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:09 Last Seen2024-04-30 16:47:03 Times Seen235 Hash de581e420bf52d70e353080a13094ea8 7e727d99fea8c31c2f2e3173105d585ee3289d31 4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5 Loading...

	salepeaket.live/static/default/js/delighters.js	2.6 kB	2023-03-12	2024-04-30
Pretty URL salepeaket.live/static/default/js/delighters.js IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-04-30 16:47:03 Times Seen163 Hash cc31823856831d96acd96628fe1bc12c 4441d2792dc7fb9f54cde379cd6dd5085ae7af33 0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d Loading...

	salepeaket.live/	696 B	2023-03-12	2024-04-30
Pretty URL salepeaket.live/ IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-04-30 16:47:03 Times Seen111 Hash 207792bcff09eca0993cd75875f72095 1f602949e3de9dd8638601085791e25c6cc0acda ae57e93366c984a79002b078c27040993cd88c77218f277655fc031b6bb3e1d5 Loading...

	unknown	173 B	2024-04-17	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-17 21:08:18 Last Seen2024-04-17 21:08:18 Times Seen1 Hash 96a62d1d46d23fae339b4a711d6bc4dc 239a59edfae6419841dce8729ffb0b4a9bbe47b2 b63360d42a220e6cbe0905949b5fe3afbc4df4385c88bdfa61c8c7b668058b03 Loading...

	unknown	196 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:30 Times Seen12 Hash f8b06030e548e75042f7c26c0c84d097 e2b10e072285222839f9ebdb755856958ae3ac41 518ffa43b97dee5b405cfbf0296f30301a1f447cc9704c0dd8f9acc124f7c379 Loading...

	unknown	1.8 kB	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen13 Hash 7704a6a42730b3a06f99b1706a8ec48f 2b194e3519a5e670607b7f7c9bbc56f009fa596d 57b0f3d1a13a48e5fc21a144b60aa82a37cf1b0e885e95b8ba2abd86832db09c Loading...

	salepeaket.live/	151 B	2023-03-12	2024-04-30
Pretty URL salepeaket.live/ IP 104.21.38.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-04-30 16:47:03 Times Seen110 Hash 4cc479dfa9707e2f24a8e129c80429b6 a6e2c685240dd740b22e226767035173703473a4 120dbe66705b4abb82ad0b16aabbd8ff3acee9be1fdfc30e77a2557012a1181d Loading...

	unknown	127 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen21 Hash 1225801b3453e88bd0f17598f771503d 719eeae87b92babb0c95818f127a6338d0b75fb4 ab185ce89cd85daed537ef8d8b22d2d52f8dcbcf118c0678f09f1d10be8fe846 Loading...

	unknown	277 B	2023-11-03	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-03 12:56:23 Last Seen2024-04-26 10:29:29 Times Seen22 Hash 41e226399cdec17fc2e96d116c516b8a fedba9c084bee281fbad5b60716c4b72f9a54d5f 07ff00fb8ac5e4ec6d4a8c14292826b9e9c597f949040337a7562b790634b130 Loading...

	unknown	184 B	2024-04-17	2024-04-17
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-17 21:08:18 Last Seen2024-04-17 21:08:18 Times Seen1 Hash 8d7df8aabfef485aaeb3a5a7ae797068 7390a8a376673f7daa6e04799ad7a6d45a3bcb9d f4a4640bdbe3aa2c9e8ff9bacdec55bca0bc8579d302a55b3cb856f27b70b549 Loading...

		Size	First Seen	Last Seen
	#1 Write - ea47d7a66d8152302cd901d56844cb81	72 B	2023-03-12	2024-04-30
Pretty Observations First Seen2023-03-12 22:29:02 Last Seen2024-04-30 16:47:03 Times Seen114 Hash ea47d7a66d8152302cd901d56844cb81 235d8306b2b513c8851d054491a83beb3e194f94 ee7229be5e00ebb674d9f12a2aba9d62130a20978a0c27162a984e32530a1d5f Loading...

HTTP Transactions (59)

URL IP Response Size

salepeaket.live/static/logo.png

104.21.38.171

200 OK

5.9 kB

URL GET HTTP/3
salepeaket.live/static/logo.png
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
PNG image data, 115 x 41, 8-bit/color RGBA, non-interlaced
Size
5.9 kB (5946 bytes)
Hash
9740baf71f9fd51a3dc86430f5f49ea2
4617137861adc2341b3377817bf728c4c87e8b37
9e7bdb3c28f7bdd912a7b3f96918bac061ed5f64216c59fc265a83d023f66952

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/logo.png HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: image/png
content-length: 5946
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: "173a-6141300c3d86f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3542
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxglSjxgV3gq2fwLU%2B4IuXkfiSdrDgYjSK8moBPKGnqqUu%2B8J6%2BzQFJcu2RsF83nNLzcHhnNpV%2BLNGM9WDc8Il%2FYgxmwLigUZFntX0kqeTRV0LTU3b3bhm19wSHSFcMVz58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875eb31469aeb4f3-OSL
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/market/img/payment.png

104.21.38.171

200 OK

15 kB

URL GET HTTP/3
salepeaket.live/static/market/img/payment.png
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
PNG image data, 342 x 26, 8-bit/color RGBA, non-interlaced
Size
15 kB (14874 bytes)
Hash
d9e27afb8d07e73a5d78c58219db8284
2c8e0b0821ae555b66a6d9ad9d3f3a97d8164f99
1567d764b3ee71f11f52d807789d9a970c60dd195b39f2b295d476308d76aeb3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/img/payment.png HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: image/png
content-length: 14874
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: "3a1a-6141300c61a94"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3542
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pyhauhhz7qGH1er28iFmqLtXP9dShq5kPtjQGjEe8kJYSarOcNTtenrTu5bFDW0s5xsAe%2Bs4YqQQnu5ZDZ%2BwRE37T%2BYDE0N%2FJ3snti%2F0NAQb2QEXA8csdFcOdW0GZC0iOFA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875eb314ba2db4f3-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js

104.17.24.14

200 OK

68 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (57307)
Size
68 kB (67811 bytes)
Hash
0292da744fb4f768ae77370f868a674e
6dbafd633d187d11e2ef0a9a47044fd5646c70fb
068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468

HTTP Headers

GET /ajax/libs/vant/2.12.48/vant.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 67811
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-108e3"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 609101
expires: Mon, 07 Apr 2025 19:07:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIzhfGp0dGdbYnNTA4JJjkoOfHIyoaqguXNETl8Veq2%2FrrTw6zDVxt3No1LZi2yNl6EEdX5OVZ6XJ11cBDC3KzcF5Nh637glYYxPePwPkbYz5flwUg%2BfuV5x84ZK1f7fFbYDiVfp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875eb3152f471c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js

104.17.24.14

200 OK

4.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14957)
Size
4.9 kB (4866 bytes)
Hash
5f4a59735ca9517d0478f395439bd517
f820c08cf114da8ec451e8eedc0da51dfcba5e02
ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9

HTTP Headers

GET /ajax/libs/vue-resource/1.5.3/vue-resource.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 4866
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c785b9-1302"
last-modified: Mon, 14 Jun 2021 16:37:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 177545
expires: Mon, 07 Apr 2025 19:07:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S50aacXWe1tkJ6YU08ghe2RrUZBQkfmR2i2A7NTge6iYdzLVNXfSaGJgYItmOWw0f%2BjGVEMngTT5Mi1I9BN%2FR%2FXMP%2BfvS8%2BhtirvFeAVxeOcYlWperFZqV7LlOBm6d4YOrgSyPza"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875eb3152f4a1c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css

104.17.24.14

200 OK

3.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16213)
Size
3.9 kB (3945 bytes)
Hash
951eae8c8a442c2940c54d180301ed41
771518669a370d915adf0d207f2a22092a768cd1
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css; charset=utf-8
content-length: 3945
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-f69"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 590938
expires: Mon, 07 Apr 2025 19:07:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S36uSZ3BUcqaq3V2TEhky%2BoemN8pWLnoVbuVRhIYJqnUi%2BWC9Jn1EQJ%2B%2FBUY1f8r0zZDTA2d8UuYwxVMNMwNQi6D2r%2FAAtxKX7iF8bl9e2D7BS9c0bjDijRnehFVg0fwiwylVtUA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875eb3152f4f1c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css

104.17.24.14

200 OK

38 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (38108 bytes)
Hash
9a547188fa485f8ca9b2cc7d6d2524ef
7893335159a1f637eb24cd05aaba96ac156c7f65
897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433

HTTP Headers

GET /ajax/libs/vant/2.12.48/index.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css; charset=utf-8
content-length: 38108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-94dc"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 666620
expires: Mon, 07 Apr 2025 19:07:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyALTSBsEu3a%2BhEfGuvmHfxFTPsEMiHNLVDo6dB7ulf0xVwNRYtP%2FzA1jktKR9BqlrhrCRkL2%2F%2FvTYODJTnNZ2%2BDSi2Nqi6%2FdLbgR7OrQ2pU4PnAcUTHFR6gC%2B6Ojn6O7FszymrE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875eb3152f461c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js

104.17.24.14

200 OK

50 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
50 kB (49876 bytes)
Hash
de581e420bf52d70e353080a13094ea8
7e727d99fea8c31c2f2e3173105d585ee3289d31
4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 49876
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-c2d4"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7743221
expires: Mon, 07 Apr 2025 19:07:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2tg5UTHdUyiIiISq5jtu7F0O1WyEU3B2TudQVR9dO%2FCK0kaMvss3g1M%2BLyyjgeq1EF2rHi5mP4dEsWqCFfUYDaFVoloRM8DvYcpZcHvrd2zMI22RKwSyIXS0li5B%2FqSvcnCq7Eq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875eb3152f4c1c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

salepeaket.live/static/default/img/slide_homepage_1.jpeg

104.21.38.171

200 OK

214 kB

URL GET HTTP/3
salepeaket.live/static/default/img/slide_homepage_1.jpeg
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:05:12 14:10:12], baseline, precision 8, 1903x634, components 3
Size
214 kB (214103 bytes)
Hash
3d26f7692db8907822ed3505c70868f7
74fccb84f865369b53df3f25d777c069a6e89f2e
8e010e987884485474400823a163c12119b1bd9daf886d43253899aee7e71ed1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/img/slide_homepage_1.jpeg HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: image/jpeg
content-length: 214103
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: "34457-6141300c38a4e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=if%2BD3b8k0b5GOQmfx70o%2F%2BCgoGJhpYyhiO1%2BwpR5AySM4XFsO8rWQCNXYQAcb9Lw92zFVxVH4mopkFW1cXjN2WUTAQLymYVFyM3wKGDELcedN5%2BKYZlH6X2f3yMO6HIgrgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875eb314ba24b4f3-OSL
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/your/img/service.jpg

104.21.38.171

200 OK

127 kB

URL GET HTTP/3
salepeaket.live/static/your/img/service.jpg
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 570x402, components 3
Size
127 kB (126971 bytes)
Hash
6894acf30e9989c857a5e16e63672fa2
e6ebc3536d436f1aa697e2aac0827ab87bdfc4b4
e47e5927563c41d710a8f0099f89098843e69c4289fa25445467ebe4b96559f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/img/service.jpg HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: image/jpeg
content-length: 126971
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: "1effb-6141300c923f2"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPSlE3MoXpcuB0LWKCs9Mbq0kap%2BcwFqx3Dxjwib51bj29oms%2BktsH50e8jXFvhpQaJR7Qt45lg5bv1H9kSj2QMRNtgiQS1np5QbQd7Q%2BpuRnaA3KhEwFMVWSDhNeKFp1cg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875eb314ba28b4f3-OSL
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/your/css/lightbox.css

104.21.38.171

200 OK

1.4 kB

URL GET HTTP/3
salepeaket.live/static/your/css/lightbox.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text
Size
1.4 kB (1356 bytes)
Hash
3bb6b7ea7a87625c740c6ca6e6719e00
d37bd3282b4587f4f632b5875611717c3de195e4
b200385db17a8adfd525f1d21cd9554baa9941de236279ac7b9ad2689d8ad6c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/lightbox.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"d8e-6141300c8e572-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2FhJA8HlC7HJLso0GrNQYYqe8dngg5lvaeVE6X7f1bwtUVhLctp%2BMTcN9ihEx5LIFHt366NwGCQzy1D%2BQ2Hqgg9zsh9bBvJF4V7Chw1EpfWWFVRvTAXSNs0WQccolocJFtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3144954b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0

104.21.38.171

200 OK

78 kB

URL GET HTTP/3
salepeaket.live/static/your/css/font/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
78 kB (77663 bytes)
Hash
8a1f0a347c6d98ac3fedddb2f05486ab
a97cd7fce141d3a7a67d866b68a2e01a295dc7fc
77abd5601e75b38ee54e8052c19e16e45ddfb0ddc0ea5809c99b8a563d201ee6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://salepeaket.live/static/your/css/font-awesome.min.css
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: font/woff2
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"12d68-6141300c8dda1-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4k1n4BcULBI%2FzuPqBctKEAy5KO2AbQr1yuLFCUWlOyYpIJ6wRFDBvef8BX1pyezQe9L9Fu2Qvg3uI5jfoo6heqQsvtLq57THQUdFyss6%2B1%2B5uBmq%2FNjvNPZ84B1NaBedZPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3186ffbb4f3-OSL
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/your/css/owl.carousel.min.css

104.21.38.171

200 OK

172 kB

URL GET HTTP/3
salepeaket.live/static/your/css/owl.carousel.min.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text, with very long lines (2846)
Size
172 kB (171665 bytes)
Hash
de0dfbabe627afa1b718d848b6b58e97
73d8a692734089983b00005d99ef8e5e5b0dadeb
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/owl.carousel.min.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"b78-6141300c8e572-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JzdSM2s6qtaSZrRadYfXJy4sl0VLQUArdK4I6uT%2ByVTykdu13gO5hd1gdewYUICOQA%2BPahiY7jbbUpZav52FeotPQBvVmZZTJQTygM%2BeLJGP3uN7XOcORbUSte4xZfmc%2FwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb314495ab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/store/css/checkout.css

104.21.38.171

200 OK

1.7 kB

URL GET HTTP/3
salepeaket.live/static/store/css/checkout.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text
Size
1.7 kB (1724 bytes)
Hash
4b863c1345f71ff374b4fbbb6e78f442
5da106ab5de381b832786bbdd595900c08c451f6
99f7ad74232befd3e119ee5067ff9bb440d25bb05549f8d0660c9e02a977ba6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/store/css/checkout.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"12d8-6141300c7e39f-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gn8IWj%2FeioM8t6RSpx9zP5NIy7lWzqs0rnWIvkNUJVH1y%2FicSQIINsEMZNeSc7W6OrbPsCDC5T7HlVRn6nmSEm%2FbTBRpLE2xdOk%2FutheYjLQaRP%2BOxsSn%2BIs4yDIUJNyxVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3145972b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/your/css/stylesheet.css

104.21.38.171

200 OK

18 kB

URL GET HTTP/3
salepeaket.live/static/your/css/stylesheet.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (529)
Size
18 kB (18202 bytes)
Hash
9a06a247e039b7a8e36cc1059d7c5c39
4a42d4ebcf871ec3ac45c47eb1110462616f2390
8cab6c22f51f0c08736e6ef55849ad723519a715a79568b749f9123a074878b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/stylesheet.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"16563-6141300c8e572-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7RRQZiNUj0GQ%2FhFqOlak%2BDQEk6SBossIx9YYYIzT1OPNElN7EecPU6YjdqnjC%2Bi2Qt%2F5tTmsjdVMfmozj2DVQ2caBID0iSITU28slh8VGzb9I9ufbmVA8isiIUXxgMcSpdc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3144962b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.ytimg.com/vi/gedX74yXmyE/sddefault.jpg

216.58.207.214

200 OK

61 kB

URL GET HTTP/2
i.ytimg.com/vi/gedX74yXmyE/sddefault.jpg
IP
216.58.207.214:443
ASN
#15169 GOOGLE

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint78:1A:D9:37:F2:33:3C:A9:0F:4C:4A:E8:40:9E:55:8E:02:75:1E:15
ValidityMon, 04 Mar 2024 06:35:07 GMT - Mon, 27 May 2024 06:35:06 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3
Size
61 kB (60857 bytes)
Hash
148a7f8e232e914e0f12b886f8372fe7
daf98f8d38636d73a05d0c3e9ab60c386063ee00
3254982c784f324f54eb0139cebbaa35a8b891a149553fa07d3e84afb522b4a9

HTTP Headers

GET /vi/gedX74yXmyE/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 60857
date: Wed, 17 Apr 2024 19:07:45 GMT
expires: Wed, 17 Apr 2024 21:07:45 GMT
cache-control: public, max-age=7200
etag: "1616327793"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.ytimg.com/vi/CYyt343oUXU/hq720.jpg?sqp=-oaymwEhCK4FEIIDSFryq4qpAxMIARUAAAAAGAElAADIQj0AgKJD&rs=AOn4CLAHwkd1j4nclTd5yW67s5vgf3giiQ

216.58.207.214

200 OK

61 kB

URL GET HTTP/2
i.ytimg.com/vi/CYyt343oUXU/hq720.jpg?sqp=-oaymwEhCK4FEIIDSFryq4qpAxMIARUAAAAAGAElAADIQj0AgKJD&rs=AOn4CLAHwkd1j4nclTd5yW67s5vgf3giiQ
IP
216.58.207.214:443
ASN
#15169 GOOGLE

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint78:1A:D9:37:F2:33:3C:A9:0F:4C:4A:E8:40:9E:55:8E:02:75:1E:15
ValidityMon, 04 Mar 2024 06:35:07 GMT - Mon, 27 May 2024 06:35:06 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 686x386, components 3
Size
61 kB (61120 bytes)
Hash
3a102dc9e157fe9811a42a44db9100b0
f0bb4c0be1e57baeeaca06c87c3a0add95a37dc9
18157841d52c912df09c63f9032f28124e079c83e23d93ea7a113824ccd37b8d

HTTP Headers

GET /vi/CYyt343oUXU/hq720.jpg?sqp=-oaymwEhCK4FEIIDSFryq4qpAxMIARUAAAAAGAElAADIQj0AgKJD&rs=AOn4CLAHwkd1j4nclTd5yW67s5vgf3giiQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 61120
date: Wed, 17 Apr 2024 19:07:45 GMT
expires: Wed, 17 Apr 2024 21:07:45 GMT
cache-control: public, max-age=7200
etag: "1653539708"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.ytimg.com/vi/_oNo0u1oqPA/maxresdefault.jpg

216.58.207.214

200 OK

117 kB

URL GET HTTP/2
i.ytimg.com/vi/_oNo0u1oqPA/maxresdefault.jpg
IP
216.58.207.214:443
ASN
#15169 GOOGLE

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint78:1A:D9:37:F2:33:3C:A9:0F:4C:4A:E8:40:9E:55:8E:02:75:1E:15
ValidityMon, 04 Mar 2024 06:35:07 GMT - Mon, 27 May 2024 06:35:06 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Size
117 kB (116882 bytes)
Hash
39c52e7f3ba5aad848662671cdf5ff6f
b4b438f57dfa85cc37be64ac502b36fedaea0d8c
46d8e1d3cce633a1eab85457c9498cb5ef62a94a071bd9a3d4f3097c484c7f0f

HTTP Headers

GET /vi/_oNo0u1oqPA/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 116882
date: Wed, 17 Apr 2024 19:07:45 GMT
expires: Wed, 17 Apr 2024 21:07:45 GMT
cache-control: public, max-age=7200
etag: "1581596759"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

salepeaket.live/static/your/css/magnific-popup.css

104.21.38.171

200 OK

2.4 kB

URL GET HTTP/3
salepeaket.live/static/your/css/magnific-popup.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text
Size
2.4 kB (2420 bytes)
Hash
b58cd2adcb50f958ee018641983181f1
b30cd626dda9e0fcc5fa207af4e1a34d11da8e04
bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/magnific-popup.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"1e06-6141300c8e572-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ot4dF6%2F%2Bbqit%2B5p2MyOhAcGsi3488bTTt8jzKOarBhlxH%2Bse5nF4IeUNw0rquMC8GcsnUwMkw0NpwMA78Ibs%2F1%2BUQbHWwYvGKJYeRFtgLHgRhdSjLfakMtrcmg3%2ForwZiPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3144960b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.indianhealthyrecipes.com/wp-content/uploads/2014/09/multigrain-roti-recipe.jpg

2.21.240.20

200 OK

72 kB

URL GET HTTP/2
www.indianhealthyrecipes.com/wp-content/uploads/2014/09/multigrain-roti-recipe.jpg
IP
2.21.240.20:443
ASN
#20940 Akamai International B.V.

Requested by
https://salepeaket.live/
Certificate
IssuerLet's Encrypt
Subjectcert-00028-cdnedge-bluemix.akamaized.net
FingerprintAC:7E:80:B1:D7:95:08:86:CC:85:A8:B7:C9:82:23:53:DB:D6:51:FB
ValidityThu, 04 Apr 2024 05:38:07 GMT - Wed, 03 Jul 2024 05:38:06 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 670x970, components 3
Size
72 kB (72289 bytes)
Hash
68d6a67d8fce0c6b7090e037e938d185
7b5d23598cdb7fc5309b7cccf268ee0e4238ddc0
5246491850e461c7e3666cf16fb339bd5ac3131f8bf40a47e3f674ae44055a73

HTTP Headers

GET /wp-content/uploads/2014/09/multigrain-roti-recipe.jpg HTTP/1.1
Host: www.indianhealthyrecipes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Sucuri/Cloudproxy
content-type: image/jpeg
content-length: 72289
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Mar 2022 11:01:33 GMT
etag: "623afe0d-11a61"
accept-ranges: bytes
x-sucuri-cache: MISS
cache-control: max-age=315276297
expires: Fri, 14 Apr 2034 19:52:42 GMT
date: Wed, 17 Apr 2024 19:07:45 GMT
X-Firefox-Spdy: h2

satijalab.org/seurat/articles/seurat5_visualization_vignette_files/figure-html/new2-1.png

75.2.60.5

404 Not Found

83 B

URL GET HTTP/2
satijalab.org/seurat/articles/seurat5_visualization_vignette_files/figure-html/new2-1.png
IP
75.2.60.5:443
ASN
#16509 AMAZON-02

Requested by
https://salepeaket.live/
Certificate
IssuerLet's Encrypt
Subjectsatijalab.org
Fingerprint66:BE:35:B1:6B:FA:6E:23:12:A3:FC:00:AD:72:CC:8C:4A:6C:2C:CC
ValidityFri, 08 Mar 2024 08:20:10 GMT - Thu, 06 Jun 2024 08:20:09 GMT

File type
exported SGML document, ASCII text
Size
83 B (83 bytes)
Hash
3d0ee888af61b90cf98e4933655d7830
67c0542e93eddaf0153c26a21d00fc1d0a1ffda6
d8d09e153334da96b02c2cac9bb8a579a47996178585365f66b4b36f96880e81

HTTP Headers

GET /seurat/articles/seurat5_visualization_vignette_files/figure-html/new2-1.png HTTP/1.1
Host: satijalab.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
age: 0
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-type: text/html; charset=utf-8
date: Wed, 17 Apr 2024 19:07:45 GMT
etag: 1609195559-ssl
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01HVPQADKYPB7YJX6DERFM27PX
content-length: 83
X-Firefox-Spdy: h2

p16-sign.tiktokcdn-us.com/tos-useast5-p-0068-tx/e3e51afda4c54f8bae4e007046bdc876~tplv-photomode-zoomcover:720:720.jpeg?x-expires=1693602000&x-signature=UpNbHTg3nRP%2FO7DLxR9RQhoOTpA%3D

23.204.152.20

403 Forbidden

528 B

URL GET HTTP/2
p16-sign.tiktokcdn-us.com/tos-useast5-p-0068-tx/e3e51afda4c54f8bae4e007046bdc876~tplv-photomode-zoomcover:720:720.jpeg?x-expires=1693602000&x-signature=UpNbHTg3nRP%2FO7DLxR9RQhoOTpA%3D
IP
23.204.152.20:443
ASN
#20940 Akamai International B.V.

Requested by
https://salepeaket.live/
Certificate
IssuerDigiCert Inc
Subject*.tiktokcdn-us.com
FingerprintE2:8B:12:BD:C5:BB:C1:09:C6:4B:21:1B:F3:EB:67:A4:69:21:42:D5
ValiditySat, 26 Aug 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
528 B (528 bytes)
Hash
89f59cd8b138138936dedf32b5e00ad4
b42e49d95b7e8cd940a1762ebd8da69a53ecd5b5
b9ee21e41c55b3a90dd90857c8a8fa01c20fc7938fe0cb0ec8c5061c1f6f855e

HTTP Headers

GET /tos-useast5-p-0068-tx/e3e51afda4c54f8bae4e007046bdc876~tplv-photomode-zoomcover:720:720.jpeg?x-expires=1693602000&x-signature=UpNbHTg3nRP%2FO7DLxR9RQhoOTpA%3D HTTP/1.1
Host: p16-sign.tiktokcdn-us.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
server: AkamaiGHost
mime-version: 1.0
content-type: text/html
content-length: 528
expires: Wed, 17 Apr 2024 19:07:45 GMT
date: Wed, 17 Apr 2024 19:07:45 GMT
x-cache: TCP_DENIED from a23-46-157-20.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55502997) (-)
cross-origin-resource-policy: cross-origin
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
server-timing: cdn-cache; desc=MISS, edge; dur=0, origin; dur=0
x-failure-reason: failure-expired
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.wixstatic.com/media/ba8c9e_4504e96a11b04041bbcac38468a0a115~mv2.jpg/v1/fill/w_720,h_720,al_c,q_85,enc_auto/ba8c9e_4504e96a11b04041bbcac38468a0a115~mv2.jpg

54.230.111.85

200 OK

16 kB

URL GET HTTP/2
static.wixstatic.com/media/ba8c9e_4504e96a11b04041bbcac38468a0a115~mv2.jpg/v1/fill/w_720,h_720,al_c,q_85,enc_auto/ba8c9e_4504e96a11b04041bbcac38468a0a115~mv2.jpg
IP
54.230.111.85:443
ASN
#16509 AMAZON-02

Requested by
https://salepeaket.live/
Certificate
IssuerSectigo Limited
Subject*.wixstatic.com
FingerprintB2:F9:78:29:9F:1D:8B:05:44:BE:8D:28:55:FF:F7:E1:35:EE:21:C8
ValidityMon, 01 Jan 2024 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16448 bytes)
Hash
3dc1258fe9a74ebbd66055dc079b8630
6713f7667bcee22cd128af5cc50e0d05f264c848
18c121342a11dd6a6a89e523eb4c66bc707b312f96cd13e84b6074cf8c928dcb

HTTP Headers

GET /media/ba8c9e_4504e96a11b04041bbcac38468a0a115~mv2.jpg/v1/fill/w_720,h_720,al_c,q_85,enc_auto/ba8c9e_4504e96a11b04041bbcac38468a0a115~mv2.jpg HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 16448
server: openresty/1.21.4.1
date: Wed, 17 Apr 2024 19:07:45 GMT
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
wix-tracer: 2fEz8X5XwQUyiQ1Frre6FABt9yg
x-seen-by: image-manipulator-65b8785648-hcn74
timing-allow-origin: *
via: 1.1 google, 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
vary: Accept
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3nXdXtzngy-6FMghl7PRFa1dtyIRtOF13CowQfw56usH0zU0MlNH7g==
X-Firefox-Spdy: h2

salepeaket.live/static/your/css/owl.theme.default.min.css

104.21.38.171

200 OK

50 kB

URL GET HTTP/3
salepeaket.live/static/your/css/owl.theme.default.min.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text, with very long lines (846)
Size
50 kB (50335 bytes)
Hash
275048a23c69c24c6bd3316d9a45882e
31f27f631d97f8564386f05fa2859683349d5fbc
296b3d8e9fa36733999a69d6e630bc6361ea23dada8c98a0e48d34ba7f7d0ed2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/owl.theme.default.min.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"3a8-6141300c8e572-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EyuiOMdxdxGpQbgzBhapId0CBxLYKZaGPu4L74GMR15%2BPiWmvpnQfJh6b4HRWzncl4hICYjAoAnY2Z17Gx%2F6y4u4LYpKuTR1MOrl0Pb1y3XMZSPLfrZQzGNZPBuPC9rdPTA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb314495cb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/your/css/jquery-ui.min.css

104.21.38.171

200 OK

3.9 kB

URL GET HTTP/3
salepeaket.live/static/your/css/jquery-ui.min.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text, with very long lines (15129)
Size
3.9 kB (3916 bytes)
Hash
1f29bef8e189e09389ee650069da29d0
85ec0a5126e957e1f0596cf84010cf41e1fa321c
3d94f00ea8118cfa7a40019dd8696ebf16aebdd92f0ff5fec0411e97b8b7c44c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/jquery-ui.min.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"415a-6141300c8e572-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rmAxwlI4O3NhPB7qkwgNADaXKXwVDJBEoHdfHpEsroBUtkyFJYEpA3pvC%2Ba5QvEOzZRjo3e%2Bh2C%2BtQ%2BFTqbA8C0FHyE8k%2Bb3s6aM%2BZ%2FXxxTnZIPyU7edWZOuA9TG5k51Odg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb314596fb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/your/css/opencart.css

104.21.38.171

200 OK

26 kB

URL GET HTTP/3
salepeaket.live/static/your/css/opencart.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text
Size
26 kB (26205 bytes)
Hash
6af40eff9c7c0646c617bf773fefa669
1738a1e96c289937fda2861d8c26217ee31f18d6
89736a467316752012bb0a952a094c5f943a387813ac1d8a51c224af21e1d4ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/opencart.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"77c-6141300c8e572-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXgbZZfKjPcrrhyUrMy4HnAHjB%2FuoztRJfIIqG3JB60PcV5cjalOdhrHndpWeD1dgFx2mkHqFkD3TW%2B3VZnT8Y%2FJh4koqgPS3Hegwms5Wl1TIqYKdziLRem3mCJ9gDT7J80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb314496bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ae01.alicdn.com/kf/H879598f5bdc14bd3901931d657332e97y.jpg_640x640Q90.jpg_.webp

47.246.44.250

200 OK

14 kB

URL GET HTTP/2
ae01.alicdn.com/kf/H879598f5bdc14bd3901931d657332e97y.jpg_640x640Q90.jpg_.webp
IP
47.246.44.250:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://salepeaket.live/
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x640, Scaling: [none]x[none], YUV color, decoders should clamp
Size
14 kB (14280 bytes)
Hash
7265d1e9997d1611931e28f8a450b353
25aaf9ba9caaf43f38e2ec7b0cab2bb5143d141a
534ec0f6f4dde26bea3086e11feb1f89e2bcced47cdd2549e3257f819c9a247e

HTTP Headers

GET /kf/H879598f5bdc14bd3901931d657332e97y.jpg_640x640Q90.jpg_.webp HTTP/1.1
Host: ae01.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/webp
content-length: 14280
date: Wed, 17 Apr 2024 19:07:46 GMT
traceid: 2ff62ca517133808657517705e
last-modified: Mon, 11 Apr 2022 02:24:29 GMT
cache-control: max-age=86400000
access-control-allow-origin: *
eagleeye-traceid: 2ff62ca517133808657517705e
strict-transport-security: max-age=0
timing-allow-origin: *, *
ali-swift-global-savetime: 1713380866
via: cache8.l2de2[349,349,200-0,M], cache5.l2de2[351,0], ens-cache17.se2[372,372,200-0,M], ens-cache17.se2[373,0]
age: 0
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Wed, 17 Apr 2024 19:07:46 GMT
x-swift-cachetime: 31104000
cdn-type: alibaba
eagleid: 2ff62ca517133808657517705e
X-Firefox-Spdy: h2

www.palindrometech.com/wp-content/uploads/2019/03/CTIA-IoT-Security-Categories-1.jpg

52.86.25.220

200 OK

230 kB

URL GET HTTP/1.1
www.palindrometech.com/wp-content/uploads/2019/03/CTIA-IoT-Security-Categories-1.jpg
IP
52.86.25.220:443
ASN
#14618 AMAZON-AES

Requested by
https://salepeaket.live/
Certificate
IssuerLet's Encrypt
Subjectpalindrometech.com
Fingerprint89:D8:D5:40:B6:0F:1B:B7:78:41:A5:44:81:22:9F:43:E6:52:2A:E5
ValidityFri, 08 Mar 2024 23:06:47 GMT - Thu, 06 Jun 2024 23:06:46 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1088x685, components 3
Size
230 kB (229680 bytes)
Hash
52d65f807e7df776d75be1a6ce916a81
48658e24e2cdb5d9eb937e63968d255ea6be7109
36cef08fd21ef1a94c46efa09f1cd95ed321e9b5dd46ca214277e35d44fe0771

HTTP Headers

GET /wp-content/uploads/2019/03/CTIA-IoT-Security-Categories-1.jpg HTTP/1.1
Host: www.palindrometech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 19:07:45 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expect-CT: max-age=7776000, enforce
Referrer-Policy: no-referrer-when-downgrade
X-Frame-Options: SAMEORIGIN
Permissions-Policy: 
Last-Modified: Tue, 18 Jan 2022 14:28:38 GMT
ETag: "38130-5d5dc15c621f2"
Accept-Ranges: bytes
Content-Length: 229680
Strict-Transport-Security: max-age=31536000;  includeSubDomains; preload
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

salepeaket.live/static/default/img/20220514153821.png

104.21.38.171

200 OK

15 kB

URL GET HTTP/3
salepeaket.live/static/default/img/20220514153821.png
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
PNG image data, 245 x 222, 8-bit/color RGBA, non-interlaced
Size
15 kB (15411 bytes)
Hash
3ecbb8f543b70888626038f8cf81f227
a9bf6388621ba59e09e59e58713e8abfc04e5ff3
2214e58d7962a38491fb50f2f641b869917fba48120c02e5f207b5c9025326f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/img/20220514153821.png HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkI1UXE4RkRJYmRLUnRmOEgrVmFDcmc9PSIsInZhbHVlIjoiOWU2aDQzS1lwOFBZcjNQNlVYbERDdFB3ajhEdFhGc3VXK0VwdGxselFHTVNjRGtBZElPT1ZNRWc1cGFTRkJXbU40MUg0L1h0VkRkNkJORzhtMStYdnpINkU2bFl3S1NkRHNaTWZMY0N2dEY2aEhST2NtZkNvc1VBQ0JJTlcwdjciLCJtYWMiOiI0MTdmYmYxNjVkYTczMWE4ZDkxZWFhYTM4ODc3MmU5MDM0MmQ0MWVmOWFjNDRlYzA3ZTAwMjg0NmFjOTllM2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IitVTW1TVjJ0d29hc2Y4SnJIWXZ2OUE9PSIsInZhbHVlIjoiTUhyZ3N0ZE1WUExTRzEvWElOc3NvZ000WXlxQk1EZkU1b3ZaL0l5K3RXWVVRMU1mSGNxY094OHI2NzVqMTVFUWdtSGVNVkhLZFFtVGRlY0s2S2t4aGRmMmZ1Q1hZU2NZdTZKcTRLWnEwYlUxTnh0ME45dUJXY0tsTW00U0NrWWciLCJtYWMiOiI1ZDJhOGQ1MTM5ZmRjYjAxMmQ4ZmUyYWM1MTg5MGVlN2EyNjRjNGUzYjJlMTAwNTViMjFkZTIxYzE5MzNhMjRjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:46 GMT
content-type: image/png
content-length: 15411
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: "3c33-6141300c36ef6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3539
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mItoygFjEHHVVH5xB1Eo7UR5SxQ4WSlsk0O3%2FeUJ8d7dnhPblIvzySVoRX8VNxuj0NUOct1e8GlImQRz8%2F%2BZd%2Bu4WRSobeeOxSyD1jzwE1jBNRXIK1IjzksCnLeY5pMJfpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875eb32f0ef5b4f3-OSL
alt-svc: h3=":443"; ma=86400

149346886.v2.pressablecdn.com/wp-content/uploads/2023/11/Tim-Ferriss-Illustration-2023-scaled.jpeg

192.0.77.39

200 OK

331 kB

URL GET HTTP/2
149346886.v2.pressablecdn.com/wp-content/uploads/2023/11/Tim-Ferriss-Illustration-2023-scaled.jpeg
IP
192.0.77.39:443
ASN
#2635 AUTOMATTIC

Requested by
https://salepeaket.live/
Certificate
IssuerSectigo Limited
Subject*.v2.pressablecdn.com
Fingerprint78:B6:5D:8E:ED:34:19:75:75:A1:2E:D8:8B:77:0F:14:C1:61:DF:60
ValidityWed, 02 Aug 2023 00:00:00 GMT - Sun, 01 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x2048, components 3
Size
331 kB (330933 bytes)
Hash
4d32e11bc0ad6e13b291b496b0bad7a5
98615e955385a342c9de3b90e131ba72b29b0ae0
3cfc8d02cd870352afd155c3c8a0b816845540d103350d5335b054934f042657

HTTP Headers

GET /wp-content/uploads/2023/11/Tim-Ferriss-Illustration-2023-scaled.jpeg HTTP/1.1
Host: 149346886.v2.pressablecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 19:07:46 GMT
content-type: image/jpeg
content-length: 330933
link: <http://tim.blog/wp-content/uploads/2023/11/Tim-Ferriss-Illustration-2023-scaled.jpeg>;  rel="canonical"
last-modified: Wed, 15 Nov 2023 14:30:48 GMT
expires: Wed, 24 Apr 2024 19:07:46 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-ac: 3.arn _atomic_ams MISS
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
x-nc: MISS arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2

salepeaket.live/static/default/css/iconfont.css

104.21.38.171

200 OK

81 kB

URL GET HTTP/3
salepeaket.live/static/default/css/iconfont.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text
Size
81 kB (80886 bytes)
Hash
717c6e58da97df4ca9866d0cf9f1eecb
53b035e4136e3fcbf6d710633c10562bbb8fb1eb
8b3c92ce43d9af1d42ae13507d542ff6de94684152fec5f111c1e138db769d5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/css/iconfont.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"55c-6141300c35786-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8HpKg%2FpO0G8Y%2BWRbX8buPNcICrV30IjIqnh%2FrURKsnJijZtZwN%2BaAffVMmwFlOGg4%2F5aSsXUt35Emr%2BLbuWuCQshxi%2Bph0w6YoAv1kbqtOsgQciYRgEmYUSf31yLOVnyy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb314597bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

merchbar.imgix.net/product/vinylized/upc/03/850021640309.jpg?q=40&auto=compress,format&w=1400

151.101.130.208

200 OK

213 kB

URL GET HTTP/2
merchbar.imgix.net/product/vinylized/upc/03/850021640309.jpg?q=40&auto=compress,format&w=1400
IP
151.101.130.208:443
ASN
#54113 FASTLY

Requested by
https://salepeaket.live/
Certificate
IssuerGlobalSign nv-sa
Subject*.imgix.com
FingerprintB1:CE:29:3A:FE:13:43:AB:E5:4F:05:D5:D9:39:A7:6F:9D:B1:B0:C1
ValidityThu, 07 Dec 2023 12:43:26 GMT - Tue, 07 Jan 2025 12:43:25 GMT

File type
ISO Media, AVIF Image
Size
213 kB (212872 bytes)
Hash
a25fdac9b629d8a67c30b90e9c59759a
f785e7943f4f063ff0f9a386d6f3ff9996075432
ae1d4e6e77f60c71ea8bfb8fd80377450f322bf69e35608f99cd68fb0817a3d0

HTTP Headers

GET /product/vinylized/upc/03/850021640309.jpg?q=40&auto=compress,format&w=1400 HTTP/1.1
Host: merchbar.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-imgix-id: d7e1582e1afcda4e461f192cb965a2014f2833dc
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 19:07:46 GMT
server: Google Frontend
date: Wed, 17 Apr 2024 19:07:46 GMT
age: 0
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc1000138-SJC, cache-hel1410032-HEL
x-cache: MISS, MISS
vary: Accept, User-Agent
content-length: 212872
X-Firefox-Spdy: h2

salepeaket.live/static/your/css/bootstrap.min.css

104.21.38.171

200 OK

243 kB

URL GET HTTP/3
salepeaket.live/static/your/css/bootstrap.min.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text, with very long lines (65371)
Size
243 kB (242910 bytes)
Hash
3fc294a6e2e1cdcc652fc702f0ecda80
87fdf5f58d2bc3bd19940403f33a2a7f9869c446
ff95d530a782ce6fa179cd74b1da4a39764e9405666f5aaeed2f34aa9c66ce66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/bootstrap.min.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"1d2d4-6141300c8ce01-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zsu849%2FLSetkPdUSsrKIrxjVKfpQENaSdEZBTpHJZZF2bXpp%2BFDA32prIviyy2XhIqSO3MtBFTuthDQc1tHPtdpvBuwq%2FAWtJ7X07MZJ7SFNJlgm3bU5ksIusLGaMcnoIo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3144951b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Fwww.tiktok.com%252Fapi%252Fimg%252F%253FitemId%253D7210941623402892549%2526location%253D0%2526aid%253D1988

104.21.38.171

200 OK

513 B

URL GET HTTP/3
salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Fwww.tiktok.com%252Fapi%252Fimg%252F%253FitemId%253D7210941623402892549%2526location%253D0%2526aid%253D1988
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JSON text data
Size
513 B (513 bytes)
Hash
ec61c31a44a0c0104e6d5311cf4ae339
1848acc365a85a7a3e06aac5226ad1182035c0cb
2776ea4bef8595a3ca3100fb8c6908f0e1a629b22595d8807a0fa5ace82f15fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Fwww.tiktok.com%252Fapi%252Fimg%252F%253FitemId%253D7210941623402892549%2526location%253D0%2526aid%253D1988 HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkI1UXE4RkRJYmRLUnRmOEgrVmFDcmc9PSIsInZhbHVlIjoiOWU2aDQzS1lwOFBZcjNQNlVYbERDdFB3ajhEdFhGc3VXK0VwdGxselFHTVNjRGtBZElPT1ZNRWc1cGFTRkJXbU40MUg0L1h0VkRkNkJORzhtMStYdnpINkU2bFl3S1NkRHNaTWZMY0N2dEY2aEhST2NtZkNvc1VBQ0JJTlcwdjciLCJtYWMiOiI0MTdmYmYxNjVkYTczMWE4ZDkxZWFhYTM4ODc3MmU5MDM0MmQ0MWVmOWFjNDRlYzA3ZTAwMjg0NmFjOTllM2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjJCQjVwdkI1bjkydVBNNG9icUxKK2c9PSIsInZhbHVlIjoiWFBpM3RSUkcyYUZqUlJoRFUrYXhpVmtyVDUwRWZFQVJQV09FSThWYnF3UGJ6Lzl6NklxSzcvd3Axd3JkMnpjN2llVGFxbFpaVFc1eHpYYnRGeVJLcnliK212L2J5YmlWbmlSYTNpNzhQZmN2Vzh6cW56cTBIRWV6SzZCRHF6RjMiLCJtYWMiOiI3MTk5ZDEyYTRkZGExMWFlYzljYjM1OTU3Mjg1N2I3NTUwYTU3N2JlMmQ5MGRlOTJmNWRiMjFhNTk2ZGE5ZTZmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:46 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IitVTW1TVjJ0d29hc2Y4SnJIWXZ2OUE9PSIsInZhbHVlIjoiTUhyZ3N0ZE1WUExTRzEvWElOc3NvZ000WXlxQk1EZkU1b3ZaL0l5K3RXWVVRMU1mSGNxY094OHI2NzVqMTVFUWdtSGVNVkhLZFFtVGRlY0s2S2t4aGRmMmZ1Q1hZU2NZdTZKcTRLWnEwYlUxTnh0ME45dUJXY0tsTW00U0NrWWciLCJtYWMiOiI1ZDJhOGQ1MTM5ZmRjYjAxMmQ4ZmUyYWM1MTg5MGVlN2EyNjRjNGUzYjJlMTAwNTViMjFkZTIxYzE5MzNhMjRjIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=944nRGxKm%2Bx8V2L2xgJzbxfO6SeeQmb9NoD2rg%2FBGi8%2FoUqSgXs%2BLkOJxTrKsqFGptVorNRYwcRYgywaQ61j7NFaGrUvdGZi6O92EEOjFMWsV5gjIzF5CcsVaR4j6BDdJ%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3290c82b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D367547822134341

104.21.38.171

200 OK

290 kB

URL GET HTTP/3
salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D367547822134341
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JSON text data
Size
290 kB (290463 bytes)
Hash
fc121960fc1906bdf6efddfbeb6d308a
c8350f0f6c692d6fa389a9a33f78631790aa8951
4d6db84ffbfd5ed79955939156cd08d742efd376ffe87687ef151c45f4fa5b49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D367547822134341 HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkI1UXE4RkRJYmRLUnRmOEgrVmFDcmc9PSIsInZhbHVlIjoiOWU2aDQzS1lwOFBZcjNQNlVYbERDdFB3ajhEdFhGc3VXK0VwdGxselFHTVNjRGtBZElPT1ZNRWc1cGFTRkJXbU40MUg0L1h0VkRkNkJORzhtMStYdnpINkU2bFl3S1NkRHNaTWZMY0N2dEY2aEhST2NtZkNvc1VBQ0JJTlcwdjciLCJtYWMiOiI0MTdmYmYxNjVkYTczMWE4ZDkxZWFhYTM4ODc3MmU5MDM0MmQ0MWVmOWFjNDRlYzA3ZTAwMjg0NmFjOTllM2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjJCQjVwdkI1bjkydVBNNG9icUxKK2c9PSIsInZhbHVlIjoiWFBpM3RSUkcyYUZqUlJoRFUrYXhpVmtyVDUwRWZFQVJQV09FSThWYnF3UGJ6Lzl6NklxSzcvd3Axd3JkMnpjN2llVGFxbFpaVFc1eHpYYnRGeVJLcnliK212L2J5YmlWbmlSYTNpNzhQZmN2Vzh6cW56cTBIRWV6SzZCRHF6RjMiLCJtYWMiOiI3MTk5ZDEyYTRkZGExMWFlYzljYjM1OTU3Mjg1N2I3NTUwYTU3N2JlMmQ5MGRlOTJmNWRiMjFhNTk2ZGE5ZTZmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:46 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 55
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6InRGYnozSVdDQVZBaTdrWnhzRk4xaUE9PSIsInZhbHVlIjoiRmNxMEg5eDFOMWluSldLVXZHZ1A3RVVvSWl3NHZYZ1FLb2thY2E3eGdJZHdRem44akU3SVZEYWh1Z2p2eTZ1QlBrMWRSREM3UzZWZ0ErNm1lZXd4VzNQM3JuTjREb1RVYnFIaCtRN2QzcnZPQWJlb3crR2tpNHZKNk9qdE9qMDkiLCJtYWMiOiJlZDEyZjc1Nzg2YzJkMWNjNjA2NGJlN2M2MjM3ODM0MzFiMmU0ZjFmMmMyYjYxYjliY2RlYjAwNWQ2MWY3N2YyIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MbP5NDMURoaRYW7bzDHmi%2BPVmeA7ZG3O3cK5gAOXdeNi7NHk4k0axiwnv02gVs194kzEV1XsyxVQXkaElcMuuIzytbVSVbMRvotlSjU14T%2BGNiVj0h8VynoKMTu2aZu2aY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3290c8db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/default/js/delighters.js

104.21.38.171

200 OK

1.6 kB

URL GET HTTP/3
salepeaket.live/static/default/js/delighters.js
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
Unicode text, UTF-8 text
Size
1.6 kB (1568 bytes)
Hash
cc31823856831d96acd96628fe1bc12c
4441d2792dc7fb9f54cde379cd6dd5085ae7af33
0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/delighters.js HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/javascript
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"a4b-6141300c399ee-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDE9NLeb%2B%2Bd0qHd%2B0HNzzqtKeE6RMFEBRQDGbrWs1VfH7q9h%2Bnf8MHBkox2%2FPzNPAXYdr6f3R0gFlcuX%2F%2FhEOaKxR%2BKyStFwCBYXTmlSyZOjopH%2BsRS746HdhFsXmwP84w0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb31469adb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/favicon.ico

104.21.38.171

200 OK

1.9 MB

URL GET HTTP/3
salepeaket.live/favicon.ico
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JSON text data
Size
1.9 MB (1872638 bytes)
Hash
a44c87b0d55afacf14c8327af92e948e
3ccbcb7c5e0d553ce51030580dec3732eb477f9d
a0587eb4f330926619e867180d0f81a594dde4e75ddd471d2f1414024c9163ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkI1UXE4RkRJYmRLUnRmOEgrVmFDcmc9PSIsInZhbHVlIjoiOWU2aDQzS1lwOFBZcjNQNlVYbERDdFB3ajhEdFhGc3VXK0VwdGxselFHTVNjRGtBZElPT1ZNRWc1cGFTRkJXbU40MUg0L1h0VkRkNkJORzhtMStYdnpINkU2bFl3S1NkRHNaTWZMY0N2dEY2aEhST2NtZkNvc1VBQ0JJTlcwdjciLCJtYWMiOiI0MTdmYmYxNjVkYTczMWE4ZDkxZWFhYTM4ODc3MmU5MDM0MmQ0MWVmOWFjNDRlYzA3ZTAwMjg0NmFjOTllM2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlYyczZQencydEM2WnNqNGlmR1ZqelE9PSIsInZhbHVlIjoiTEhTR3Z4WmdLMms5OFhEeENNTlpiaTlIYXJhOTJBdm9xcklmWDcyTHRUUVlpRGR5aFg4cE9VTXp0S2hJaTM3MVN3alhjdHZsYjdRekszckhqcStCNTRhaHlZNG15U0kyb3VRdWVHSFNON3F2ZWpIVTVuaXEwTm1wM1NrNnFQY1MiLCJtYWMiOiJmYzZjNTdiZDdlZjNiODUxOWQ2YTdkNjgzYjk1ZmVlOTkzYzJlNjM5YmY2Y2ZkMTgwYzE5N2NiZTQ2Y2EzMDQ2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:44 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqj5NbUh0XNx%2BG7nwNuH0Da7HQtqGelQriQyriLW42XgC3Iv5p41Q1qoF3tRg7MyXDy5IM5ZO83p3m2wKSEp76OzqwPc%2BMNHRLkDvzVbQvJ%2BAMiNEkGAnIpbL%2B0KgMIpAEI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb31d88b4b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/your/css/swiper.min.css

104.21.38.171

200 OK

18 kB

URL GET HTTP/3
salepeaket.live/static/your/css/swiper.min.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text, with very long lines (17459)
Size
18 kB (17759 bytes)
Hash
6af34d0737ad0ca608111771cf74cc79
15d0417baa08a741c6aee19fdfbf4813635f98f8
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/swiper.min.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"455f-6141300c8e572-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KvLCr0NeP7pKWOiX3dkW9F88LcptmPWSLdA3mCcS3snm2lHD4LjS1QTnXyOEUgKvYU2zDhJfkaLgTdsMTN2IeT33W06fjxqgiHknZc3QEypMmcRA%2FFzHpxKbM8V0KblihBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3144968b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/your/css/font-awesome.min.css

104.21.38.171

200 OK

31 kB

URL GET HTTP/3
salepeaket.live/static/your/css/font-awesome.min.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text, with very long lines (30813)
Size
31 kB (30976 bytes)
Hash
ba098bc004de79c602b8a80093ecfb6d
07e2a0eae9e2a64f753638b5281b878b586f054d
ad6ed6588f8299f92680d0b1e7d3103621f713060409ac419094140e6fdaeb84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/font-awesome.min.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"7900-6141300c8ce01-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tc1ZBHcx9%2FNws3iiScRF7HvKeGeMGtwYweVBx6mo0LCUPkEDe9YXsN8CGNSoR3krKDk%2BaQqxpaaUidobdcxrSH2Suy8uUUTzFn2My28b7iTTE53arQn7AZZJNK59u1Wio8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb314394bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/api/item/random?num=12&name=hot

104.21.38.171

200 OK

4.8 kB

URL GET HTTP/3
salepeaket.live/api/item/random?num=12&name=hot
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (5225), with no line terminators
Size
4.8 kB (4763 bytes)
Hash
5a47a887e1efd26248e47754e0ad975d
633fd4d57eb6394361168ed7f00d250618cc504c
d5a1dec1472c4b0d634c9fc6df7f5e3b638dc4a5c6e4be6e7bcddd2b091cb3c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/random?num=12&name=hot HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:45 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6InArSE5aUTNrNTlzeTFFV29Wd2hXaHc9PSIsInZhbHVlIjoiTkZZM1c2eEVjWHdjOStSRThXS3p4S2xyWitVQVAvN0dKQ1BDSTlhRHcrekxmYnB6RTdiUGQ5Z1IraEhkT2tKRkNUSzd2Y2swUElZVEVLUk9iKzlsc2Jyanh6RXZqblRkZVN5SHdxazlDbzNRVWRzQlJ4c3EvNjNZY3ZSUTBDZlAiLCJtYWMiOiJiOGRkNTBlNmU0ZWQ2MGEyNDdhZDdkNWQyMWFmMWZjMDk0OTIzYWExN2I0NDQyZWYyM2FjNzZlYzdhN2Y5YzRjIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:45 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jlEFhwGl8YoNW1fdA4B8x8kW4LB1ZDNhmB4QPmqmXJilaGs%2B38pvVZkpjhioXcQk5ZpP%2FVbVrTyaUz969w3b1umd2a%2FJDNSp8q9swThZxvZKdS8hdXwYRfUWKgxsy5XGVm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb318b865b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.babycubby.com/cdn/shop/products/LY29611-CLD-2-Pack-Mini-Pretzels-Sleep-and-Play.webp?v=1673890410

23.227.38.74

200 OK

221 kB

URL GET HTTP/2
www.babycubby.com/cdn/shop/products/LY29611-CLD-2-Pack-Mini-Pretzels-Sleep-and-Play.webp?v=1673890410
IP
23.227.38.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerLet's Encrypt
Subjectwww.babycubby.com
Fingerprint47:0A:BB:E3:76:3E:BC:5B:FA:EB:19:CF:E1:6A:F4:3D:66:A1:BD:CB
ValidityThu, 29 Feb 2024 02:50:51 GMT - Wed, 29 May 2024 02:50:50 GMT

File type
RIFF (little-endian) data, Web/P image
Size
221 kB (220744 bytes)
Hash
5fb3e6d7e442c3096cbe76fed949e3cb
7e28e24e43da6f8461b3636fd04d4e0388f3a242
95561d5ac88e5b34915b80bb684cae1542bf05ef8de148651aeab34cb6ba857e

HTTP Headers

GET /cdn/shop/products/LY29611-CLD-2-Pack-Mini-Pretzels-Sleep-and-Play.webp?v=1673890410 HTTP/1.1
Host: www.babycubby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:07:46 GMT
content-type: image/webp
content-length: 220744
x-sorting-hat-podid: 163
x-sorting-hat-shopid: 46706491556
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
server-timing: imagery;dur=680.616, imageryFetch;dur=188.009, imageryProcess;dur=486.124;desc="image", cfRequestDuration;dur=978.000164
source-length: 220682
source-type: image/webp
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 451164f0-c43c-4638-9523-dd604191eb21-1713380865
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
last-modified: Wed, 17 Apr 2024 19:07:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xbT%2F%2FaymxiMjRxXmkIntKwRoo5L2nUin2PnHK1mFzRqeM4CLDXvKB%2B7kj5u5YpKTVI30cuqo2svPFp7jrzNaqRmdhS%2B8IGALJsyPB0Zh%2F6IyEUgSCB1JQ3MYIZIDS72LixDM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-download-options: noopen
cf-cache-status: BYPASS
accept-ranges: bytes
set-cookie: __cf_bm=13MGaDexc34VXRAyWQENuO0tjZJviEhJ6tvb0CKySsw-1713380866-1.0.1.1-KEhsKd0DSx5TgqBGs61Oq8.eofjgbhdkXq9mXrgM4mu7bGcC3tTpUyCvMP0pGkSPJsi..wB_4YnZLhmjee0h9w; path=/; expires=Wed, 17-Apr-24 19:37:46 GMT; domain=.www.babycubby.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 875eb32adec592ee-CPH
X-Firefox-Spdy: h2

www.filecroco.com/wp-content/uploads/2020/08/joykeymapper-2.jpg

172.67.144.157

200 OK

80 kB

URL GET HTTP/2
www.filecroco.com/wp-content/uploads/2020/08/joykeymapper-2.jpg
IP
172.67.144.157:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectfilecroco.com
Fingerprint7C:73:A2:0C:CC:28:C1:C0:4F:B1:01:9F:7F:08:45:8B:05:69:02:94
ValidityFri, 29 Mar 2024 10:58:55 GMT - Thu, 27 Jun 2024 10:58:54 GMT

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 850x577, components 3
Size
80 kB (80447 bytes)
Hash
b826a7fe2f6cb4dbc37835c024bd3f86
4b34ccd85868c5372dd98d032ed572cfded3dcb9
e3a10f5f82ac80abe48e78ade98637b1a7a356662838bf1d522291df8e905ba8

HTTP Headers

GET /wp-content/uploads/2020/08/joykeymapper-2.jpg HTTP/1.1
Host: www.filecroco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:07:46 GMT
content-type: image/jpeg
content-length: 80447
last-modified: Wed, 26 Aug 2020 07:06:26 GMT
cache-control: public, max-age=31536000
expires: Thu, 15 Aug 2024 19:07:46 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W8frbpldsUfcEFbeNdChfHG%2B9GdFNjwbOn%2BROw%2ByKBcM%2FkTocyHEl6c2e5Kcnqfo%2FGnATtGWYlo8UsYvkgQS5P1cDbp4dl5qTm61ciM8V8BlmPLgspWh5BMMdV6Yx0aY%2F3wYsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb329ba6d56a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

salepeaket.live/static/market/js/jquery.min.js

104.21.38.171

200 OK

84 kB

URL GET HTTP/3
salepeaket.live/static/market/js/jquery.min.js
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JavaScript source, ASCII text, with very long lines (32061)
Size
84 kB (84245 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/js/jquery.min.js HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/javascript
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"14915-6141300c639d4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cI2eDFzcO76RMBsnXUgz%2B3QyIBPL%2FIHQwMiOaSZMIFTBleT85M%2F8A8aed45v5eVY%2BeFoAcgxRMnpomcyCj1%2BfYGjhyk2cUfxbgD%2BRBeKxiVSTqm%2FzCHnXhXB4xEA%2FE%2FQRLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3145976b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/default/js/vue.min.js

104.21.38.171

200 OK

94 kB

URL GET HTTP/3
salepeaket.live/static/default/js/vue.min.js
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JavaScript source, ASCII text, with very long lines (65449)
Size
94 kB (94151 bytes)
Hash
b21b8531847604ab5f2f5caaef51ba31
da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/vue.min.js HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/javascript
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"16fc7-6141300c3ad76-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c7a%2BeBH%2FMK47LtpNAM940VopWyk3b%2F9v9wddRxvhqPyGnOAi652EdEu2RhEIO%2B83DG0YoCff%2BFJX92hXsq%2BDa9Px6lVr4jQgpVafAkaMbre%2FAOXzFofekzsQcswVDG0rfPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb314597eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/api/item/random?num=8&name=hot

104.21.38.171

200 OK

3.1 kB

URL GET HTTP/3
salepeaket.live/api/item/random?num=8&name=hot
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3418), with no line terminators
Size
3.1 kB (3114 bytes)
Hash
40bb9f3d90a3aa6d1c73b3a4f6d3d830
911a889d8565570ebd9bf63b69f866d35aaaf6bd
60fdad988de193b0a5844416e0c88cdda3825a64219bb4f0c142a688002ba588

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/random?num=8&name=hot HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:45 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IjJCQjVwdkI1bjkydVBNNG9icUxKK2c9PSIsInZhbHVlIjoiWFBpM3RSUkcyYUZqUlJoRFUrYXhpVmtyVDUwRWZFQVJQV09FSThWYnF3UGJ6Lzl6NklxSzcvd3Axd3JkMnpjN2llVGFxbFpaVFc1eHpYYnRGeVJLcnliK212L2J5YmlWbmlSYTNpNzhQZmN2Vzh6cW56cTBIRWV6SzZCRHF6RjMiLCJtYWMiOiI3MTk5ZDEyYTRkZGExMWFlYzljYjM1OTU3Mjg1N2I3NTUwYTU3N2JlMmQ5MGRlOTJmNWRiMjFhNTk2ZGE5ZTZmIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:45 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsgtUKWxzMacP33AaW%2F3DZ1SctkwZEOSOKYs%2BmlnMKJHumbFSiflwy%2F5L9qucCuFu7sDaB%2BslSmrbpaEqk6r941ArfKUDjUHJ%2F7BGJykrV%2BiPXKejIN9Pe3J5fnNPyxdDsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb318b856b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Fp16-sign.tiktokcdn-us.com%252Ftos-useast5-p-0068-tx%252Fe3e51afda4c54f8bae4e007046bdc876~tplv-photomode-zoomcover%253A720%253A720.jpeg%253Fx-expires%253D1693602000%2526x-signature%253DUpNbHTg3nRP%25252FO7DLxR9RQhoOTpA%25253D

104.21.38.171

200 OK

38 B

URL GET HTTP/3
salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Fp16-sign.tiktokcdn-us.com%252Ftos-useast5-p-0068-tx%252Fe3e51afda4c54f8bae4e007046bdc876~tplv-photomode-zoomcover%253A720%253A720.jpeg%253Fx-expires%253D1693602000%2526x-signature%253DUpNbHTg3nRP%25252FO7DLxR9RQhoOTpA%25253D
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
38 B (38 bytes)
Hash
080bff720b79594bbe2bab08954f4cc1
325482b3c50845bc3faaaf61af567ec91c7791d8
fbb4235c8fec2785469f9a5fd49401f0974a1862a33e917cba5ebbdbb49a7acf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Fp16-sign.tiktokcdn-us.com%252Ftos-useast5-p-0068-tx%252Fe3e51afda4c54f8bae4e007046bdc876~tplv-photomode-zoomcover%253A720%253A720.jpeg%253Fx-expires%253D1693602000%2526x-signature%253DUpNbHTg3nRP%25252FO7DLxR9RQhoOTpA%25253D HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkI1UXE4RkRJYmRLUnRmOEgrVmFDcmc9PSIsInZhbHVlIjoiOWU2aDQzS1lwOFBZcjNQNlVYbERDdFB3ajhEdFhGc3VXK0VwdGxselFHTVNjRGtBZElPT1ZNRWc1cGFTRkJXbU40MUg0L1h0VkRkNkJORzhtMStYdnpINkU2bFl3S1NkRHNaTWZMY0N2dEY2aEhST2NtZkNvc1VBQ0JJTlcwdjciLCJtYWMiOiI0MTdmYmYxNjVkYTczMWE4ZDkxZWFhYTM4ODc3MmU5MDM0MmQ0MWVmOWFjNDRlYzA3ZTAwMjg0NmFjOTllM2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjJCQjVwdkI1bjkydVBNNG9icUxKK2c9PSIsInZhbHVlIjoiWFBpM3RSUkcyYUZqUlJoRFUrYXhpVmtyVDUwRWZFQVJQV09FSThWYnF3UGJ6Lzl6NklxSzcvd3Axd3JkMnpjN2llVGFxbFpaVFc1eHpYYnRGeVJLcnliK212L2J5YmlWbmlSYTNpNzhQZmN2Vzh6cW56cTBIRWV6SzZCRHF6RjMiLCJtYWMiOiI3MTk5ZDEyYTRkZGExMWFlYzljYjM1OTU3Mjg1N2I3NTUwYTU3N2JlMmQ5MGRlOTJmNWRiMjFhNTk2ZGE5ZTZmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:46 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 55
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Ijk2WW5GWG1ZV0FxOTFPNFNkZHkreHc9PSIsInZhbHVlIjoiOGNHMHNJb2hRUmhZejRFZVNicXJBSjNwQlBueVY3K3hWODRZUUxBa2x6cFEwWkxEU2ZoV2cyWldvRW1lamYrUUVhME0wZ0tLMmxtZWtzRjUwYUp1K0NrdXZyNmdhNDVXb055V0t1aE5TUzBVOWlGL2ZGZ0RkZXozRU1hSFF3OU4iLCJtYWMiOiI1ZTYzMDM0ZTc0NTg2MjVlOTM1ZTNmZjE4MjE4ODAyZjA1ZDQyMTQ3YTI5NDcwODBlZjcxM2M0MzkzOGU3M2Y5IiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=po9P7sWOuuDswG4OGjJyq5oSz8fsZJpK%2F3CeDBAid%2FxhkNZSBtes80vPj5s12vuxnEEGU3jTWzQof9ovfxCpb6fvf3zeGDDpu64ax7YrG1HLUlSb%2B68Pa8JMOr1OhAU5roE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb32ba8c9b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Fsatijalab.org%252Fseurat%252Farticles%252Fseurat5_visualization_vignette_files%252Ffigure-html%252Fnew2-1.png

104.21.38.171

200 OK

38 B

URL GET HTTP/3
salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Fsatijalab.org%252Fseurat%252Farticles%252Fseurat5_visualization_vignette_files%252Ffigure-html%252Fnew2-1.png
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
38 B (38 bytes)
Hash
080bff720b79594bbe2bab08954f4cc1
325482b3c50845bc3faaaf61af567ec91c7791d8
fbb4235c8fec2785469f9a5fd49401f0974a1862a33e917cba5ebbdbb49a7acf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Fsatijalab.org%252Fseurat%252Farticles%252Fseurat5_visualization_vignette_files%252Ffigure-html%252Fnew2-1.png HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkI1UXE4RkRJYmRLUnRmOEgrVmFDcmc9PSIsInZhbHVlIjoiOWU2aDQzS1lwOFBZcjNQNlVYbERDdFB3ajhEdFhGc3VXK0VwdGxselFHTVNjRGtBZElPT1ZNRWc1cGFTRkJXbU40MUg0L1h0VkRkNkJORzhtMStYdnpINkU2bFl3S1NkRHNaTWZMY0N2dEY2aEhST2NtZkNvc1VBQ0JJTlcwdjciLCJtYWMiOiI0MTdmYmYxNjVkYTczMWE4ZDkxZWFhYTM4ODc3MmU5MDM0MmQ0MWVmOWFjNDRlYzA3ZTAwMjg0NmFjOTllM2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjJCQjVwdkI1bjkydVBNNG9icUxKK2c9PSIsInZhbHVlIjoiWFBpM3RSUkcyYUZqUlJoRFUrYXhpVmtyVDUwRWZFQVJQV09FSThWYnF3UGJ6Lzl6NklxSzcvd3Axd3JkMnpjN2llVGFxbFpaVFc1eHpYYnRGeVJLcnliK212L2J5YmlWbmlSYTNpNzhQZmN2Vzh6cW56cTBIRWV6SzZCRHF6RjMiLCJtYWMiOiI3MTk5ZDEyYTRkZGExMWFlYzljYjM1OTU3Mjg1N2I3NTUwYTU3N2JlMmQ5MGRlOTJmNWRiMjFhNTk2ZGE5ZTZmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:46 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IlhEZ0FiU05WMXY5NVBTcjUzbGJSUHc9PSIsInZhbHVlIjoiWU52MXNFa2lWY2ZVcTVqWkFQK05FakwwRzVDdHVSeC9lRHJCTUtIbU1mVTBpenR4QWlTcVYrZlNtS2JWRG04ODNOQUlUNExBODBaM1hiZWtMKzhWZFNzdGtIU0t5SDI1V3MxZ2g0NnBjTnNhMnl2M3BVemlIZnBNV3pUVGJLcHIiLCJtYWMiOiI0ZmUyYmRlNmNkNDFjNTE0YmI2MjE1YzFlZGY2NmIyODQxMWEyZjE1NDEyNWM3OGVjYjlkYTMzY2MzMzc4MWFmIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkqeYAszmj%2BDeKC2Vch29qJqtPn8sulH48N15d3eVqtrTVbOyzQv9oqBDvkcj7q7JQsG9dt5o36Yi%2FBbU%2FvKr7Y7H1UMZjvtOwWQnE4ayHP%2BnPHHIwBWwnndIs6KwF%2BauMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb32b5849b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lh5.googleusercontent.com/GxQd7RHWKPxcZxLTU32u_QgcPS-CMk2aBrugWWoyMr2gxuaTklq7trFPMlkfF-hzCj-ydIu0ih7l-NQkIS1KACeptUjcnkJSPev5Uxi4Dv7D_-YozsdE_TVXCLP1fxQJEqd90NVa

142.250.74.129

200 OK

16 kB

URL GET HTTP/2
lh5.googleusercontent.com/GxQd7RHWKPxcZxLTU32u_QgcPS-CMk2aBrugWWoyMr2gxuaTklq7trFPMlkfF-hzCj-ydIu0ih7l-NQkIS1KACeptUjcnkJSPev5Uxi4Dv7D_-YozsdE_TVXCLP1fxQJEqd90NVa
IP
142.250.74.129:443
ASN
#15169 GOOGLE

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
GIF image data, version 89a, 600 x 356
Size
16 kB (15871 bytes)
Hash
a4ba24cac990c9481ca7eacba187a7b8
2e61c486a37146c0750535766e42b6708f2b0702
da841ad18d2671238d4df4fce95c7ae6ed0719da7301771ec834c29fbd34f336

HTTP Headers

GET /GxQd7RHWKPxcZxLTU32u_QgcPS-CMk2aBrugWWoyMr2gxuaTklq7trFPMlkfF-hzCj-ydIu0ih7l-NQkIS1KACeptUjcnkJSPev5Uxi4Dv7D_-YozsdE_TVXCLP1fxQJEqd90NVa HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Thu, 18 Apr 2024 19:07:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image2.gif"
x-content-type-options: nosniff
date: Wed, 17 Apr 2024 19:07:47 GMT
server: fife
content-length: 15871
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

salepeaket.live/static/your/css/animate.css

104.21.38.171

200 OK

58 kB

URL GET HTTP/3
salepeaket.live/static/your/css/animate.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
ASCII text, with very long lines (460)
Size
58 kB (58273 bytes)
Hash
77a5c1c68584ef4f63535fd1b8f9ea8a
d0700bd7ef9ef7b5c17f7ae46930dabb23e18f81
a8b27255a12c6f055e0df480753920dbfda0f4057f0d701b5d715e03a550a46b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/animate.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"e3a1-6141300c8ce01-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hpwFFz1%2Fg2b1ZwDzjaOH9ecFjuR0sDO3uqkae%2FvC6cnhwoSCFLryYXlpPensJAqU8cCLzucfPeq3jWt418PtsoMMBjheUniaZn2A5uHHg0crrK%2FDAISsqUvDA2y9lJX4KA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3144965b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/api/cart/index

104.21.38.171

200 OK

139 B

URL GET HTTP/3
salepeaket.live/api/cart/index
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
44f293d1057e83d64adbd382f9753c0c
64b4ac33d19337d1a099cf6f41cacbf95d017ac6
e0b1b9c0ec1aa8b305e8ee8c3f3946d9de911e5b0d29b9a80dfe128ce623fa13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/cart/index HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
Authorization: 
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:43 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6ImZwaXgzazJnK3MxQitKdDhSbXlYS1E9PSIsInZhbHVlIjoiZFljekxscjlTT2hqeDhSODNiZlJiejhxMlhaZ21VVnhvWkJMaUNGRjdHaWhCZEhDVklLSFd5dTB1K3FDSit3aGhvQkhTR1U3VUlOUnVyNGk0U1c5Y2tyS01CeFJ0R3dzRytkbkh0V0hZbllGazFraDR1S2Z5YjNlZjBFWXhGMmkiLCJtYWMiOiJhODA5MDgwZjRjYzEyMTA4MDg3NjM1OGEwY2JmMGQwMjJlMGI1NWNiYWMzZmU4ZTE3MjMyOTg1OWU2MmM5MzYzIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:43 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhgXHYWGOEbXsNbLU%2BQ1lrMBvdFPiFbsHcp5Aj9HdIvk0VpPRlTMs60nRbY6gXoJsQceHNOLUOJyDnIPeDegqN3Q68cdMkQGVRh28sc5Qn%2BHFqCTHPnqD%2FZN83QKerqriMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3181f6fb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/traffic_statistics?gurl=

104.21.38.171

200 OK

0 B

URL GET HTTP/3
salepeaket.live/traffic_statistics?gurl=
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /traffic_statistics?gurl= HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:43 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkI1UXE4RkRJYmRLUnRmOEgrVmFDcmc9PSIsInZhbHVlIjoiOWU2aDQzS1lwOFBZcjNQNlVYbERDdFB3ajhEdFhGc3VXK0VwdGxselFHTVNjRGtBZElPT1ZNRWc1cGFTRkJXbU40MUg0L1h0VkRkNkJORzhtMStYdnpINkU2bFl3S1NkRHNaTWZMY0N2dEY2aEhST2NtZkNvc1VBQ0JJTlcwdjciLCJtYWMiOiI0MTdmYmYxNjVkYTczMWE4ZDkxZWFhYTM4ODc3MmU5MDM0MmQ0MWVmOWFjNDRlYzA3ZTAwMjg0NmFjOTllM2IxIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:43 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IlYyczZQencydEM2WnNqNGlmR1ZqelE9PSIsInZhbHVlIjoiTEhTR3Z4WmdLMms5OFhEeENNTlpiaTlIYXJhOTJBdm9xcklmWDcyTHRUUVlpRGR5aFg4cE9VTXp0S2hJaTM3MVN3alhjdHZsYjdRekszckhqcStCNTRhaHlZNG15U0kyb3VRdWVHSFNON3F2ZWpIVTVuaXEwTm1wM1NrNnFQY1MiLCJtYWMiOiJmYzZjNTdiZDdlZjNiODUxOWQ2YTdkNjgzYjk1ZmVlOTkzYzJlNjM5YmY2Y2ZkMTgwYzE5N2NiZTQ2Y2EzMDQ2IiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:43 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=irYeKJnEZ54diC%2BtWxwn%2BuBrKOAFYGvwJAEBfk0xKs%2FrLHvmfzFQAG%2BcHpFspfNs18v8saD%2B%2BsVsz5jyfF%2Fj2HlzakwrJpRlY%2F1o6Rs5dcgGDNAgLgIKcpgc1wwbjat%2BAJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb318f8c8b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/static/default/js/public.js

104.21.38.171

200 OK

1.9 kB

URL GET HTTP/3
salepeaket.live/static/default/js/public.js
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1900), with no line terminators
Size
1.9 kB (1903 bytes)
Hash
51c8cad5196fedebda08621dea5c6405
5edaf17734119cf9985a4c1474bbde7eb801de35
13d077ad8e2e39537edac3359ea189cc9dd414f7a939e19950e22d7f7bcb1d34

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/public.js HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: text/javascript
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: W/"76f-6141300c39dd6-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=48BVvN4W%2FMHxm%2FPK4Wa%2F6hGsjzolqGo8gekO0hTmTeVBLhuxMB%2F9ctVxK%2Ba%2Biqu5tRojU8uWMsgrClilbKgH6S0522OnaXP3xqzJXHHZzRyLk5ZRiGYf9Ce7NmzAbBvJm7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3145982b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.mcrsafety.com/~/media/mcrsafety/blog/2020/06-june/fr1.png

66.192.228.168

200 OK

1.9 MB

URL GET HTTP/2
www.mcrsafety.com/~/media/mcrsafety/blog/2020/06-june/fr1.png
IP
66.192.228.168:443
ASN
#3549 LVLT-3549

Requested by
https://salepeaket.live/
Certificate
IssuerDigiCert Inc
Subject*.mcrsafety.com
FingerprintD3:5D:AA:F2:3B:82:0C:39:A7:00:54:F5:DB:D4:EC:F0:A8:1A:BF:26
ValidityMon, 22 Jan 2024 00:00:00 GMT - Sun, 12 Jan 2025 23:59:59 GMT

File type

Size
1.9 MB (1872574 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /~/media/mcrsafety/blog/2020/06-june/fr1.png HTTP/1.1
Host: www.mcrsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: private, max-age=604800
content-type: image/png
last-modified: Tue, 16 Jun 2020 21:28:00 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
content-disposition: inline; filename="FR1.png"
date: Wed, 17 Apr 2024 19:08:34 GMT
content-length: 1872574
X-Firefox-Spdy: h2

salepeaket.live/static/your/img/footer-bg.jpg

104.21.38.171

200 OK

171 kB

URL GET HTTP/3
salepeaket.live/static/your/img/footer-bg.jpg
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x425, components 3
Size
171 kB (170800 bytes)
Hash
01aad85abef2e701361ee4ded47754e4
cc6770719c0b7639740145824e048f339340c0c7
73eb0994db66a8e45749f3fd6b0b5d32416d5654eb867f0bf9819a6cd65e8aba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/img/footer-bg.jpg HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salepeaket.live/static/your/css/stylesheet.css
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: image/jpeg
content-length: 170800
last-modified: Wed, 20 Mar 2024 08:01:50 GMT
etag: "29b30-6141300c9106a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3541
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmVgAhDUoAKIYK6oLHxUepxVE%2B9DxUAVh4lZj8YgEDAMVhMrkijpjz4Tx44Ampq%2FCkxPo67%2F08jeCoPI81MhZPsXmOAiY64mWq2dhYMJ5L%2F8Mv1kTzFMmZKuHCbD1s9a6pA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875eb3192918b4f3-OSL
alt-svc: h3=":443"; ma=86400

imgv2-1-f.scribdassets.com/img/document/540861574/original/ae310c96b8/1698421169?v=1

151.101.66.152

200 OK

50 kB

URL GET HTTP/2
imgv2-1-f.scribdassets.com/img/document/540861574/original/ae310c96b8/1698421169?v=1
IP
151.101.66.152:443
ASN
#54113 FASTLY

Requested by
https://salepeaket.live/
Certificate
IssuerLet's Encrypt
Subject*.scribdassets.com
Fingerprint84:CF:52:5D:13:B6:8B:AD:EC:9E:74:47:AB:C9:D3:9A:0B:AF:23:73
ValidityWed, 03 Apr 2024 08:26:40 GMT - Tue, 02 Jul 2024 08:26:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 768x1024, Scaling: [none]x[none], YUV color, decoders should clamp
Size
50 kB (49956 bytes)
Hash
5f264590e8b1e248212421a537926e94
c0d1545e0dcbcc957325424647c1ff664bfe93a4
8a24f26faa3f4d08946986431cb912bb9b3b645e7bde8bdc80f9c8aab8f91c2c

HTTP Headers

GET /img/document/540861574/original/ae310c96b8/1698421169?v=1 HTTP/1.1
Host: imgv2-1-f.scribdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=864000,stale-while-revalidate=86400,stale-if-error=86400
content-type: image/webp
etag: "GEzsuimtrAVHe/ftyXA1PGy3GSMu+v3bnFQGABh0pL8"
fastly-io-info: ifsz=116776 idim=768x1024 ifmt=jpeg ofsz=49956 odim=768x1024 ofmt=webp
fastly-io-served-by: vpop-kiad7010229
fastly-stats: io=1
server: envoy
x-envoy-upstream-service-time: 125
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 0
date: Wed, 17 Apr 2024 19:07:45 GMT
x-served-by: cache-chi-kigq8000131-CHI, cache-hel1410034-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1713380866.544754,VS0,VE376
vary: Accept
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49956
X-Firefox-Spdy: h2

salepeaket.live/

104.21.38.171

200 OK

56 kB

URL User Request GET HTTP/2
salepeaket.live/
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type

Size
56 kB (56545 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:07:41 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:41 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1aVF4S5BcVwJy%2Fco6FnFW8ud1t0xL5arJAJuHZRzNpk4uSjXkas7XYbaC9SGoqi%2FYiKyC%2B2ZuqLp3KeessSQFRc5uVKMoxLYaQZoW0Rqa9txx3YbWfp3o0%2Fc%2F51JbHlUCI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb30fff8656c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

salepeaket.live/static/your/css/css.css

104.21.38.171

200 OK

61 B

URL GET HTTP/3
salepeaket.live/static/your/css/css.css
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
2d963171282c4de9d6969472b23e47e3
1ea3d4ba9fe4b01b4edf5b7dcd20ac246d2187d8
87ed5a5a37969aa977d6f4fc16ae7a094bc1abc454307e011b65036646b4d3ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/your/css/css.css HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:42 GMT
content-type: application/json
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7hSfI2qSouB7R13GMMHGpZxZampBwqUC4DxBj7UpH2W%2FXKdqyGzSacmnaq6nyuP620bQY7CQf6GwnmSq5cWGq%2Fv%2BUPKxV8yMGjnBABCBlnVn%2BnawVn5YXM6O%2FMl2%2FARFz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3143948b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salepeaket.live/api/item/secondCate

104.21.38.171

200 OK

1.3 kB

URL GET HTTP/3
salepeaket.live/api/item/secondCate
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1496), with no line terminators
Size
1.3 kB (1324 bytes)
Hash
4e2194b4d5e056222d5e2b33f41d8813
ec3439761eb08c3215722b5551bcff076bece222
1538a441ceb4615731f105a63f0ccb38d44929b0949a6f516eac66ee483ca13e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/secondCate HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdDakMrVUtzWkdZZ2hHZXNWcG8rNnc9PSIsInZhbHVlIjoiMzYyd2xLT3VvZ0V3OHZxamJGZjFVVWhxRXNJZFE1RkxsMVZXRkd0Q2o5Wi9hZHcrTC8yd1FNTzduKytaY1dmdGUweTNmYXBhRVB2RXYwMHZHazRmV2p2YXZPdkd2OUtBdm81MUh3T1ZPU3BNbEtDSlJ6TE1OZzJTY2VtWjdDZ2oiLCJtYWMiOiI0ODhmODZiN2EzNTkzOWU5ZTVhMDFjMDM4NjQ1NzY4MjZkNTBjNDJhZWVlMzI3MDE4NDcyN2EyYjA4NmE5YmI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8wRlFIcVIwV1luSkdYeVdQSXVJTVE9PSIsInZhbHVlIjoiMHV5eTYwUjJSN28veDE4T1hCNmRvaURJVmkvY3dIMmQ4VXNzNWZhcG1aYnhpVmZvcDFhK2ExakVMNlB2NFg2N0lyUHY0MW1leUlHOG5ZNWowQkw1SWYrUUd2VkZnbmEzQm9FN1JIYmVrdjZHd3A5ODBTNWFYKzFHSkErVHhHR2ciLCJtYWMiOiI0MTNkY2ZiZTQzYTI0ZTdhMmMzZGYxM2E5ZGM2YTNiYTc3Y2QxOWM2OTQ1YTZlNDc5OTRlMzViZDgxYzRlZTQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:43 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Ik1CbHd2SGh1Tkd6NWpSMWpVQ1g4Q0E9PSIsInZhbHVlIjoiWk9mckxXUW9ybkdsOW05QjJTZHVQbTdNamZvM3hqVUtDSFc2eUVlbUpVc1dtT3oveDhDSmcrWHlONGhtYXJDd0F1SEF3S0JCdHIzaFhMQTFEWkU2THAyc2RxMnlvWnhTb2pNMzdBZTNTOVZiVy9oei9DMStPOVYvM0R4UXlVNk0iLCJtYWMiOiI4MTNjOWQ1ZDI1OWZhYmI1MWQwOTVmOWJiYmVmOWIyYmU1ZDhjOWM4MzRiNmE4MGZiY2Q3MGVhYzFmZTQzYmJmIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:43 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdyotofFbT6b6G19aQ2wTdx1il5I4oiU5mdcLAEPu%2B%2BesM3Z%2BoTEROBN8OQ0gWcN8kQgiuAKqM1L9%2BoEm0FU%2Fbeh%2F%2B5iyth7QfUuWFZu21mXVjEV1M%2BifK18FoQPOcKUAx8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb3181f60b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

images.oreillyauto.com/parts/img/extralarge/ngk/orly_4549_002.jpg

104.110.15.105

200 OK

26 kB

URL GET HTTP/2
images.oreillyauto.com/parts/img/extralarge/ngk/orly_4549_002.jpg
IP
104.110.15.105:443
ASN
#16625 AKAMAI-AS

Requested by
https://salepeaket.live/
Certificate
IssuerDigiCert Inc
Subjectwww.oreillyauto.com
Fingerprint34:9B:94:56:10:EB:07:9D:DD:F2:78:8E:2A:E5:F1:16:28:AC:1B:BE
ValidityTue, 16 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1200, Scaling: [none]x[none], YUV color, decoders should clamp
Size
26 kB (25586 bytes)
Hash
93a023ae4c3545a68f5e9a4226de2ce7
a09456940a14e7c3a00282de9a85576227fdb019
d70121a76eef368ec0c34904022a82e16a492ca6ce4d1c73d742833118729155

HTTP Headers

GET /parts/img/extralarge/ngk/orly_4549_002.jpg HTTP/1.1
Host: images.oreillyauto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "6094937b-d15e"
last-modified: Wed, 20 Mar 2024 21:14:18 GMT
server: Akamai Image Manager
content-length: 25586
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Thu, 18 Apr 2024 07:07:46 GMT
date: Wed, 17 Apr 2024 19:07:46 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=500, origin; dur=0, ak_p; desc="1713380865550_388255223_27110349_50057_11163_5_15_13";dur=1
X-Firefox-Spdy: h2

salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D373287174894529

104.21.38.171

200 OK

72 kB

URL GET HTTP/3
salepeaket.live/api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D373287174894529
IP
104.21.38.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salepeaket.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectsalepeaket.live
Fingerprint22:19:9F:F9:F2:2C:BD:86:DD:CF:FA:3E:C5:51:76:69:D3:C7:84:8B
ValiditySat, 23 Mar 2024 02:24:04 GMT - Fri, 21 Jun 2024 02:24:03 GMT

File type
JSON text data
Size
72 kB (71989 bytes)
Hash
a6e08924aa916772365fa4c2153e51c1
d552038bdfc20ad4874b75cd7119bfec39fe33d2
85228cbbdd2773c396ba6307b1a5d90ac96060b0867647c6255a8d46edcb016a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Flookaside.fbsbx.com%252Flookaside%252Fcrawler%252Fmedia%252F%253Fmedia_id%253D373287174894529 HTTP/1.1
Host: salepeaket.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salepeaket.live/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkI1UXE4RkRJYmRLUnRmOEgrVmFDcmc9PSIsInZhbHVlIjoiOWU2aDQzS1lwOFBZcjNQNlVYbERDdFB3ajhEdFhGc3VXK0VwdGxselFHTVNjRGtBZElPT1ZNRWc1cGFTRkJXbU40MUg0L1h0VkRkNkJORzhtMStYdnpINkU2bFl3S1NkRHNaTWZMY0N2dEY2aEhST2NtZkNvc1VBQ0JJTlcwdjciLCJtYWMiOiI0MTdmYmYxNjVkYTczMWE4ZDkxZWFhYTM4ODc3MmU5MDM0MmQ0MWVmOWFjNDRlYzA3ZTAwMjg0NmFjOTllM2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjJCQjVwdkI1bjkydVBNNG9icUxKK2c9PSIsInZhbHVlIjoiWFBpM3RSUkcyYUZqUlJoRFUrYXhpVmtyVDUwRWZFQVJQV09FSThWYnF3UGJ6Lzl6NklxSzcvd3Axd3JkMnpjN2llVGFxbFpaVFc1eHpYYnRGeVJLcnliK212L2J5YmlWbmlSYTNpNzhQZmN2Vzh6cW56cTBIRWV6SzZCRHF6RjMiLCJtYWMiOiI3MTk5ZDEyYTRkZGExMWFlYzljYjM1OTU3Mjg1N2I3NTUwYTU3N2JlMmQ5MGRlOTJmNWRiMjFhNTk2ZGE5ZTZmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:07:47 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 55
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6InNDVFN1YzZnVU5mZ1hCT09ybERMMkE9PSIsInZhbHVlIjoiMWowWGVXSTJMcDNxWXJTQllCUC9xSjk5cnVHT0lFblVhd3ovR25sNmdKd1RQMUVxM010d01lRWtBMWRhb3dRMXFvejlybmF4dmZ5QVhuZnJ0WlZyTHFyZUV6b1pYNlBkZ3ZpL0RkVGxkMlQ3YVdzVnUvaWtMMTJPRm1PMjdJVzAiLCJtYWMiOiI1NGU5YzFkMjc4OTBiY2JmYjk1M2Q1MmY3NjExYTIzZjc0Mzk3ZmIwMTYwNjcyYzc5NTQ4NDEzNTliZGExODVkIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 21:07:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoyrp3SIt%2F%2FI6m2oqGZEURBksYDc5kAmkd%2Fa1MUHxgSNQ675HhGNBEz8AH0hbwlihcQu5pmwNb749Zrql%2BipgBeazh5IIfZ5ZF70ipmQihLT27WNQbX5aHPs84jGmSk74l8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875eb329ad8db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations