Report - www.rx-discounts.com/

Report Overview

Submitted URL
www.rx-discounts.com/
IP
185.83.214.222
ASN
#48357 K4X OU
Submitted
2024-05-10 08:55:27
Access
public
Website Title
RX Discounts - Cheap generics for Less
Final URL
rx-discounts.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
764

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.rx-discounts.com	unknown	2024-04-25	2012-11-22	2021-01-09	391 B	338 B	185.83.214.222
rx-discount.com	unknown	2023-09-06	2015-12-21	2024-02-01	178 kB	2.1 MB	141.98.11.217
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-09	413 B	6.4 kB	151.101.194.137
rx-discounts.com	unknown	2024-04-25	2012-11-22	2021-01-09	898 B	2.6 kB	193.243.189.83

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 08:54:58	medium	141.98.11.217	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 22
2024-05-10 08:54:58	medium	141.98.11.217	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 22

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed
2024-05-10	medium	rx-discount.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	rx-discount.com/sw-setup.js	13 kB	2023-12-29	2024-05-14
Pretty URL rx-discount.com/sw-setup.js IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-29 22:01:37 Last Seen2024-05-14 02:08:40 Times Seen50 Hash 32aef7bc23b33d5e23c0d41b6faf6f53 66cf9f454cbca743c6bc0bd1c74ecc1349770158 15ad7a543f2080aa02357644b55cc7639418801cf53ff39ba8d93eddb0485ec7 Loading...

	rx-discount.com/?aff=1614/	19 B	2023-11-13	2024-05-10
Pretty URL rx-discount.com/?aff=1614/ IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-13 22:20:40 Last Seen2024-05-10 10:55:32 Times Seen46 Hash 521ad3947f6b4f0e29785d6ad581729f 2a580801939ee273c91b55310928d0dc9247b200 2a5360e472927b99f1ae234396b70a007b46b39420673c48fedc74531b4e2ca5 Loading...

	rx-discounts.com/	0 B	2023-03-07	2024-05-20
Pretty URL rx-discounts.com/ IP 193.243.189.83 ASN #56655 TerraHost AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 23:06:23 Times Seen37896796 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	rx-discount.com/js_code/pwa.js?v=24042024	14 kB	2024-05-07	2024-05-14
Pretty URL rx-discount.com/js_code/pwa.js?v=24042024 IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 20:09:44 Last Seen2024-05-14 02:08:40 Times Seen6 Hash bc3c9e6cbc7cf737e828b873f668f3b9 c16ff1ae74a42718966a71f29c4af5dc76264ea0 53c2cd0a4a8263e6584e56b0bc572fa854f15cc5b0e69c6570e56b904d18229b Loading...

	rx-discount.com/js_code/shipping_selector.js	2.6 kB	2023-06-14	2024-05-14
Pretty URL rx-discount.com/js_code/shipping_selector.js IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-14 17:41:46 Last Seen2024-05-14 02:08:40 Times Seen737 Hash c3abd28a6c0938b827baceba8578f36a 2439c63f21227b3bf6f060def2f7c30fbbfa65c0 b865aa47e53e506ef332c34c720f33f672c8c6556ecbc307c5ba342c5c51db27 Loading...

	rx-discount.com/?aff=1614/	335 B	2023-11-13	2024-05-10
Pretty URL rx-discount.com/?aff=1614/ IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-13 22:20:40 Last Seen2024-05-10 10:55:32 Times Seen46 Hash f2fac803714c57f20ecd5f6e7c9caa5a 937283b803cb47c3f22566724bfac23256999ea6 ee24b20d2e2a5b0728920c7ca8d7da403eaa38f609b7adfd36f67c4a18b1acb8 Loading...

	rx-discount.com/?aff=1614/	174 B	2023-11-08	2024-05-14
Pretty URL rx-discount.com/?aff=1614/ IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 15:53:39 Last Seen2024-05-14 02:08:40 Times Seen122 Hash e8f3d2241a41bd0d60c3a872711766cf 7bf1004aeb7376da83c6bab6945eb308eaa54cd9 d96f34617022b5e38224e8ced5880b1c6e083b8bab7cee25abd0d93da4481197 Loading...

	rx-discount.com/js_code/jquery/jquery-3.6.3.min.js	90 kB	2023-03-13	2024-05-15
Pretty URL rx-discount.com/js_code/jquery/jquery-3.6.3.min.js IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:09:05 Last Seen2024-05-15 20:18:57 Times Seen1090 Hash 30792621ca010e3c5d5f98162629439f 9bc5b058a9e9fe3820484290bd0810681072e448 448ef0632211ba18d7c1557a6d22250820ac3b4465ba2e73b7137f4dc4a31a12 Loading...

	rx-discount.com/js_code/jquery/autocomplete.js	17 kB	2023-11-01	2024-05-14
Pretty URL rx-discount.com/js_code/jquery/autocomplete.js IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 11:29:56 Last Seen2024-05-14 02:08:40 Times Seen584 Hash f67957fe13fcecfec27a62e815f5aba4 ae9525d4ef289e840ab4df8c309121e4da4713bb 3ccf7c3829dc501fcabb1ad6e233f59c3445374b2905e95b5a8e9e4444415704 Loading...

	rx-discount.com/js_code/init.js	1.3 kB	2023-04-07	2024-05-14
Pretty URL rx-discount.com/js_code/init.js IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 01:56:26 Last Seen2024-05-14 02:08:40 Times Seen716 Hash a4d795427151dbb4c0b3d87260c158c1 ac53d3341bc2a72082c921c2bed3c2f0c5b015e8 6735c49b424e07bee1b1902371da0e39f273c03da79218fe620904a0a6f2fad7 Loading...

	rx-discount.com/templates/design_3/js/app.js?v=24042024	227 kB	2024-05-10	2024-05-10
Pretty URL rx-discount.com/templates/design_3/js/app.js?v=24042024 IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 10:55:32 Last Seen2024-05-10 10:55:33 Times Seen2 Hash 1a5062163fe9de8f848874eebfb035d3 aa8bb99f06e16ca46610d81275039331be829587 3638b134c20507dec8c6b56fcde102a077f68c93a918585b126d67a351136343 Loading...

	code.jquery.com/jquery-migrate-1.2.1.js	17 kB	2023-03-07	2024-05-17
Pretty URL code.jquery.com/jquery-migrate-1.2.1.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:31 Last Seen2024-05-17 04:48:52 Times Seen1397 Hash 7d87ce904ab76326bff3147c72a45b2a b5a7a40ada6f87047f00e95915356aff82cb0959 58564bc237b683f482c3a82def059f27b2be41109d237d7a2380074b5b4f22be Loading...

	rx-discount.com/?aff=1614/	695 B	2023-11-13	2024-05-10
Pretty URL rx-discount.com/?aff=1614/ IP 141.98.11.217 ASN #209605 UAB Host Baltic Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-13 22:20:40 Last Seen2024-05-10 10:55:32 Times Seen46 Hash 1d23f0b8df6e9bf326807d665273eeb6 b98a7da90816f82a08d9413f2786304af3c396e8 6bb628c9ed66c71ce880049be1645e69e2b7c46c63b4578c3dfeb2eb25e212e9 Loading...

HTTP Transactions (386)

URL IP Response Size

www.rx-discounts.com/

185.83.214.222

0 B

URL User Request GET
www.rx-discounts.com/
IP
185.83.214.222:0
ASN
#48357 K4X OU

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.rx-discounts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 10 May 2024 08:54:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/7.1.33-51+ubuntu22.04.1+deb.sury.org+1
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: http://www.rx-discounts.com
Location: http://rx-discounts.com

rx-discount.com/?aff=1614/

141.98.11.217

200 OK

39 kB

URL GET HTTP/1.1
rx-discount.com/?aff=1614/
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discounts.com/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
39 kB (38780 bytes)
Hash
724530365ff2b3f0a6f9c04d6a333db2
0030f07b99f99de299b522461c70656f42487ec1
2457be68df8bf9cf57cf7e5ea2402aee17c8f519f455667e0f91c33f0305114e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?aff=1614/ HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discounts.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Upgrade: h2
Connection: Upgrade, Keep-Alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=q2p6gb5vg1au71ci4lk0n66tbm; expires=Sun, 12-May-2024 10:54:59 GMT; Max-Age=180000; path=/
design=design_3; expires=Tue, 21-May-2024 22:41:39 GMT; Max-Age=1000000; path=/
lang=en; expires=Tue, 21-May-2024 22:41:39 GMT; Max-Age=1000000; path=/
aff=1614%2F; expires=Tue, 21-May-2024 22:41:39 GMT; Max-Age=1000000; path=/
ref=https%3A%2F%2Frx-discounts.com%2F; expires=Tue, 21-May-2024 22:41:39 GMT; Max-Age=1000000; path=/
ptrs_ip=91.90.42.154; expires=Sat, 11-May-2024 08:54:59 GMT; Max-Age=86400; path=/
ptrs_ip=91.90.42.154; expires=Sat, 11-May-2024 08:54:59 GMT; Max-Age=86400; path=/
ptrs_ip=91.90.42.154; expires=Sat, 11-May-2024 08:54:59 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 38780
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

rx-discount.com/templates/design_3/css/style.css?v=24042024

141.98.11.217

200 OK

15 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/css/style.css?v=24042024
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
Unicode text, UTF-8 text
Size
15 kB (14840 bytes)
Hash
5861e2b136711b937c2f25ff82e08644
457b6f9467938d3e716f85fa09951abed30f0588
1fbaa24beea0434d3b4561ee2fbc2fd9f0b0621278b8bc34c6324b962b10300a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/css/style.css?v=24042024 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1b7fc-617e1218ee1f8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14840
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

rx-discount.com/sw-setup.js

141.98.11.217

200 OK

3.8 kB

URL GET HTTP/1.1
rx-discount.com/sw-setup.js
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
3.8 kB (3826 bytes)
Hash
b055bd67cf3e54f29d4a634a32e8f269
7ae948847cc03136beb568aa76078e2abc416c2f
4ac697e44e562adfeb8bfe297c24b814ee7a2ec55fd23754fb699a50cf6600db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw-setup.js HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 10 Jan 2024 16:14:32 GMT
ETag: "3252-60e99b9ed0737-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3826
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

rx-discount.com/js_code/pwa.js?v=24042024

141.98.11.217

200 OK

3.9 kB

URL GET HTTP/1.1
rx-discount.com/js_code/pwa.js?v=24042024
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
JavaScript source, ASCII text
Size
3.9 kB (3895 bytes)
Hash
bc3c9e6cbc7cf737e828b873f668f3b9
c16ff1ae74a42718966a71f29c4af5dc76264ea0
53c2cd0a4a8263e6584e56b0bc572fa854f15cc5b0e69c6570e56b904d18229b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js_code/pwa.js?v=24042024 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "37e2-617e1218acb18-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3895
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

rx-discount.com/js_code/shipping_selector.js

141.98.11.217

200 OK

541 B

URL GET HTTP/1.1
rx-discount.com/js_code/shipping_selector.js
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
541 B (541 bytes)
Hash
c3abd28a6c0938b827baceba8578f36a
2439c63f21227b3bf6f060def2f7c30fbbfa65c0
b865aa47e53e506ef332c34c720f33f672c8c6556ecbc307c5ba342c5c51db27

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js_code/shipping_selector.js HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "a2a-617e1218adab8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 541
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

code.jquery.com/jquery-migrate-1.2.1.js

151.101.194.137

200 OK

5.8 kB

URL GET HTTP/2
code.jquery.com/jquery-migrate-1.2.1.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
5.8 kB (5783 bytes)
Hash
7d87ce904ab76326bff3147c72a45b2a
b5a7a40ada6f87047f00e95915356aff82cb0959
58564bc237b683f482c3a82def059f27b2be41109d237d7a2380074b5b4f22be

HTTP Headers

GET /jquery-migrate-1.2.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-40ed"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 10 May 2024 08:54:59 GMT
age: 20530679
x-served-by: cache-lga21971-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 20, 6197
x-timer: S1715331300.912351,VS0,VE0
vary: Accept-Encoding
content-length: 5783
X-Firefox-Spdy: h2

rx-discount.com/js_code/jquery/autocomplete.js

141.98.11.217

200 OK

4.6 kB

URL GET HTTP/1.1
rx-discount.com/js_code/jquery/autocomplete.js
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
4.6 kB (4578 bytes)
Hash
f67957fe13fcecfec27a62e815f5aba4
ae9525d4ef289e840ab4df8c309121e4da4713bb
3ccf7c3829dc501fcabb1ad6e233f59c3445374b2905e95b5a8e9e4444415704

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js_code/jquery/autocomplete.js HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "41af-617e1218adab8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4578
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

rx-discounts.com/

193.243.189.83

200 OK

1.5 kB

URL User Request GET HTTP/2
rx-discounts.com/
IP
193.243.189.83:443
ASN
#56655 TerraHost AS

Certificate
IssuerLet's Encrypt
Subjectmedichirurgia.com
Fingerprint70:BD:60:33:BC:04:E2:6D:3D:8B:4C:62:45:9B:B9:A0:BE:D3:1B:55
ValidityMon, 06 May 2024 15:47:37 GMT - Sun, 04 Aug 2024 15:47:36 GMT

File type
data
Size
1.5 kB (1466 bytes)
Hash
183d1ec2936711c738c2bcfab50a89d0
b3fe5dcd46559f9f20cb9cc72a12d36294d99339
9dc04dfbd69f3bce5f19fd8c529b430ad4dfc3816b0c6d5b547822dce5e38ed3

HTTP Headers

GET / HTTP/1.1
Host: rx-discounts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.21.2
date: Fri, 10 May 2024 08:54:58 GMT
content-type: text/html
access-control-allow-origin: *
X-Firefox-Spdy: h2

rx-discount.com/js_code/jquery/jquery-3.6.3.min.js

141.98.11.217

200 OK

31 kB

URL GET HTTP/1.1
rx-discount.com/js_code/jquery/jquery-3.6.3.min.js
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31078 bytes)
Hash
30792621ca010e3c5d5f98162629439f
9bc5b058a9e9fe3820484290bd0810681072e448
448ef0632211ba18d7c1557a6d22250820ac3b4465ba2e73b7137f4dc4a31a12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js_code/jquery/jquery-3.6.3.min.js HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "15f5a-617e1218adab8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 31078
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

rx-discount.com/templates/design_3/images/gift_card_img.svg

141.98.11.217

200 OK

4.7 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/gift_card_img.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
4.7 kB (4651 bytes)
Hash
8f9e3218ccb579450cf4851b04bf5768
2cfb7442e9f00fa79eb0df21bed2c6589a3c3393
6f1887e04d98fe418ac0a7923870a76b494e550c5b519f7ae49305489b2f8bdc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/gift_card_img.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "122b-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 4651
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/templates/design_3/images/logo.svg

141.98.11.217

200 OK

3.3 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/logo.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3306 bytes)
Hash
fd7a79674e68c9b6f51af728cf1ebad4
9573f4b2c20ca265bd98c8c05caa2b973baf3236
41a38e9eb46571627eb74611b404d62229741f109b7f445a6087b8c53ffe525a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/logo.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "cea-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 3306
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/templates/design_3/images/partners/fda.svg

141.98.11.217

200 OK

5.9 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/partners/fda.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
5.9 kB (5911 bytes)
Hash
95ef29b1a4579a46356f753055762ae9
332efa60b3dbda72f645c1c863e7266f84049590
29a9815060fe3ad949329deb9a58f3175171fbfaabc31c777b199452e1c5920e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/partners/fda.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1717-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 5911
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/templates/design_3/images/partners/visa.svg

141.98.11.217

200 OK

3.5 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/partners/visa.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
3.5 kB (3524 bytes)
Hash
2d9d831789b8a727500fee0b6ae2d62d
292c13f50a5263bad2e7d971345aa62eb61f70af
1cf13672a3720c2b5bd6966e724d85fdbdf22b85e5a2799e836e6b99811e2d61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/partners/visa.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "dc4-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 3524
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/templates/design_3/images/partners/mcafee.svg

141.98.11.217

200 OK

4.8 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/partners/mcafee.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
4.8 kB (4816 bytes)
Hash
a69e0cf1b9512fad752b7307ebd95cbd
ef86a99ebf2f4c1101e844bbdd1ba69ae85fcca9
13fe826d76a628aa71921ea2e750bbb508256553da9aabb3a04818e2334c3e33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/partners/mcafee.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "12d0-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 4816
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/templates/design_3/images/partners/mastercard.svg

141.98.11.217

200 OK

4.8 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/partners/mastercard.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
4.8 kB (4792 bytes)
Hash
a2986c577563688d7062eb90392185ac
c45fb566bc7322dde3befa33f3fc56592ce9ccb1
f4b22c041b4a3cea5efd3361f9917e05c22740f97fec0694f2e9c0c5ca803512

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/partners/mastercard.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "12b8-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 4792
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/app/set_images.php?pill=viagra

141.98.11.217

200 OK

19 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=viagra
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
19 kB (18693 bytes)
Hash
4bb188563c84d987bbe2637cc539cb8a
8ed97a90d4f17c3315d164985aa376c2c3861bac
afe634457967de31d4325100d8bcb758a7b655bfde168334d44df8b4aeda730e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=viagra HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18693
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cialis

141.98.11.217

200 OK

24 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cialis
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (24055 bytes)
Hash
83a1d3d201e523f949bc7f85860d3297
9752811b8282fe0dc05fffbc35df0abfc952b5e2
4f23c726a030fdf2b71f945e0974b848eda65f575bdde653e370773e991117ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cialis HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24055
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=levitra

141.98.11.217

200 OK

14 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=levitra
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
14 kB (13621 bytes)
Hash
5b578b210f1b736d774a918726663131
48de444b86485cdd81ae51b3aee6163576137a94
b0908c5bfb8526a8fd005ab0dd284d5db4e8260372b70bc67a247a931f3a9774

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=levitra HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13621
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=rybelsus

141.98.11.217

200 OK

12 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=rybelsus
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11481 bytes)
Hash
1a3f0571fe3e67deb790e5eb4d714b39
0663d79db5d9f9d66d8ab92c30081f2fedbf9dbe
166cc7fb5fed95aea315dac16e3f5cf004e8563a2ebd631c0d02184a36258fc5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=rybelsus HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11481
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=extra-ed-pack

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=extra-ed-pack
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16121 bytes)
Hash
950349906175f5adf7f5d4cbb00dcbf3
f623fc23e1a1da158289b605f4be6ad0c79bd174
856775435e07ffd2ee2a36c17edacc2fd09c1d3d54a2bee77f8098bf5843b45e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=extra-ed-pack HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16121
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=trial-ed-pack

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=trial-ed-pack
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (15983 bytes)
Hash
970c0eecf4fc845a600b8e00802c2389
5c98201b185d2d1954a23fb2c5fd612041d602ed
5f3aa8f5cde31398add7a4e65ef08d2797a7cf552d02d62982c8b41775c3361e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=trial-ed-pack HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15983
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=clomid

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=clomid
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16385 bytes)
Hash
721f69d3eca85fad099b78a9c66ac772
dc352a73f1affda222bbbbcf3fb75abf0f0958a1
30df095f739bfd532d9420f33607fed0434a2626f7e936ee1b9699952375980b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=clomid HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16385
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=stromectol

141.98.11.217

200 OK

13 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=stromectol
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
13 kB (12725 bytes)
Hash
8a0fab35dbe653888f9ae95c4e6036cd
da6b2c3f7452ae0e1eae471c150e95060193de8b
460aff1ea18e0d15773f52aa3de3a108c9c5a02873c6f0559784a5e4497afe8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=stromectol HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12725
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=female-cialis

141.98.11.217

200 OK

18 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=female-cialis
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
18 kB (17687 bytes)
Hash
6c4c4de935acc1c3e68b531b09e28495
51b2593f1c9effe30133a1e594a5a1c093a170c8
45f04fcefaacec9adf879cd4de378bf33e4181d3042e29e3585ee57cd407e615

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=female-cialis HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17687
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=viagra-professional

141.98.11.217

200 OK

17 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=viagra-professional
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (17091 bytes)
Hash
36efc98b236f18183fcf3e260eab962e
e436edf977c1c4aa69fecb5ad864abe8225a18df
09c207651da69608a5b79c3ddf84c1bfd69c478849964a37a424ff561b6338e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=viagra-professional HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17091
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=female-viagra

141.98.11.217

200 OK

17 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=female-viagra
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (17435 bytes)
Hash
43e637da7e63c1326040a6e614bfec56
ae2e1b751b9d73c09cb2d84b4cabcf830909a089
315095125cfc65c2f7d0c893c8653bf7455442f90367144e0340c39582715ce0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=female-viagra HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17435
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=super-ed-pack

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=super-ed-pack
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16069 bytes)
Hash
bd0fd589b07b4e710421d8e133c05aad
3d6f8b811e1b3fba00b1541d7e6e76b94c8ac6ba
f6acecbc340527411eec6b3724b9e874c364f8af3def3e73a44e97f9b0d599ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=super-ed-pack HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16069
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cytotec

141.98.11.217

200 OK

9.4 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cytotec
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.4 kB (9361 bytes)
Hash
5d24fb9f9c1dfacb50cc58c68eba07c2
fa6c598cb005b1aba0f10da0f98e582b8ca7a45a
9c49562d8680daadd52bec9c6ef99acb1273ed7d30feed5a3ad4e3a294a90683

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cytotec HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9361
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=dapoxetine

141.98.11.217

200 OK

17 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=dapoxetine
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (16691 bytes)
Hash
374bbb94abab75e8e36db2ef7d0afe38
03e3d96c5798878a3732431db3461eca2197d647
768e712c279bc7e3e2d29c2a1f200f8754c34a7dc081a755862efe5b3a0309c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=dapoxetine HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16691
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=accutane

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=accutane
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16219 bytes)
Hash
36427d564cbaae1559d70bf32d011286
3b0ae7386b5cf1da5af07fae70d93f3375cf6ef8
b5542cb3759ae28c36c1786d1a2777b2c1ad44efda55d1788a6da1561e320a69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=accutane HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16219
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cialis-professional

141.98.11.217

200 OK

23 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cialis-professional
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
23 kB (22877 bytes)
Hash
6ddbfc2c4701db2023925c8fc0f4dc35
b2309db69d0f8f7e5151a16547d225b86eedb1a1
798132596018c53383924559240d8c0fdfe3157a94f5094bfa4794e68fbbb03c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cialis-professional HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22877
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=asthalin

141.98.11.217

200 OK

9.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=asthalin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.2 kB (9201 bytes)
Hash
59ba049dc26450c8c7edb391e3fb3339
5d3994c6c07d3ef6398a77af8d9da79ffff4ab85
acbb1bf249e725b7ee84076419c98fb55ece8e3ef3bb828d48d9aedf1f855de2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=asthalin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9201
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=tadarise-pro

141.98.11.217

200 OK

5.3 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=tadarise-pro
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.3 kB (5253 bytes)
Hash
925fb1e2a49aa955246b5e0eabc7ad86
d4eeb051c256cc8c43b71ea772b42c80392ec777
24efa8c5551d808f5d9921f1623ed306f7bbe40c608a37a2ddd49b3d3cb569da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=tadarise-pro HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5253
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cialis-super-active

141.98.11.217

200 OK

23 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cialis-super-active
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
23 kB (22633 bytes)
Hash
a75db2fe774d721b8a5dabc661167085
9bb2b05a9935fd89df148823dd4085c7d8a114df
cad8e42b19c6fcb3d138a5d944da28ae94161c6f8a6148162ddbef25495286d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cialis-super-active HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22633
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=womenra

141.98.11.217

200 OK

20 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=womenra
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
20 kB (20101 bytes)
Hash
ea0a90d8f3510c78d3576b2c16f52daa
f9ebcb9f2ca3f82547081d41c550c9d631a62488
2891c1c0c471f627ddbfa8c121212cb1dee789e576b03d07fce12c3c31109abc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=womenra HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20101
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=neurontin

141.98.11.217

200 OK

15 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=neurontin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
15 kB (14563 bytes)
Hash
41056751256ebdc2f31c59ead24c0308
b49a21e71797c1cdb624edc3dc37a1ab49491a63
39f6bac48fbd0a348e3507d60a7f7c7d2ee6236bd1407145a23a1eeffd8a32a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=neurontin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14563
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=ventolin

141.98.11.217

200 OK

13 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=ventolin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
13 kB (13161 bytes)
Hash
63cc2432ee546ea1e67fd13ae718b3e4
0c1f30d65cf51b3c268f9ba58b3f136cd82cdf85
1cc7623cce4afd5f9fa17a19315696152f7806cf5d585723a42e7569d62e1950

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=ventolin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13161
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=bimat

141.98.11.217

200 OK

5.6 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=bimat
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.6 kB (5599 bytes)
Hash
d0f800ab8b96012c2450d3ec9834bd4b
767c6194922a2ad95c9b2fb3db3821359ad98a47
d040a7bfa605df09e38c7738eda2bfce252a4bc0d263fc6eda336a2328ac71b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=bimat HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5599
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=elidel

141.98.11.217

200 OK

5.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=elidel
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.5 kB (5509 bytes)
Hash
6894b25b25aff3d6256411c30e13bcac
57b0861404a0f99aeca950c7396afa3e0f7b7803
4fb6bd8c26a900168c0f672e3384ccecbcc27ed782b19d8450b90c2513e26519

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=elidel HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5509
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=candid-b-lotion

141.98.11.217

200 OK

6.4 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=candid-b-lotion
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.4 kB (6367 bytes)
Hash
25868af3cc326b63fc6413547bd44e6f
3805e4868edcc4e2c976d72803410946d4af2c8a
86a13494094571eb6e983d296b710cf01f732119c767a177cd7714800c342514

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=candid-b-lotion HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6367
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=elocon

141.98.11.217

200 OK

5.8 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=elocon
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.8 kB (5841 bytes)
Hash
1eb54c8ac2369d92cf001c826275ca3b
27545e0b51a98219a2bbd0ff1e621ad3ea1322a1
8f3a4fcc34746f593e71b04cf57ce733f49f60a08c5d9ce1b6f80c739a5285ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=elocon HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5841
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=imiquad-cream

141.98.11.217

200 OK

12 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=imiquad-cream
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11896 bytes)
Hash
27c4337d0dea7a190d84bca4d0a021af
d99a05bb36968fdaeee85aaa96f08a5126b2af39
3203d7633c22e5c2941b0466c024a68ca86f9aa861fe0a2baac51ff15accea9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=imiquad-cream HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11896
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=azeetop

141.98.11.217

200 OK

4.6 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=azeetop
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.6 kB (4577 bytes)
Hash
9360a9974d28ac33b2946e718738fe50
54ebf93f9964ded0ff917257a6dbb1a34587b7ae
2b9261806c9663402de9e7b0d50b7898919df3465b05c0e03eb806bdccb7a834

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=azeetop HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4577
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=zithromax

141.98.11.217

200 OK

28 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=zithromax
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
28 kB (28167 bytes)
Hash
dfdf854c3f413ddc00f8d3bf3c927ec0
abf00b66e327705a596108e27c1f8c65d5c7512a
5cc9b789562506739bf7702383ca538c5a8622d415f776254758890dfed08f6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=zithromax HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 28167
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=sildalis

141.98.11.217

200 OK

28 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=sildalis
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
28 kB (28077 bytes)
Hash
9444d7edf82d31a1590f0453525777e9
80753357dce96779728281c4a95ae614363a730a
b5d9164a5b898ce337372bba3abe2f1c200a56bf537e74134a64924d9b52c315

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=sildalis HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 28077
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=kamagra-oral-jelly

141.98.11.217

200 OK

15 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=kamagra-oral-jelly
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
15 kB (14879 bytes)
Hash
7eba90f3e865a290d648b099f5506bae
0c95058c4354eb0f5aa666068dad8fb0fff08e31
b4a704991c072c1267a50947f8c2fcdb592adcd3c1a8566a928f591fa998e629

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=kamagra-oral-jelly HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14879
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=extra-super-viagra

141.98.11.217

200 OK

18 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=extra-super-viagra
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
18 kB (17645 bytes)
Hash
4b562e14611746663d4cc711f034ecde
09f3556e63dfa651b3127bc70e43f99b1461a096
aa1ea948a461b29ecd39aa6ccea6a9eda1e60ef3fab25f345bb3eaebdafdf39a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=extra-super-viagra HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17645
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=kamagra

141.98.11.217

200 OK

23 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=kamagra
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
23 kB (23067 bytes)
Hash
5c679631b934082a2160d0954fee59bf
6fb6b24abb64f6c2559e2df29a099cc83b6af18d
8c2563ae595393f19ec21d44b260866f05f85cc5ff82cb930ea0d14d6b268bfa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=kamagra HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23067
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=kamagra-gold

141.98.11.217

200 OK

24 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=kamagra-gold
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (24261 bytes)
Hash
a7d9e955603a4b11d289fedfa959233d
0beb366663516ce8d21babe8b200ecc7d5d41b13
b9a375ebf908c05ead1cfcbc2f836d983672f77649637edbf5fc18b6a4b59e65

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=kamagra-gold HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24261
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=zanaflex

141.98.11.217

200 OK

5.9 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=zanaflex
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.9 kB (5925 bytes)
Hash
997e49c42aafb9773d00f421b5544fdd
50471579f125ff3033391228a0cd5b3b6d920506
4a4c387efa478fad5fe7d3eb7bfb025bc6495ef36762a0c01ee843bc14e7446e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=zanaflex HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5925
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=extra-super-cialis

141.98.11.217

200 OK

22 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=extra-super-cialis
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
22 kB (22495 bytes)
Hash
7fc06a37ad9ccbdb389f4fa772bc777a
2ac8b4c126e8c36bd23ff968cfd21a4c2da3cf7d
2dab184e3e9f7b1c944ca98cdd6251b8b3604df2749337866bcb2c49d2d1668d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=extra-super-cialis HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22495
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=lasix

141.98.11.217

200 OK

17 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=lasix
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (17209 bytes)
Hash
ef5eb660c8c807cc7998dfd53b5ef2e1
938cd2a11cd982f81b8451ae11906f7cb1e7ade2
c3d6b2f19e0aa0f85564311199e1853e670786863e040d5d7095a5051d6d4f5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=lasix HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17209
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=motilium

141.98.11.217

200 OK

15 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=motilium
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
15 kB (15383 bytes)
Hash
e81ef228c04204a5bc9a238f46ec3db4
1ccc15c1a424d9348bf54fcc870e40062b1ee77a
dd183e8c704630738bc3c307b8588abb0cb55b7d50385577cd7691e6e9fb1312

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=motilium HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15383
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=i-pill

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=i-pill
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16213 bytes)
Hash
6d741af8d60e267f5173f3066d764398
a366417d91e9085442a72106d9e4455e924c588e
ba21bca7f48d7b85f6fbb0eec2a26d8e91d9a8405196d6ef931b93501b36e33b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=i-pill HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16213
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cenforce

141.98.11.217

200 OK

9.7 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cenforce
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.7 kB (9739 bytes)
Hash
6f6f185d9d37137edbcfe15809b75ad4
dc19f4a58247febccc1cff22e9ac9ea93424354a
4b18bf1949ee1930a54d0af0d0909343ca42d9ddcdbb0e5e7412a3ff1c73882d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cenforce HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9739
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/templates/design_3/js/app.js?v=24042024

141.98.11.217

200 OK

40 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/js/app.js?v=24042024
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (446)
Size
40 kB (39875 bytes)
Hash
1a5062163fe9de8f848874eebfb035d3
aa8bb99f06e16ca46610d81275039331be829587
3638b134c20507dec8c6b56fcde102a077f68c93a918585b126d67a351136343

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/js/app.js?v=24042024 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "37863-617e1218ee1f8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 39875
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

rx-discount.com/app/set_images.php?pill=robaxin

141.98.11.217

200 OK

9.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=robaxin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.5 kB (9499 bytes)
Hash
04c84c9d3db183331e82235a68bbf4e9
5819fa2b96354b388b5f73bab686e988e5c6542f
91ea72569a8254e186c485ac5faeca2db64e53cadc8c4ad85a51cf022e43dcdc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=robaxin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9499
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=amoxil

141.98.11.217

200 OK

24 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=amoxil
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (24157 bytes)
Hash
d3be555354184c3500ca5d737d3ec50b
cfe3d8af34c90cb1426657ef8b0a357585d52826
cfc683ab1e820232406272782447451d191c058e8d58f8c4f0aa3920c5a6e84d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=amoxil HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24157
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=seroquel

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=seroquel
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16265 bytes)
Hash
48680e99ffd13236a8166e24a732446e
74aa66ff0734742f1602bb7b4df9bdbbc650315b
b46bf9261f60d7b5efc996822f44e176f315c0e0f6364d6db95132a3026b93a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=seroquel HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16265
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=tadapox

141.98.11.217

200 OK

18 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=tadapox
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
18 kB (18453 bytes)
Hash
52bec876dbe6118525a59cb15c459a09
92265ed598914f331b319a4c27cd1fd34fb56f73
0c26b08dbd5e5893391a330d8d44986939dcdc13e1a8fe9c0b735a18090d51c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=tadapox HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18453
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=clonidine

141.98.11.217

200 OK

12 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=clonidine
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11509 bytes)
Hash
05af51974d508cc172c84c509d0ad063
6a367aef302894528872d19bc7c281f78a171000
71c62108090c9238a12856ddb16e56ebae4ee0c96050adcf14dc8d01dd2556fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=clonidine HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11509
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=fildena

141.98.11.217

200 OK

22 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=fildena
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
22 kB (22089 bytes)
Hash
b3cebdf660cb2d947ffe433b562bae75
daee5a29f343d6ca7ba1ebe8142b2afc9dc348f8
1b5a51676ba701eb800b14e154202d7f1658671ed02f3f9f38ccbf2a818d25c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=fildena HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22089
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=periactin

141.98.11.217

200 OK

13 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=periactin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
13 kB (12645 bytes)
Hash
82a04dc429a1ca20207c6bba6701d824
1ef882785d5637d002d3872cfa85c57f371fec62
69b5778d3dda9e45ee0ebe542fa2abd678a0127c940c8c2a1540e3ce9a879d21

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=periactin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12645
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=omnacortil

141.98.11.217

200 OK

4.8 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=omnacortil
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.8 kB (4829 bytes)
Hash
a2e0723eff4114b3da4c63d216aba635
330cef528e97e11032f80f53ac3e59548797ce30
0f0138fcaed875a000f34f8976fdaea7295d11b1e1c820c6612b7dd197b8efd4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=omnacortil HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4829
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=prednisolone

141.98.11.217

200 OK

9.9 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=prednisolone
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.9 kB (9909 bytes)
Hash
49599412434ad684a482fd6bcaef1a7c
aa8efebd6c36dc20bfc48cb15985144f8ee1280b
f4af5be7aa8cb0339699d58270b2f4b8608863aafe21995dd7478aa96d71727d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=prednisolone HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9909
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=propecia

141.98.11.217

200 OK

14 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=propecia
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
14 kB (14149 bytes)
Hash
f1e9050573f045c2fc49b27d608fb5a7
bf0cc4f0f6e0cf3684b1691ddba5926f6f2a7994
36afcafc23d008a91d8e348f2a4da16d35e345668a0901dbc99a958ecead7495

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=propecia HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14149
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=pepcid

141.98.11.217

200 OK

25 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=pepcid
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
25 kB (24935 bytes)
Hash
7852116f524e146244e5ba1bf4a045df
99a73cd9a6fa64b79580a0b1681f9cd63812dc4e
477cceedd4b5c502dc9a5b4ce28804dcff3e8b84069ea6beebe87300fb5d6e66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=pepcid HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24935
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=tenormin

141.98.11.217

200 OK

13 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=tenormin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
13 kB (12875 bytes)
Hash
b0a79dc4042f9baf79539958c5028ba4
15415713ff212e65168d8e26865e6266506cdb22
485b338c52c9e1b4f47ff4909c890548978090f7f8786afded0013c028525aab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=tenormin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12875
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=viagra-capsules

141.98.11.217

200 OK

6.1 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=viagra-capsules
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.1 kB (6145 bytes)
Hash
728167c9a19f451da06c7e92d6a5a1ab
382000d63c56c2ccfb70e1a71bcd8c7118d3d1e4
09e551214b2bcc11c3c5892760faeb38c8e4e35c75a112db3729796f4fdb4025

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=viagra-capsules HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6145
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=ampicillin

141.98.11.217

200 OK

19 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=ampicillin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
19 kB (19011 bytes)
Hash
2220012d9899eeb586aa4ebd45832be6
359af52771ee139163b01d039c05c122964f6cf2
18423994152773db13ec0fb15664d0ecf1288efb4e8c337adc6b35e224881ddb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=ampicillin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19011
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=tadarise

141.98.11.217

200 OK

4.8 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=tadarise
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.8 kB (4805 bytes)
Hash
9956eab2b279a2fbc7d8d4c36bd7b615
ae3614181719e959f4dbe50069aee533721e9e68
63eefbf0ff2b871b56351603ada590dce18346e06b6d294bfd607063b85aabde

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=tadarise HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4805
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=lexapro

141.98.11.217

200 OK

18 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=lexapro
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
18 kB (17675 bytes)
Hash
8cc0ad1ea5108a1a4fe48bf04e498f10
095e21c432cb34fa496683c49c02a3d4fe3f32d6
da5ff09bcd0574158b82958ea3bd82fde7187bf5f4d2c951760099e9b646ed47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=lexapro HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17675
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=metformin

141.98.11.217

200 OK

21 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=metformin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
21 kB (20717 bytes)
Hash
b998a9a285ccec4332d484145ba9414a
9318ee0e5ed9d0d36ff6c7b2b90fe969ede59e67
f00e2a708d80b43589e0067235b419aed7fd2cf901220c34af07b9ccbaf5ee05

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=metformin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20717
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=plaquenil

141.98.11.217

200 OK

12 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=plaquenil
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11985 bytes)
Hash
347d4c7c641fbedda73a67a5b36f9755
b37939323e61ba06baceddccd1bde547948bacb0
d29e71525cb97dcbc5b4e9b2e960b3aca3ea0cdf7c38ec4f5cbc197a1d2c3702

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=plaquenil HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11985
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=propranolol

141.98.11.217

200 OK

17 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=propranolol
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (17189 bytes)
Hash
5802a8a311e759ae2a9299541b0657d9
7ac1c9dfa09ea332b9e9ceea8e80d983ba5cf431
9e61276880bd0aeab42b5fa650a8ea57153e33c8e6a85505d700534152af217d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=propranolol HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17189
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=strattera

141.98.11.217

200 OK

15 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=strattera
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
15 kB (14781 bytes)
Hash
652b19c3326704475252520b9c52fb1b
611882b966288451b4b762be75ac1e959dd069cc
d30281d40bc484747963bbf8c07078efcda99557d10f37e4536a0b1ee1bde290

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=strattera HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14781
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=synthroid

141.98.11.217

200 OK

12 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=synthroid
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11661 bytes)
Hash
1c1611968110ee56b5cac797d6d4e868
3b939b5b2fe16e12a34bcd0297c64a2abd14e5d3
d5fb93c55c4dfce4a598366f101ffcbdece48aa80b02f5a9a06f64acd6b94200

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=synthroid HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11661
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=viagra-extra-dosage

141.98.11.217

200 OK

17 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=viagra-extra-dosage
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (17037 bytes)
Hash
a1da9f1d11535ab097f4e47b97fcc9fe
59ac34d5f53de01d3a786a403023b09cf7c0bc2a
38a68de8c4d798ec4848d2d6edec8ee7573c28556b2746e58697a3cd83f7a9ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=viagra-extra-dosage HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17037
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=viagra-soft

141.98.11.217

200 OK

17 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=viagra-soft
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (17045 bytes)
Hash
926b4495e64f3a6b60a279e3c45b4afb
355cc75268639d32880b8e1d3e19b9f1622b777f
796edc1a26efcdc3d1370c4bf1c807aea6d808acd9fc216a807c0b9f0b98e672

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=viagra-soft HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17045
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=viagra-super-active

141.98.11.217

200 OK

17 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=viagra-super-active
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (17137 bytes)
Hash
7716adc4f14d1b3b0bb25773c9a83ea5
e4825df52f71c820891d2e07d2c72aca23aeed8c
0213434a04f0754d7a9b85c68ddcc4cc9af51e9a97bf928213fdd50686328dd9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=viagra-super-active HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17137
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/templates/design_3/images/icons/subscribe.svg

141.98.11.217

200 OK

4.0 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/icons/subscribe.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
4.0 kB (3953 bytes)
Hash
8e171a275bb9347deb28ac41198dfd93
12a88124d7c558be339acb6d3369e5098fdd9c1c
6ff2c32043af2101e9d5888989509520fd9436e6545ee4757d2fb6191edc229a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/icons/subscribe.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "f71-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 3953
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/app/set_images.php?pill=colchicine

141.98.11.217

200 OK

9.9 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=colchicine
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.9 kB (9911 bytes)
Hash
b963e66720f1841c76ed68c824b49cea
32e54f093e2e45a55d15210aaf18058184633fa2
db75b6bbb2f16d04f6d2abe40467901e6c9af2c27e16ef56b852061d0d0a4ad3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=colchicine HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9911
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=aciclovir

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=aciclovir
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16181 bytes)
Hash
8f6f8c39c349e0fc14faee1528278ad0
9ada7cb110932875dfab8f75235e170a53216e25
54d8c41fa2ca2324aac3947ff1674988fc83c3b3266aada80fb489f64e819824

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=aciclovir HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16181
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=antabuse

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=antabuse
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (15823 bytes)
Hash
87798de1b067f6ecf291af2be66c671c
2d486b472a13a42c3e9b83fe2c0e249afc132867
8053c470707588e4477a37fb4b828e353b2391426eb4bb37824759897fa3ab8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=antabuse HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15823
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cephalexin

141.98.11.217

200 OK

13 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cephalexin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
13 kB (13005 bytes)
Hash
6b6598c76de70e711925ae39502de6dd
353a5f738a124de8388dd29bfc3b3c3cbedbeb5d
c2a77bb27a3df3e4a36dccd0d563f62920f90dae0f3b9e1f6b8870b9fd6c67c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cephalexin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13005
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=diflucan

141.98.11.217

200 OK

30 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=diflucan
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
30 kB (30255 bytes)
Hash
1e4809cdaadb135872abdc91be503189
cfb558b22afc826159b431a2b0d4a733b25961e5
edb57ecf5a27f3d1c58de9ef773876208b156fa37105efd88a4128e2e9eb29b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=diflucan HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30255
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=hydrochlorothiazide

141.98.11.217

200 OK

8.0 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=hydrochlorothiazide
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.0 kB (7971 bytes)
Hash
6cee3f6a3e59a01cf314466f1bf373ca
c89e606c2f49560f5644b606631594e6d5cb74f3
c9fffa9eb06d4ea9f47c78e7185f8133c733f57370895ac251862c50acd2ad72

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=hydrochlorothiazide HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7971
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=doxycycline

141.98.11.217

200 OK

8.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=doxycycline
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.2 kB (8179 bytes)
Hash
07d704d90e67b5dd6ce382dd04b2c0da
376fdb4db433708b75774694ab680ae25ed8ed4d
25196504fdc88c1242d9a5c554cb4bcad99b74f441d1b0d052f1b5cbde438a03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=doxycycline HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8179
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=phenergan

141.98.11.217

200 OK

20 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=phenergan
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
20 kB (20069 bytes)
Hash
d91c44e9075698f31d0fb98bc1a0588e
d150131326b2977786cfe620b6f97d5c3a84ff38
5356a11ea64cc4cf780ee462dc35c6243f26361401f503a89e07f6e0eb7ff13b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=phenergan HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20069
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=sildigra

141.98.11.217

200 OK

24 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=sildigra
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (24001 bytes)
Hash
7de39a03bfeb789cbd57b49252d491b5
fec4f71366927d15468425bf8f27e09dc363ac64
9d538730bec769e39afcce05d580c9cb75d4af1dc8fb58377c3899f1d4bf8897

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=sildigra HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24001
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/templates/design_3/images/icons/arr-down.svg

141.98.11.217

200 OK

287 B

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/icons/arr-down.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
287 B (287 bytes)
Hash
826f2ed24869873e950658c73740b5f9
2bd6b31157bb85203454a901e693f86b22c1169d
7919a7eebd9a54be1013da8193c375aef8471d1c0c825df21b9b17921d561e92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/icons/arr-down.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/templates/design_3/css/style.css?v=24042024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "11f-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 287
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/templates/design_3/fonts/Jost-Regular.woff2

141.98.11.217

200 OK

18 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/fonts/Jost-Regular.woff2
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17972, version 3.459
Size
18 kB (17972 bytes)
Hash
6f62bbb900fb3baa6906a5cc508f9da1
ea4463bd891bb6b67e5fb4894af9464dd6c17f06
7818b7697dbcb091b756d67d453460849065c9f84a68464c96bab50988b21dce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/fonts/Jost-Regular.woff2 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/templates/design_3/css/style.css?v=24042024
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "4634-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 17972
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: font/woff2

rx-discount.com/templates/design_3/fonts/Jost-Medium.woff2

141.98.11.217

200 OK

20 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/fonts/Jost-Medium.woff2
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19956, version 3.459
Size
20 kB (19956 bytes)
Hash
f5bc08b9eb28e56f47ee0d230b00b562
d4004ccb996f48d003308b373b75bbe0a89d621d
e51c522a121f58b53acce7bdfe480846014b290d29ddc15a43d125264893e2d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/fonts/Jost-Medium.woff2 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/templates/design_3/css/style.css?v=24042024
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "4df4-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 19956
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: font/woff2

rx-discount.com/templates/design_3/fonts/Jost-SemiBold.woff2

141.98.11.217

200 OK

20 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/fonts/Jost-SemiBold.woff2
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20104, version 3.459
Size
20 kB (20104 bytes)
Hash
493ec8095f7215d7c22ffb4407fdf5c9
90bb61aecc84ded2dfcc69987e93220a5e349daa
9a8db933dc6fbb89d611d2a0f0778b92a9125db08436aa85263a331495ecd7b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/fonts/Jost-SemiBold.woff2 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/templates/design_3/css/style.css?v=24042024
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "4e88-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 20104
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: font/woff2

rx-discount.com/templates/design_3/fonts/Jost-Bold.woff2

141.98.11.217

200 OK

20 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/fonts/Jost-Bold.woff2
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20212, version 3.459
Size
20 kB (20212 bytes)
Hash
20d374c507f8a25ce9771a03ff24d3e1
08622df23238954cf4c9ce16e7bfd30cb5b45ae5
008d2eac80820e273245a20d642a165fbbfab526d848fce6f167e7e5cd1152ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/fonts/Jost-Bold.woff2 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/templates/design_3/css/style.css?v=24042024
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "4ef4-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 20212
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: font/woff2

rx-discount.com/templates/design_3/images/icons/icons.svg

141.98.11.217

200 OK

23 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/icons/icons.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
23 kB (23199 bytes)
Hash
3971ca2a6c6f529d147199032754a053
c06bce4ed62c1799a8917ada6ddd4ef277dbcf66
631955470e283b7eef4f54a77557a060fce79ae4f95dffc0538eb2a9214af203

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/icons/icons.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "5a9f-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 23199
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/app/set_images.php?pill=super-cialis

141.98.11.217

200 OK

22 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=super-cialis
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
22 kB (21767 bytes)
Hash
e8fce69007f0e02c3fb41128fbfa43a8
aa9bfcdf544af0db352cc32e6aefb824a9e13112
8a7cf1a8708abcc8b4855987ce72903f8b56106814a53baadab18dbf048aa2a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=super-cialis HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21767
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=tegretol

141.98.11.217

200 OK

13 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=tegretol
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
13 kB (13179 bytes)
Hash
c562ddc9a45c77d7041b791ae7511316
cdd4075e5fc982f58d561d1c06e934343a94c3b6
e9621b96c22021d55bd0202d54084b03011d2298b937021fad835250ce354a5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=tegretol HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13179
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=toradol

141.98.11.217

200 OK

12 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=toradol
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11787 bytes)
Hash
432da23c685cfe6e3e976f28a593b811
0084b95d624ff58755b56318ece0d2c6abbd7ca8
a454b92689c29b3ca02e66af36e5beed9dfc0b051d9ede3f53a2d38f4c281d0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=toradol HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11787
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=zofran

141.98.11.217

200 OK

7.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=zofran
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.2 kB (7191 bytes)
Hash
4c51cabd6a4de889a923d36837d6f17e
fc63663cded40ef95e584a17cb5761870e051a6a
af6a21cca98ba68fc2f84ef6d121167d9e00803be18b55ddb67ea5b046409943

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=zofran HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7191
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=zoloft

141.98.11.217

200 OK

15 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=zoloft
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
15 kB (14639 bytes)
Hash
fcb5dcef3905a28ad23ba7db1ceaf741
87c400aa77faa44656d784de6849c089a686a2e3
e69a6116a8418f93b980db0d0ac076ccdfc5eb2d313529d33c073ee882cf1406

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=zoloft HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14639
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=advair-diskus

141.98.11.217

200 OK

7.9 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=advair-diskus
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.9 kB (7885 bytes)
Hash
897c5e00ecb62eae1e1b378bf4296213
70a55448dbb8c9c0c3bd5d68ae22a32a91ba4a6a
6875ddb8b021b54a999f9fcc59a4b02c4516aa05f517da4bfac19451a464695f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=advair-diskus HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7885
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=aldactone

141.98.11.217

200 OK

11 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=aldactone
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (11293 bytes)
Hash
46c149057d0c332d7a6e8ab4abe5b928
0be301a7cfb63c55f9fa527dcdf859c7f357d391
6c4dcfdf41eddf61fe99da43175092c8d33a0a62668fceab72701aed83b9dc77

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=aldactone HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11293
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=amitriptyline

141.98.11.217

200 OK

7.4 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=amitriptyline
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.4 kB (7441 bytes)
Hash
d05374bb2769dd90dfb94b4adee0d7f8
71b9ddb527f87425c6d0de6b69aacece5806e84f
777a84eb60e48b3684c40ea7bc12b8b444767b8beb791dc6dd14eb027560c60f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=amitriptyline HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7441
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=augmentin

141.98.11.217

200 OK

10 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=augmentin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
10 kB (10033 bytes)
Hash
f4efb8e45389dc54db2cab14fdf7a89a
3e8e4a147049f864667e6256025cfa825f387215
6fef12c7d0677b1867e12f6040353aff8a38698c1a3549bc7a3154c4a3e2c181

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=augmentin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10033
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=buspar

141.98.11.217

200 OK

3.7 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=buspar
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.7 kB (3651 bytes)
Hash
0750b61425944573f50d26416c8336a9
a59a878327050f41286db0b7e77a7f8f98a53def
2a6e078e928116db359d4d631b2b487decb1afdc221ab39f1e41c4ad3a747667

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=buspar HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3651
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=ciplox

141.98.11.217

200 OK

11 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=ciplox
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (11413 bytes)
Hash
b6f20b44be14353b4a08f74547f35bff
db0c5e65fef20744a8302c0e7986af947b0a3239
9e082a830b929dd047b45275955747c42469e82338fbf2e3a2c602b6f8922828

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=ciplox HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11413
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cialis-extra-dosage

141.98.11.217

200 OK

23 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cialis-extra-dosage
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
23 kB (23201 bytes)
Hash
b52000f102036616c694c6dc4da6811b
d413fcd29e1a82b0f67de4eb52c3ffb8b82f5684
ea6ffb6f3a240dfff15fb21bd544ee2358f955601c898697cb808398cf2be4ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cialis-extra-dosage HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23201
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cialis-soft

141.98.11.217

200 OK

21 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cialis-soft
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
21 kB (21383 bytes)
Hash
921bfa985bd53b25db975c1248ef7406
52bd9bb397c70f2c2ec6adb11219484afc661f32
bd8df907a7b1e94b8b7a0088052d48184f05215acdd9ab5c49277e30069ca57d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cialis-soft HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21383
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cipro

141.98.11.217

200 OK

10 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cipro
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
10 kB (10233 bytes)
Hash
57f505bbffb1417a49710e4794c25af6
01963d23296f37949712745b358176edd7aafdbf
574b5063a8a5fd53d814ac7b5bf3871e844367bbd6a1c2a59a6db0961e2f5b88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cipro HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10233
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=clindamycin

141.98.11.217

200 OK

5.7 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=clindamycin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.7 kB (5712 bytes)
Hash
59399713cc0f4ab4ea9a5f1c7845fe06
2f0acd02fd30a6ed06701a546ac5649173f6345c
9d4ca33e61efe814db93b55b80c46b52b176b24d7b5cbf662af00a802fab3662

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=clindamycin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5712
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cymbalta

141.98.11.217

200 OK

5.6 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cymbalta
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.6 kB (5602 bytes)
Hash
856691700539267b5fa2c59893dbc36a
e079273d76f036dfd94785899ad21b98e3ece294
da288c53381d8c4cca955c2c3aa26fbd39d8647d1e02da956502f2320ad03740

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cymbalta HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5602
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=elavil

141.98.11.217

200 OK

5.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=elavil
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.5 kB (5493 bytes)
Hash
4ee7c7948e901dc1cb84eb15129d85c4
28cd32640fd0f7dc9ccd0ca7c063f1e82609caed
cc19f44f75dbc13eaf3ea81506730a7c66777a3a973f1fce57de55759b7d937f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=elavil HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5493
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=lamisil

141.98.11.217

200 OK

4.7 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=lamisil
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.7 kB (4747 bytes)
Hash
0cdf4e003201c649eb10d222f16792ed
85c2126e3d365bebf81a19afcfd559224161d509
111824f01eb6c275ce90a7bd194ce9927ed09a28fc8a79d9155145aed80278d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=lamisil HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4747
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=diclofenac

141.98.11.217

200 OK

4.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=diclofenac
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.5 kB (4539 bytes)
Hash
b507a59b8a0d9e1e0e685472934e5f24
81bb950090618483af4bf99a5c628feff5bed50e
3cfab61e81d9d7450efab29b263d7c289cd779da64370b218ad722b3b3a04788

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=diclofenac HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4539
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=lisinopril

141.98.11.217

200 OK

5.3 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=lisinopril
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.3 kB (5279 bytes)
Hash
e836d5a2e3ac04a809d41163797d3701
e5700fbc24fb3f448b8658416068403e14424351
130a83e64bc9e2680c06e3791ccec4b0a513125a9cfb403338e554447b006a44

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=lisinopril HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5279
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=reglan

141.98.11.217

200 OK

5.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=reglan
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.2 kB (5151 bytes)
Hash
be47439677c110e0cff8ab2a5834f96d
7bd52028ed9dcf2d25473484b932e812ece49f7b
53559c7031e2f6e8fdc2606c8348560be4b41de827aca0b0b80703fd6f1439a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=reglan HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5151
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=super-p-force-oral-jelly

141.98.11.217

200 OK

9.1 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=super-p-force-oral-jelly
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.1 kB (9087 bytes)
Hash
dfe982f5e3f876768d00ace4bf559683
7286dd1e4a7901faed2edace91027f544a3f8dad
f2dce2006647140a340a7d2ba95b09fa1b57a2393ca5b9594d2f85cc01090894

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=super-p-force-oral-jelly HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9087
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=tetracycline

141.98.11.217

200 OK

5.3 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=tetracycline
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.3 kB (5253 bytes)
Hash
e3df2c417e40dea19cfb5393d4ccc740
cfef2ca0767ef871f0dde1cc9452a30c9a8b4445
b368ee2159ac1e17918af42f44f170220f1b7aac31a8658d6c497bed57dfd5d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=tetracycline HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5253
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=topamax

141.98.11.217

200 OK

5.3 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=topamax
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.3 kB (5305 bytes)
Hash
ddddd856d8f872694eb0e24ac4d4f931
27fd78980b46c929ab5efcb848774d3e793e759e
9946c2b7aa9e5943f215c18beb08935f09da37de269fe3819f49493b579af046

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=topamax HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5305
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=vermox

141.98.11.217

200 OK

5.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=vermox
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.2 kB (5235 bytes)
Hash
62f91f22b3eb5ba6bf31b5473dba8a7f
cac6912b680f809542d8e9e14c53d7cb7ed56ee3
da0c2ea6c5f66467939964473cd4eade8235d2be3592c603efedd1e21b4eb320

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=vermox HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5235
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=voltaren

141.98.11.217

200 OK

5.4 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=voltaren
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.4 kB (5423 bytes)
Hash
09a7dfafc16392e57661b809be601382
e242bbba67f5429b78da23ac71e58b9cbc9cf582
10e1c89be2f5a0e07b0530d5800664d486069a1e43f02b8ed1652708dae2a4a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=voltaren HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5423
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=wellbutrin

141.98.11.217

200 OK

5.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=wellbutrin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.2 kB (5215 bytes)
Hash
09490ca5f5d391fbc9cc665c25292b40
afc099eda5f972868be7a372f226dcc413ce6dd8
a82b3734dcd71aa8e32cd2334e80964ed2611c67e583ab1ed350487ce6860bc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=wellbutrin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5215
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=zyban

141.98.11.217

200 OK

4.9 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=zyban
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.9 kB (4922 bytes)
Hash
dba25ccd2c397f8e8244b09db33bdf5a
561a0491ee7a5107149ef9da7bd3ab6ba9f66a5f
a2af02756ab62de6344abdf68b0645e363e3513bd0a4ebb03a5281674aeab24a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=zyban HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4922
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=chloroquine

141.98.11.217

200 OK

4.8 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=chloroquine
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.8 kB (4803 bytes)
Hash
62d99beae2409ca96411742c45e012b0
f980fbaf2d5157ea5829f6f2fe55887c9c22b383
02bf9f3071abeb2930a7925e37ee22b154e03e4be14e111332662ad2890ee3a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=chloroquine HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4803
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=entocort

141.98.11.217

200 OK

5.1 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=entocort
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.1 kB (5051 bytes)
Hash
197fbc77242bcab0ae174b046c7e0149
80fcaec22320e32f9e241801d3f399a39f56932a
0faaf77c8a3270a17276025de61a60cb7671ac94062cce4ae4900b99cd943c35

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=entocort HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5051
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=rhinocort

141.98.11.217

200 OK

12 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=rhinocort
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (12443 bytes)
Hash
80d0d192211d4df911dcf4c61ee0b47d
23726f4919f78dd8778e3cf6801316381ee2499b
92a4775962b33f673a6ff4d9f227506b2055fe3dd60289af5e1d5b400158840f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=rhinocort HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12443
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=kamagra-chewable-flavoured

141.98.11.217

200 OK

7.6 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=kamagra-chewable-flavoured
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.6 kB (7609 bytes)
Hash
11b341af034ee4b20771730c11e4ef4d
3f51d60ea20a22638b290aaeffe639d1a5522161
26c81b1c4dec2dc98202048f5915227f56447c63d2fee9f654a17e5c35fc6ce0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=kamagra-chewable-flavoured HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7609
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=champix

141.98.11.217

200 OK

4.8 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=champix
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.8 kB (4755 bytes)
Hash
9fe2d2a451d16cf0836448ba750d39e5
703749f2d665b32875a550094515e952f8238960
addf915abd4b5ee90eaddab4cbffbbacc2113b6a18f88a51fd4370724a2eedd6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=champix HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4755
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=retin-a-0,025

141.98.11.217

200 OK

5.6 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=retin-a-0,025
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.6 kB (5615 bytes)
Hash
28dbddfd5af8d9a1d410e2beeb566fee
32ea791e31d7109711c94782f10d12038e69cab9
6af9bf784f65fb1887fa9b10f3fee4cc0f0836e245a6f11d77262630856d363e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=retin-a-0,025 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5615
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=retin-a-0,05

141.98.11.217

200 OK

6.4 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=retin-a-0,05
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.4 kB (6407 bytes)
Hash
c170157ddae0b670fd8d62c3d87be80b
8154a08ff8c8f02e07d04e2b30e6a0913c464e7b
0d48028dd7985d5e3fe8cc2da6c30dd02afa69cc0f0832d4b7fe20181ef81fb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=retin-a-0,05 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6407
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=retino-a-cream-0,025

141.98.11.217

200 OK

6.7 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=retino-a-cream-0,025
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.7 kB (6677 bytes)
Hash
0a52bc3811802994ee8cd9e792990d74
0fd322cee184af636e67f8c4fa5b384bc16a5bf3
b16ea8244b5ea7307c4a47374c5ce7810c0e3e661f9c235e73a6c0e14435564a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=retino-a-cream-0,025 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6677
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=retin-a-gel-0,1

141.98.11.217

200 OK

7.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=retin-a-gel-0,1
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.2 kB (7200 bytes)
Hash
c1ff7135eb75017ffd7377e554747aca
dac0c88d325cbbf3beb0e876eccc1ade050178f8
ffef3990787eaefd1fd8c2765abd4f9e6d6ec279d3b391f2bf77f41319bec563

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=retin-a-gel-0,1 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7200
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=retino-a-cream-0,05

141.98.11.217

200 OK

6.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=retino-a-cream-0,05
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.5 kB (6530 bytes)
Hash
79d38bb9c7e8bfbc3277b922b8502b67
33b829d21411a4293b35174a1d4e2e6dda1bcf6e
a7d32a5b57e1bfd9d1ec7762809b25c9704e94973dacf16e4b2ed7aeb985bd49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=retino-a-cream-0,05 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6530
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=tretinoin-0,025

141.98.11.217

200 OK

6.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=tretinoin-0,025
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.2 kB (6173 bytes)
Hash
bb2b184ff100256da16aade8cae81b48
623914e42f7ff5078eec7256fcd64348e02aea7e
77537c4c169b9b89030c67b6366ac34d93049eb6017ac84c1eaf2e2ec4605725

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=tretinoin-0,025 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6173
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=tretinoin-0,05

141.98.11.217

200 OK

6.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=tretinoin-0,05
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.2 kB (6177 bytes)
Hash
bb462eb8379740a7735b8adf2101ad23
25dd05470cf31816dd4a251149aba85218b3e24a
a8e2addfe19177bc208144af864785fa142c434c6636424bedc443580e97aa75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=tretinoin-0,05 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6177
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=arimidex

141.98.11.217

200 OK

4.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=arimidex
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.5 kB (4531 bytes)
Hash
b45169c8ad30f46891302ce70e99d8ec
b46aedefa2cecb2e17a823c0d85859d4a1350207
f0439d3b778f72c0411e646e9dafd0eb78e2bdac448719c443d9af37b0020d84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=arimidex HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4531
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=aygestin

141.98.11.217

200 OK

4.9 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=aygestin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.9 kB (4939 bytes)
Hash
0e1a3898364b299fae2608b03422eeac
9cb2229ed1b5e618a0ca6dad6e2260b524528e60
e40deaf206bc219408d8ce2481fef2fd2e761bdd7ef1d3cfe3f7c4dbeb69c8b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=aygestin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4939
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=cabgolin

141.98.11.217

200 OK

9.7 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=cabgolin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.7 kB (9671 bytes)
Hash
9de912d752832781e870c2fee71b7a8e
b5466a848911f8651925a04bec5fad167cca3c15
e1f4bc59c0403260dc9faa27d62bc00a37553e442aa304eb6525e971399f2e08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=cabgolin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9671
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=careprost

141.98.11.217

200 OK

6.2 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=careprost
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.2 kB (6183 bytes)
Hash
ddd10cf6f66665b60f8a9e60f77e4106
228995157a5c708f9f77b571fbf6ccc654b79dd4
7a814b6b00436e1b9a4ee6f746b17d973c0532bb46c4730f220f350fb55d6c24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=careprost HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6183
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=danazol

141.98.11.217

200 OK

4.9 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=danazol
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.9 kB (4949 bytes)
Hash
5d953a8e50b5dda7833de3b78891726f
0378b3f6d8f9223566be0f5744a9986d9cca2171
39c5d38ffa7ff97a6145f81b9bca45bac5ad49280f0aa897276168dabe954e4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=danazol HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4949
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=dostinex

141.98.11.217

200 OK

4.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=dostinex
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.5 kB (4519 bytes)
Hash
69836e5e0b13af5220311d721fc6ad02
e47ad1d38a3e786c0a74a1788170e23244520de6
ed9993e39dcdf76053d87c92a9a79fc1f25f97c5fb992f80c93a114c96fa260e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=dostinex HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4519
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=estrace

141.98.11.217

200 OK

5.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=estrace
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.5 kB (5513 bytes)
Hash
52ed3ad5b854b2b0980c84226be3dad1
be8f3679c843aff29e825c0e44cb3deb22869d88
74490c1925ee62ddb30423f45643c345476ab94bec1a5bb3faf4b97a9ad6e37c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=estrace HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5513
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=evista

141.98.11.217

200 OK

4.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=evista
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.5 kB (4511 bytes)
Hash
57bce30ff72bc2fa5aba205117b91cf5
6bb50ef9d1e45f04f3f294c0b01c737a0bb69c59
60bee2d0c36c59c86517a689f96b97a9e285d9bbdeb2a7fb83b25c7766b11fc9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=evista HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4511
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=femara

141.98.11.217

200 OK

5.6 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=femara
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.6 kB (5647 bytes)
Hash
bab8224764dc96d2874aa42eea127c48
f65b65f4565bfe9084b2082c66445c1bd695b7e8
7d0a775fb8fcd4419aeee7377fce8a17abde75648f844f89166876ba3d4b5efb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=femara HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5647
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=fertomid

141.98.11.217

200 OK

7.1 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=fertomid
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.1 kB (7100 bytes)
Hash
09afc7f3c07db6a2349f214c3e9ca045
c2375117daf86f80462f703e59ee1ed33e8895f3
2ed5bf9789f8ca40b9f31d98bba8e9316ed8888a6f72e8e5391a41af2367d83c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=fertomid HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7100
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=fosamax

141.98.11.217

200 OK

5.0 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=fosamax
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.0 kB (4951 bytes)
Hash
4db7e4673fdd36cd688fe4f410f14120
b4d8d0b99fdf4412a3c631195a2ab625ec41948e
b352ad273d0b5c2e2cab99a4a97f84be57aa7a344f6750e2e4346e0ae9b0d453

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=fosamax HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4951
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=fluoxetine

141.98.11.217

200 OK

6.0 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=fluoxetine
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.0 kB (5991 bytes)
Hash
fe53751801890401ec7f1ae4ea9e34f9
c97068d4553a8d05062fdbbe1c0b944a4d0cf67a
94498cef2b9f138bbfaac60f51447d90c92d7fe317569d643bd4f9bed9bddbbe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=fluoxetine HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5991
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=ginette-35

141.98.11.217

200 OK

4.9 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=ginette-35
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.9 kB (4851 bytes)
Hash
69388734775f3f1f4fd0cd0921c8f237
fd2faa6a0d5d4cb44b14adeb20317e200ab3f9b4
ff4151d94f1e458188695fa34be7043f7b3c53a06886a6ff21b00cdc0a16eb85

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=ginette-35 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4851
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=lumigan

141.98.11.217

200 OK

6.4 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=lumigan
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.4 kB (6357 bytes)
Hash
f6c74228f53c5b6494474c81596f14ee
4b7d0ccdd70f3eeb1f5dcce6023560d0a7631a36
2f8024c87bf0fd528463d12a9d13198d574037ecb0b11b2264d8d071a6d090d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=lumigan HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6357
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=nolvadex

141.98.11.217

200 OK

4.5 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=nolvadex
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.5 kB (4497 bytes)
Hash
3e3690a2dd0bd38c4ff797859b49d5cf
42f8fff92a1599d1de35d899abb3cfc10f266949
7e5ba724d80d80d4c8ed155176042834864bbeed1b4d4dc46d04ac9b9b1c0200

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=nolvadex HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4497
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=premarin

141.98.11.217

200 OK

4.9 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=premarin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.9 kB (4941 bytes)
Hash
cc704d69769ba307ca8602928202a5fe
e0b21dfd974508ed69a4b95846e0bee412e0be3c
191db5ce9c8c21be3d44cb45f3bdc25ac1512035cd4e9516c564dd891c714b12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=premarin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4941
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=prometrium

141.98.11.217

200 OK

5.1 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=prometrium
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.1 kB (5097 bytes)
Hash
ad5be6e3c9c7bf57e5466692bbe95858
5f738861147542b323bc20738faac679173eb811
c275b3b5b7437e9d03d337947ece3d775409dc7925776315d7e303183590b3af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=prometrium HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5097
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=provera

141.98.11.217

200 OK

5.0 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=provera
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.0 kB (4967 bytes)
Hash
9fc67c300dba2c67860603089c8e56ea
518956b8a56060014aa612e3bf7149f742a0e276
aa153fd20c4e727d6a808168f0c476adcf965be29db19c192b0973f2e312e78f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=provera HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4967
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=contrave

141.98.11.217

200 OK

15 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=contrave
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
15 kB (15111 bytes)
Hash
88a1e0ab6781882a4dffbed50511649f
b5654c3a96b4f653efb0d39e960c79d8abb90b3b
bc886eb0ab64e8dbe10dba600cc5521f16ff514290e827304f17b5b3d051d937

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=contrave HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15111
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=flibanserin

141.98.11.217

200 OK

16 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=flibanserin
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (15709 bytes)
Hash
c7688befb341c23b38e20c3721d9df6b
3afa02c2fb0410e153259563583aaf58b72a13da
9b39dfcf03ba648643685465ccade449684a920227383a997ebd93be8cf3dbf7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=flibanserin HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15709
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/set_images.php?pill=muse

141.98.11.217

200 OK

11 kB

URL GET HTTP/1.1
rx-discount.com/app/set_images.php?pill=muse
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (11095 bytes)
Hash
a3e0d927266e372005caa710f6496326
1f94faf83fe6b367ff8aa2a7cf11eb5625e6398f
82c32554f720035477165082d6ac8823a61a9e5d8923641b51b2b9c6e3336810

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/set_images.php?pill=muse HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11095
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/templates/design_3/images/icons/subscribe_mini.svg

141.98.11.217

200 OK

697 B

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/icons/subscribe_mini.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
697 B (697 bytes)
Hash
73aa70d9a66b0fcfbbe34455ed2a8b3b
67b984f929b8e85f4785b278bf41cfd982e15677
9f9ec6b6221d3eb83065926dcbfd7bb7addf94ef45910cd51c44614396d107fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/icons/subscribe_mini.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2b9-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 697
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/united%20states.svg

141.98.11.217

200 OK

1.4 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/united%20states.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1385 bytes)
Hash
783daa3230c33d44d0fd669f5f15a085
498fad595ce72cddd18236ec4f46924663e06e00
dafeb4bc9b9cd617c6fae437bf4d10c451a48a48e9273d3a068a94397ae8b753

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/united%20states.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "569-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1385
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/australia.svg

141.98.11.217

200 OK

1.5 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/australia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1462 bytes)
Hash
e2a044fa2ae25880267bbe8961f94de3
68da7b66167b99f6130c55907f32274df59ee894
e80f22cb1c75371847d53b0e92659a2679d738ac517d50f2a75cadb9e3bdb58f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/australia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "5b6-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1462
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/france.svg

141.98.11.217

200 OK

489 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/france.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
489 B (489 bytes)
Hash
5b4cbfed48fb0455e4f20b81bb96a45e
142c6bc13f44af98dfac6d7fb61c705a208a2f48
b0539685cdd10e3f24a3231744f0c1bed12ac8afb9cf2078277933a0ca70227b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/france.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1e9-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 489
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/united%20kingdom.svg

141.98.11.217

200 OK

1.3 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/united%20kingdom.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1295 bytes)
Hash
3128e1c06b0baed838fa75a47c6339b1
066988730fac2849f44d444691532adeb8c91c5b
c851d77bc22b846eb22ffc79704d7a9d139ace8652c76455c3d84484040e01e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/united%20kingdom.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "50f-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1295
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/italy.svg

141.98.11.217

200 OK

489 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/italy.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
489 B (489 bytes)
Hash
af9bb0d6d9df32924b81a8f71e50d334
6e6d90c05dbc8f6f985c3de5483e120b002c7e30
14c9c833ed32deca30de25120d034b0cb73761fba2f0c80a53707e85d53f987f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/italy.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1e9-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 489
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/spain.svg

141.98.11.217

200 OK

516 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/spain.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
516 B (516 bytes)
Hash
4ebe2c4c602bb59e5fd25979894ddc49
13b779e98a424d69ac519086f86f993654affada
b1e54b87b12e46283d56017a6b93ab1d462413829545f1625ae7bd35c4482644

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/spain.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "204-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 516
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/canada.svg

141.98.11.217

200 OK

613 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/canada.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
613 B (613 bytes)
Hash
8c0bd5dac5d19c1b55421a653659753a
5143caa85b153cd23be76ee2ddf54f30c9381f24
53525c4d089d9c98864c93fe11cf2ece03bc598502ec40690cfc391e069e4a5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/canada.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "265-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 613
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/albania.svg

141.98.11.217

200 OK

740 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/albania.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
740 B (740 bytes)
Hash
e6dcd72af19596188ff99b7b2e949733
96759d2ef26b60c821fd328d23d47b0671b5caa8
11e1f4e9abb2f61043a4e0e402cec03e2982c1e95f5c21a8e67052da8588fbf5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/albania.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2e4-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 740
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/algeria.svg

141.98.11.217

200 OK

632 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/algeria.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
632 B (632 bytes)
Hash
bf5f55002c8c72c2a7b349300a553b66
5261cdb5459dd31fefc017dec1d846ae8c6bc4e6
75b99ea48d3c413b72a8c49384679b65edcb3d6cf49b03340cadf0f044d25926

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/algeria.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "278-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 632
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/american%20samoa.svg

141.98.11.217

200 OK

890 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/american%20samoa.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
890 B (890 bytes)
Hash
a31081f17d6ce309ae27ec3660e6a38f
aee2f2ebccb3b063d04bc348d46a05aa8ae75672
00ec6c9559c13c8aa9a464ed7078453d47f8c147847a6f57b800a7943ef1ff5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/american%20samoa.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "37a-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 890
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/andorra.svg

141.98.11.217

200 OK

1.1 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/andorra.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1110 bytes)
Hash
f25f3095333488685db16817f45423a2
cae06e3195fbb4d854f64f2abed112dfc4674789
7e8b1f496d1bfe3ba1b49434c3c40fac756242dca9cc9c113b66b3336aee62f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/andorra.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "456-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1110
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/angola.svg

141.98.11.217

200 OK

952 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/angola.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
952 B (952 bytes)
Hash
169c9434c6e681d561939fcb65e61cad
4587dd5b49c796ed1d1424a672e1ed96a001e713
6d3685911afea81b70330e3d1673fb35f02ff67a08826d7e1b3a43157ab93733

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/angola.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3b8-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 952
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/anguilla.svg

141.98.11.217

200 OK

1.4 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/anguilla.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1422 bytes)
Hash
b3f8b14830a819a694c42f328e9ee8e2
68d12f29f9316373243de3b7252ae482f8fe039a
7d9acd45a7986b73f7a74f93a9ff8275ad7a232610d565279c81541a5e2f7087

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/anguilla.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "58e-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1422
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/antarctica.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/antarctica.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/antarctica.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/antigua%20and%20barbuda.svg

141.98.11.217

200 OK

821 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/antigua%20and%20barbuda.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
821 B (821 bytes)
Hash
c3f305097d5d91413af6f2d938a2036a
29b14c5571d3335452805f8684dc77beb268a740
8d63f1293c7a9184bb66c16514a309f514a9659b5a363f556001e331ad5c6b2f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/antigua%20and%20barbuda.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "335-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 821
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/austria.svg

141.98.11.217

200 OK

560 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/austria.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
560 B (560 bytes)
Hash
e70a5a910f206d6caf017547455ff26f
7647c2eddb931a169dc0e49f16c7e680e05e27af
d2383aed03f439813bdbdb6aa4f2f906e145dc341a0bb0b6aaf9687d674bd416

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/austria.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "230-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 560
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/bahamas.svg

141.98.11.217

200 OK

529 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/bahamas.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
529 B (529 bytes)
Hash
66198d40a9bc6a1c25e6dfc67da118a0
66117ad76bde8b887fe0e8d8b68ee991b3fe6427
be799d661ff5ba41425f2e7bea85baeb95304e93a4b56e605632da9ebf0b3e26

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/bahamas.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "211-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 529
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/argentina.svg

141.98.11.217

200 OK

666 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/argentina.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
666 B (666 bytes)
Hash
3b829a62bd5fe58f0c495e9915a97607
94b4d57b985aadf55b2465fbd60be8cbadb1ac6a
6b25d417544a50e23bde81edf3d6991b1221df4750cde22329a0a6fb55b5ab5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/argentina.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "29a-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 666
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/aruba.svg

141.98.11.217

200 OK

785 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/aruba.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
785 B (785 bytes)
Hash
815f183fea3736de14f70214b047d363
9d57998651a0da529e883b7e8d43c44ca1b2af59
eee8e35e8b7c680b52c906302960e06954a364076f2074ba4f8240be1ee40c6b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/aruba.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "311-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 785
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/bahrain.svg

141.98.11.217

200 OK

481 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/bahrain.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
481 B (481 bytes)
Hash
91bafae3a1330f50533587c29ed05eb1
d94d94364d4c86952e0fc78149245406e5ebae36
edec09216854a7d843a1a03049d056f96464b4f719d0e30d48675874872cbf24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/bahrain.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1e1-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 481
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/bangladesh.svg

141.98.11.217

200 OK

402 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/bangladesh.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
402 B (402 bytes)
Hash
e42bf702b05c8727e61a1067af72d6a4
4ab78df3b60e41d7cfda44883500c4384d4845ae
b5be50e27393253497e4b8710980fd7d31ac88c8d8727f0c4bd785bd9bbc6e9c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/bangladesh.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "192-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 402
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/barbados.svg

141.98.11.217

200 OK

872 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/barbados.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
872 B (872 bytes)
Hash
bb75d3c00ef99a275afdc4a4e0b75f40
4172da131676193229784a2064faa98d582df446
6b759c6f5747d4ba3f16293652427698a7d918b6d9b3e2b170257a33be304f68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/barbados.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "368-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 872
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/belgium.svg

141.98.11.217

200 OK

589 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/belgium.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
589 B (589 bytes)
Hash
de75c1308b96d124f863668c773c061c
758da045ea505d8732bd1699f96110e1a0ebe7dc
dd31a4c86432a136a828b7de90106520d827885c2c26168c086c9495da953b6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/belgium.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "24d-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 589
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/belize.svg

141.98.11.217

200 OK

1.0 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/belize.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1020 bytes)
Hash
6698f655e839e8d4e230d8da782b1a42
9eb9f7959e20be01863715eae02c9ad7439a081e
40947c67b798b9744a2448da21e710c655345cd45269944405e9537fc80d6905

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/belize.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3fc-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1020
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/benin.svg

141.98.11.217

200 OK

480 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/benin.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
480 B (480 bytes)
Hash
8c5ea39c96eabb906456d12634828eca
5d0b564a06ba039c45e2aaad8bf0d252e9c0b07e
8377e414ed39702f1181be30dd2f9fe7c5ebb500c515fc8b9218daf5a3b76819

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/benin.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1e0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 480
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/bermuda.svg

141.98.11.217

200 OK

1.1 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/bermuda.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1122 bytes)
Hash
20890d5c4ad8909c0ac46f12910ed88c
c57e16f9b1c7b177449a3988f740a26fa8931c9a
e0ebd5fad8c7bd4c9fc8e2df70dea7fb8ce365fd9a26c58535a61c6a48bc8229

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/bermuda.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "462-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1122
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/bolivia.svg

141.98.11.217

200 OK

567 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/bolivia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
567 B (567 bytes)
Hash
68188798fe2cdb0def3618a097c73827
48ef5899bc873b31142dcce20eeab8164a604f52
34fa3976998176177fbfa8f52933e0d3b6fc19e3f20f67e4873c718afb7083e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/bolivia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "237-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 567
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/bosnia%20and%20herzegovina.svg

141.98.11.217

200 OK

1.2 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/bosnia%20and%20herzegovina.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1158 bytes)
Hash
c84cb65d711433a9ee397e90b3ecbb75
577a4b0bec3b89f21f7dc387b9d3ecd071489c13
94ac751b20b6577eeb6a50a1c87a0270366e0bf6bdb6d8f859a1fd2cbf54b14d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/bosnia%20and%20herzegovina.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "486-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1158
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/bhutan.svg

141.98.11.217

200 OK

1.1 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/bhutan.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1101 bytes)
Hash
08bd29b27b327f10a639e3e067ad92e2
3ffba72cf52d66d4a8c0b9ed3f314873754ef8c5
e459847102adb28cc3d8289caeb1b3d793e9cb237aa29070ac01c5c0f525289c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/bhutan.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "44d-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1101
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/botswana.svg

141.98.11.217

200 OK

693 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/botswana.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
693 B (693 bytes)
Hash
fce1b2f486fd45c0ca4797c18502d4f2
05a9e108522492756a56741cc9cbe179be25ce2e
6610a089775c4d05e299aebd32e41adef2a4dd5fcbf61e25c78c24a76a06a7f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/botswana.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2b5-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 693
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/british%20indian%20ocean%20territory.svg

141.98.11.217

200 OK

4.3 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/british%20indian%20ocean%20territory.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
4.3 kB (4279 bytes)
Hash
a3ac46e2ad7f893655377e5f7fad0179
d14802ce3109f61e0c5a1d95872461b411378d44
7d52e084d4c21b1b528f79185b1bdd2c4cb2564d2271a845814df49f6dc54ae5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/british%20indian%20ocean%20territory.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "10b7-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 4279
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/brazil.svg

141.98.11.217

200 OK

662 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/brazil.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
662 B (662 bytes)
Hash
28340e81e4bb3bfa7a80fcfba518d563
0aeb0b7383ca6456440fb9ad0e7425b5396713e0
cf0c958053ccac7399d859f74c9287d927f1737bf1e97e8ce537d52590f9c3ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/brazil.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "296-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 662
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/brunei%20darussalam.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/brunei%20darussalam.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/brunei%20darussalam.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/bouvet%20island.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/bouvet%20island.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/bouvet%20island.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/bulgaria.svg

141.98.11.217

200 OK

567 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/bulgaria.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
567 B (567 bytes)
Hash
afa5e01fcbbb75310b078baa9bd83277
1c16e9cc54b1d2b1edd2c53bce5b8c18c5fee01e
5f6429996e1e37273db28c4339a485b3aac4c4776220db7a3a34f931b6f325b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/bulgaria.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "237-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 567
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/burkina%20faso.svg

141.98.11.217

200 OK

494 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/burkina%20faso.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
494 B (494 bytes)
Hash
dd4b36aea80ad1c3ba611cfb64a42dd5
5fa0f0c70e8a238304119cf1267c73c8f1e50a57
203dee1c79f1ad3d3f6fdbf35722ede07c6b7d1a294856ebfafa907dca625694

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/burkina%20faso.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1ee-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 494
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/burundi.svg

141.98.11.217

200 OK

1.0 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/burundi.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1014 bytes)
Hash
3a07e6aba676c8b12b9060026e5e09b8
79f275ab11ea420c620ed47e40682e0ae204a9db
866a0b2639bc78679246fec5b581244204e03de3d25131fd38b2a68af31fda95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/burundi.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3f6-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1014
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/cambodia.svg

141.98.11.217

200 OK

759 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/cambodia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
759 B (759 bytes)
Hash
0e947fc0fa2705cc4ce9f212fb332f90
7cb5ff8f7e48bc28ed519797ebb4f1bed37bb036
31108d9b05599e40a239e97e2580b21b07e0c519073972699531a26221f6d130

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/cambodia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2f7-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 759
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/cameroon.svg

141.98.11.217

200 OK

724 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/cameroon.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
724 B (724 bytes)
Hash
070913e5566fcd343011bc5b8b0de05a
bbbda89e4636a0dd04b46d67a04b5f38d7c233ba
b5e8121f00b3fedae18985618fd167d77cd9828a6bae67430e1bdb8633b1decf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/cameroon.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2d4-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 724
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/cape%20verde.svg

141.98.11.217

200 OK

1.6 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/cape%20verde.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1565 bytes)
Hash
d07ec27e903c2e51dc9e7c75ba6ed796
256e7f847826412b8cd866292c0336da5d64eb38
d70ea3c56389ce3db5983794d7d1020398bf1c50491b9524bb049955913276ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/cape%20verde.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "61d-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1565
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/cayman%20islands.svg

141.98.11.217

200 OK

1.5 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/cayman%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1504 bytes)
Hash
1195188b26ec11aaaf701455958375e4
be333a333821a4481a520551127c5453468a20d0
d7d4abd7f248addbb359dc226719ba83b7005bfdf0ebedbaad6b7a43c1a7da2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/cayman%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "5e0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1504
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/central%20african%20republic.svg

141.98.11.217

200 OK

1.1 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/central%20african%20republic.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1069 bytes)
Hash
b6c9629274512184a653fafe2b5c7314
f05bb2ed72232a34e4dbef6c4d7ecfc601599a0e
8abf8b87da7478a3b36efb76aed12b1b282bb96b47994299c726f958c11abfb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/central%20african%20republic.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "42d-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1069
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/chad.svg

141.98.11.217

200 OK

570 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/chad.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
570 B (570 bytes)
Hash
1b243130cf58dc471ea697c6d024712f
eb0403e690176576132cb4b5aa99ba45506a51bb
c035ae87385355d0f0d8e407ae7ca26bead14ed06b2f42ccb1895fcf0d416021

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/chad.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "23a-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 570
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/chile.svg

141.98.11.217

200 OK

571 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/chile.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
571 B (571 bytes)
Hash
8739098f2ebc15e27918f1840296a309
48c98c3f102918089d5b86f4cc08b3d0fb30d5c3
0a1bc29bd12ba563f86e3cc1cd9b47f5d1d348fc2573e7fd48ff3f41d5db02f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/chile.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "23b-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 571
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/china.svg

141.98.11.217

200 OK

842 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/china.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
842 B (842 bytes)
Hash
ea575f63e081a78ad83923e5f106177a
cfcb8aa4723383332fbbef92371b020b6e099447
2a0fd270d676b5d088d47db41c76017463b3b9ccafe44b37373f88ff406bf867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/china.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "34a-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 842
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/christmas%20island.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/christmas%20island.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/christmas%20island.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/cocos%20(keeling)%20islands.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/cocos%20(keeling)%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/cocos%20(keeling)%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/colombia.svg

141.98.11.217

200 OK

520 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/colombia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
520 B (520 bytes)
Hash
452c3faabb053787c07f80edde060bdc
7dc0a771595994278dac1afb57e5b8906420743e
3d5463b2771cf616de73b9f14e4f16e2420c49a5e89491097f0a7bd64331ab21

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/colombia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "208-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 520
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/comoros.svg

141.98.11.217

200 OK

1.4 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/comoros.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1368 bytes)
Hash
c58319e3ec75b4f12aa3c85bd12d1bac
ccc96630a3a86a3bd0a58234dae02f0a4e45c340
dfc79c4d1e1fcc9600158c85eb48420781182f4d97dc525258e2b6ade4ee9ed9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/comoros.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "558-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1368
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/congo.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/congo.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/congo.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/cook%20islands.svg

141.98.11.217

200 OK

1.4 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/cook%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1446 bytes)
Hash
5517fd0f1f44049f810f83b0d7b8b523
af93d670bf7a2bc10ca5777c66d216395355756c
8dafb56cc91f1296401fd05ff76b647b9bba4a61297f4f8be95cc17eccfcbbba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/cook%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "5a6-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1446
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/cote%20d'ivoire.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/cote%20d'ivoire.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/cote%20d'ivoire.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/costa%20rica.svg

141.98.11.217

200 OK

606 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/costa%20rica.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
606 B (606 bytes)
Hash
96b23dd9e26dd5f8d9aeb09b12f75574
375bbe65269c08b5f8ed28051d3552312e34f614
2864970bc98a64321e756a9abe4e3a5b4c915193cc40f42a96d4a2b00600d1ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/costa%20rica.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "25e-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 606
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/croatia.svg

141.98.11.217

200 OK

1.7 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/croatia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1653 bytes)
Hash
0110c354ecdc92d77add83171e416b52
ddf3bb2371bdc2e7f7c16c4dbb78599058c6fa9c
fe13337f77e7416dc309cb9676914da3a709ad86f3a6cbe9b1e8815371d92b1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/croatia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "675-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1653
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/cuba.svg

141.98.11.217

200 OK

764 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/cuba.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
764 B (764 bytes)
Hash
0334e114c1c6fb81a17d31b7ebd9fe7f
c5907c6228c79e705a21f8ee5e6e49a9335e10b5
b63707138b0306b59bd23db8c659335f0bab196d32b2a94aaea1a1fd661618df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/cuba.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2fc-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 764
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/cyprus.svg

141.98.11.217

200 OK

740 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/cyprus.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
740 B (740 bytes)
Hash
382112328eef318b8a4fcb8f8b21b62c
2ba59eedd2247143a578b648c537642882d55f81
3a58092742a88f281cc8ad03345228140f3d32bb0087f65fefe017db1a9deb0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/cyprus.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2e4-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 740
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/czech%20republic.svg

141.98.11.217

200 OK

471 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/czech%20republic.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
471 B (471 bytes)
Hash
360e6311fb508bc2badc3a860318916e
7bef5ac99cf4938fa78cafe78dbf92b9c12635d4
99e6045af12ec3448fa6fb2d52ca86a5755bddff993b2f72bf2127a87bffe74a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/czech%20republic.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1d7-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 471
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/denmark.svg

141.98.11.217

200 OK

541 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/denmark.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
541 B (541 bytes)
Hash
80ae373b62b2307f59eb113c486bd28f
ab77fa4932c80c237740654be932bed8fc902497
7d190d5ae16a54dfa622599978ce0b0a1b7c2adb4fb5159dd1367451432103c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/denmark.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "21d-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 541
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/djibouti.svg

141.98.11.217

200 OK

645 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/djibouti.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
645 B (645 bytes)
Hash
4338260ed1db49977bbee9e59a5c5fa0
d477d74c322ef49ccb9a31f59c22ae87cc9a631c
3e357278faa461623f5c524e6c1e52fb15abe3159988fcf1783048e0c971bf7a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/djibouti.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "285-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 645
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/dominica.svg

141.98.11.217

200 OK

2.4 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/dominica.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
2.4 kB (2420 bytes)
Hash
71d2b8a8a2a1ec6e81fd1169c4f60360
ebf95fc5e4bc381dda28a0f383369129f58f25ca
6f83013108f0ad904961c56790428376586a45a0fe2e1519dfec1b80d7aa27ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/dominica.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "974-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 2420
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/dominican%20republic.svg

141.98.11.217

200 OK

911 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/dominican%20republic.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
911 B (911 bytes)
Hash
2d8530c887ef5e059911864f8040e0c5
6b26d79988c3b1477cc9c8287abe7884cb17c927
90748e1d679cf668b3c026d9305ee306d3218aa108902f22ec2956eb6f92ad1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/dominican%20republic.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "38f-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 911
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/egypt.svg

141.98.11.217

200 OK

724 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/egypt.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
724 B (724 bytes)
Hash
0b19d6f1efb0782a62f312fa7ffa4b2f
67380c53abe2bf9b30ab9c6fc96bc6ae01670dfb
6aa5811e4bc03cdea8fbb955827849d685e521ab680f6a8ac405bf8e26041328

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/egypt.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2d4-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 724
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/ecuador.svg

141.98.11.217

200 OK

1.0 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/ecuador.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1005 bytes)
Hash
86dca1c0c83daeed5385bfdb1dd79fbe
a0ee22d9060455b9ef1bd417d5a235d9d244b6f5
24411025835c831e2643267460ae7c66b912b8cb69e815bfb8ae82c59703703c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/ecuador.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3ed-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1005
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/el%20salvador.svg

141.98.11.217

200 OK

699 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/el%20salvador.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
699 B (699 bytes)
Hash
42f65700d83f2bab27e1342545e23054
53573e8df4610dcb3f04f3314d1efc6d0d104e38
1ab6d38ca3e39f6896ce584ed3497e8b580762d55314702d984f96cdf20fbb97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/el%20salvador.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2bb-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 699
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/equatorial%20guinea.svg

141.98.11.217

200 OK

873 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/equatorial%20guinea.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
873 B (873 bytes)
Hash
4a78c4693be324ae2fb5ab3bdf0f9a06
866c4cb61b15d68362a5e69976bc6e95cfa7b7cd
f66cbffa660eb82568b9084e2665a9f8048a9f3a62f258028dcf9e82b796b2a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/equatorial%20guinea.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "369-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 873
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/eritrea.svg

141.98.11.217

200 OK

865 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/eritrea.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
865 B (865 bytes)
Hash
ae147494289aeb6838f4c9601a492c2c
86573dfe6d2104efcaae7096d5cb45bee7356e70
fd11225b301beda1c89596626c68c2cac0c81f886117cc15836fde1b18d2df80

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/eritrea.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "361-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 865
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/estonia.svg

141.98.11.217

200 OK

565 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/estonia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
565 B (565 bytes)
Hash
3e71e84dc8bf0b02853791b93c84c823
801947510d1e6ff04d4b18502fe4b22cd616dbd8
1c2881512e1bb10d8f8d2d529261e08825d824d4dab1dd2f6167494f819b9630

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/estonia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "235-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 565
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/ethiopia.svg

141.98.11.217

200 OK

1.0 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/ethiopia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1001 bytes)
Hash
612e04a96077f6ebd551320ba3b4ba2e
ce04e4ad89736cd8d242bdac9137cacc54af9ae8
45c57e3a0a8a803ee12b0fcddcc7d1477a671fcdb551d7f6d08f3a93b29e707d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/ethiopia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3e9-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1001
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/falkland%20islands%20(malvinas).svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/falkland%20islands%20(malvinas).svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/falkland%20islands%20(malvinas).svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/faroe%20islands.svg

141.98.11.217

200 OK

875 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/faroe%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
875 B (875 bytes)
Hash
b5245d2a0a0611f7d10207ec3f68ae04
4a5db57704df25a4c078505d4684ca1106bb53c1
799491c6bc6d6fad76c37b38b8b8f17d4e2a2cef61a08b49d66c6cd3e496b0c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/faroe%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "36b-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 875
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/fiji.svg

141.98.11.217

200 OK

1.0 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/fiji.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1042 bytes)
Hash
6c316b9d1a61b4a84876fc3f5e52a368
dd1210ab91386362864942fd305f5c54ad9dba99
1f8dc5960cf50bdd8942a4fd8eacede47a8eaba9aaad349b90d707e42b66bd71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/fiji.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "412-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1042
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/finland.svg

141.98.11.217

200 OK

502 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/finland.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
502 B (502 bytes)
Hash
4db258c30eb2dfddd31590519dae8fd2
85ba00a7ce356cfd4ee4211ad5406aca9260fdf3
98afe50619812f9c08e45b6ba7d62803771474c19b35fd72afcd476b677d9ea5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/finland.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1f6-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 502
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/french%20guiana.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/french%20guiana.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/french%20guiana.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/french%20polynesia.svg

141.98.11.217

200 OK

793 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/french%20polynesia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
793 B (793 bytes)
Hash
73cbccdeeda8e85ee892768083fa442d
19f6c7db88d3162b7c58a80c3665385b8631784e
5cd07a1fc8a1d37323a2fd34cbeeaa6a667281a033f6bffb739704dde301b186

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/french%20polynesia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "319-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 793
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/french%20southern%20territories.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/french%20southern%20territories.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/french%20southern%20territories.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/gabon.svg

141.98.11.217

200 OK

592 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/gabon.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
592 B (592 bytes)
Hash
105346f64d7d5fffa4b29f118d5c8dd3
acce4adcd750ad4b1103393caac2a16285486c42
965199dfdbfda519d232a088fb356afffea0f419ecd92442a4bcc170e9c5b07e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/gabon.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "250-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 592
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/gambia.svg

141.98.11.217

200 OK

599 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/gambia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
599 B (599 bytes)
Hash
677e4ba837cdd5735b637947c8fd497c
823ad839c637528229ce5551c6a7dce3816f24e4
3fd1f0778fb2bb3831e33a4a8bcefd5e200c1249b2908631440e2410c68f286a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/gambia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "257-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 599
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/germany.svg

141.98.11.217

200 OK

568 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/germany.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
568 B (568 bytes)
Hash
e83c301e98f8483e0af7b0e7b1f0ebe6
9ad2d93f8f8cfa2cd89977b016b11f2afd56647a
afaa04a6a15b1040acf23bf1b8836c5aa6b3efc595d9a6aa3d0afa54b8740b08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/germany.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "238-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 568
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/ghana.svg

141.98.11.217

200 OK

701 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/ghana.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
701 B (701 bytes)
Hash
fb1149399ef4a77084d433959fc0688e
e383c1715fe1b51fb842611930483a5e9e1435dd
c5f8d2194f24183b3e83f06234b70a235737db3e6cd241abffd02c6a26c8eda2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/ghana.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2bd-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 701
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/gibraltar.svg

141.98.11.217

200 OK

833 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/gibraltar.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
833 B (833 bytes)
Hash
919ab5d094d03cf66dadd45ec95742ce
2d05d2360d6ed85529333b8d54b7887393809468
034e95b3c33b1d0fdd200565dce448f18c9d22e52bb7e2c65217c5b873f78a88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/gibraltar.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "341-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 833
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/greece.svg

141.98.11.217

200 OK

722 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/greece.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
722 B (722 bytes)
Hash
5f663ba13e2a773c587100f836c54f32
52bdc98b67dbf8dc4557d6be5fa6e1417dfc0a35
acf738809d732b1c8860d6e01b8f1a2ea23f3bc8ec5827fdc1fd94fd5c6e4852

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/greece.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2d2-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 722
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/greenland.svg

141.98.11.217

200 OK

531 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/greenland.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
531 B (531 bytes)
Hash
17a04732a58c3aab79e59dc91bdf5b44
8e14c3007854418741dab88f7e368e32d1b66da7
048971d352a5c82a75c175e376f1edfc04279d2c7c8bf63adc24c22a25603e2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/greenland.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "213-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 531
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/grenada.svg

141.98.11.217

200 OK

1.8 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/grenada.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1789 bytes)
Hash
70a6e7beae9e0d655b4b937a7ae01af8
911efd6e042da9039df780983ef2f93b9700f00d
aeb785b5961490d0be093a83899c938c7a780a837c357b27c9d8cb0b3ca3897d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/grenada.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "6fd-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1789
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/guadeloupe.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/guadeloupe.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/guadeloupe.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=57
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/guatemala.svg

141.98.11.217

200 OK

719 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/guatemala.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
719 B (719 bytes)
Hash
e9dd034a983af0f6c43ac7b2be305e6a
76b0e76d99dbd882e7c01638614a2ee5df20822a
fa39da1be6a5ede473ac3a2b2f187624a15e904224467fc98c345fed4b3019ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/guatemala.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2cf-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 719
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/guinea-bissau.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/guinea-bissau.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/guinea-bissau.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/guinea.svg

141.98.11.217

200 OK

590 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/guinea.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
590 B (590 bytes)
Hash
801a2d02f3e2aac7caa5aba41a37d1f3
050e0d6690a23e9b17c38a5ec1f24269e4299818
1d03dee6a6b7ab25aa573262874e50444eced8fd100f0b9e129962d0d0072bad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/guinea.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "24e-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 590
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/guyana.svg

141.98.11.217

200 OK

874 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/guyana.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
874 B (874 bytes)
Hash
f33c3ce63792880a6d7fb8165694ae74
a185b7145c9fa3f25abd3b82174f6224a80288de
548aabfa173bec227b840a7c36987381bc4944031f303b306cd64b0677279601

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/guyana.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "36a-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 874
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/haiti.svg

141.98.11.217

200 OK

848 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/haiti.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
848 B (848 bytes)
Hash
b3fa87301264ba797752c49ec2d6940d
bf45c6d53b1b567d2078ea0adc3d718432d10601
fd2d6e0c44c1d9fba239a80b23ddd8651559ef043bf082743acdd69a2b608210

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/haiti.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "350-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 848
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/heard%20island%20and%20mcdonald%20islands.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/heard%20island%20and%20mcdonald%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/heard%20island%20and%20mcdonald%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=56
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/honduras.svg

141.98.11.217

200 OK

899 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/honduras.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
899 B (899 bytes)
Hash
816c9f90ddd333c6f7796b8f98b3878f
3451f04262fffafd7418ea62e08fc93197e2a639
6188b7055c2ab1bd82e0f81290488ca017af68d2faa1ead0215ee6942c48c7da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/honduras.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "383-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 899
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/hong%20kong.svg

141.98.11.217

200 OK

843 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/hong%20kong.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
843 B (843 bytes)
Hash
de550fcfde010d4080c63b7c77246e87
1247332d4064d9618df9d1f06cfaaaed35fc1cd9
05e4c0451888724af922b9a794e7ae8caf2cec6d681acdc0158ac7dbac7625a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/hong%20kong.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "34b-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 843
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/hungary.svg

141.98.11.217

200 OK

589 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/hungary.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
589 B (589 bytes)
Hash
2cf74be7556be2b487cb46f3e10429e9
d29b63996464b0495cad692c1e7729b5da35e8b3
36e2b9db39d1e2de60086fa763e631ce2fe83ab90eb14e7b7b8190ca4c7fe6a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/hungary.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "24d-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 589
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/iceland.svg

141.98.11.217

200 OK

792 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/iceland.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
792 B (792 bytes)
Hash
03b217327e4fd84c86cc260e87ddfcb6
b2dee87590e3ff1d8b36b7a5b922e804a4e7465a
3d9c1a678a2c0b1e4663722edf48adf19e863cde289e6637711bdd5d880739a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/iceland.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "318-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 792
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/indonesia.svg

141.98.11.217

200 OK

355 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/indonesia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
355 B (355 bytes)
Hash
97e212ebe1721c21c1e9328adef63c30
b89c15d2c5952ef483f3fa9cdc81c2cad1ce8cb6
bb898ef18969b538562124371bd3df66243cd4afd7903613cfbad86079d721ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/indonesia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "163-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 355
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/ireland.svg

141.98.11.217

200 OK

489 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/ireland.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
489 B (489 bytes)
Hash
f2a0431f17a67f39643ef953dcbdfabf
de5dbaeb07d6f0101adfdc9a4a2bfcf6c8219632
2ae0fdd40d7877b2607caa97f575914de653800cb3cfc91e59b96032b7e994f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/ireland.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1e9-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 489
Keep-Alive: timeout=5, max=55
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/israel.svg

141.98.11.217

200 OK

895 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/israel.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
895 B (895 bytes)
Hash
bbdc40ed78ad3bafc463b43c1f175a64
debdc1455d603113dfa9ec047f90bcca4cd363ed
f6f755ebaca12f381b2e7685f4b7841e983d11d48e7ee2fd5ee49a343268fb26

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/israel.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "37f-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 895
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/jamaica.svg

141.98.11.217

200 OK

731 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/jamaica.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
731 B (731 bytes)
Hash
16d6a6bff3aba27d20aeb8c25f9b5ea3
1c8b02da92d6af66c0f63fa2ba95f1f00c746611
ffda19effb75e06d2eca9a5a9783e53cb9b3d842971fbd1d980004e340e35fbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/jamaica.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2db-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 731
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/japan.svg

141.98.11.217

200 OK

398 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/japan.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
398 B (398 bytes)
Hash
225a66af768713fb28ffa4a8c1ecaa5c
a66fa55f4d41441b1094f179d3f58b4f7cc2189a
2017d2813b08cc2bbfdc280814fed3afcf53d7d3b6c0a77653800ae9550c1423

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/japan.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "18e-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 398
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/jordan.svg

141.98.11.217

200 OK

745 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/jordan.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
745 B (745 bytes)
Hash
a7c4b4fd87733524207b925686abfdeb
230bc26a4c36303a20c8f3fdc2202718d94fb0b7
6e0bebad8835556dd471e333c7b9f3217bff6339dd0ec489c5299f0702fdcac5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/jordan.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2e9-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 745
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/kenya.svg

141.98.11.217

200 OK

1.3 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/kenya.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1296 bytes)
Hash
a969ab4145bfb59e55d143e274ec5547
8eb59f17f8ddee6a7100d90c121a9a001eff4057
f555185ca27d8c4c3526c603d88bc535f7de95c939b98edd398aa26176611d46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/kenya.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "510-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1296
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/kiribati.svg

141.98.11.217

200 OK

2.7 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/kiribati.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
2.7 kB (2662 bytes)
Hash
93560057d594b8b8f8574277163c0513
a80fa4adff18a8efb29f73ccafa7477c033bdd60
f9855fafb0fc8e44fbc449b2ae666406e47eead0e299c9f1c0e593eebc020200

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/kiribati.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "a66-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 2662
Keep-Alive: timeout=5, max=54
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/korea,%20democratic%20people's%20republic%20of.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/korea,%20democratic%20people's%20republic%20of.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/korea,%20democratic%20people's%20republic%20of.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=57
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/korea,%20republic%20of.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/korea,%20republic%20of.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/korea,%20republic%20of.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/kuwait.svg

141.98.11.217

200 OK

681 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/kuwait.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
681 B (681 bytes)
Hash
17fc62cbb19eb24e82a4cbf2e0e7b8fa
5ab51cc7a599219b8d2324c86c4beb57755985fd
379ff92f99fb70f79f1e9998b346569430739669f98ef14103d8d90aefa8222e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/kuwait.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2a9-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 681
Keep-Alive: timeout=5, max=57
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/lao%20people's%20democratic%20republic.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/lao%20people's%20democratic%20republic.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/lao%20people's%20democratic%20republic.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=57
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/latvia.svg

141.98.11.217

200 OK

466 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/latvia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
466 B (466 bytes)
Hash
4925531da99117047207c97a53939cfa
5df6064c28ceedd0b9498b7184d5355113c8d705
77f44aaec60a9e9004092a38198b9c4f9a1e9d6cbf6f135556c713f102c326aa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/latvia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1d2-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 466
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/lebanon.svg

141.98.11.217

200 OK

529 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/lebanon.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
529 B (529 bytes)
Hash
e46e6843877b63eac13caeb13ed9e8f1
6fc494ebd5b1468a9d29ea29b80c549ff1270c79
ac655ce8f4143986f0f7df96a5824aece48e646b86ddcca253e923fe3a689eaf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/lebanon.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "211-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 529
Keep-Alive: timeout=5, max=53
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/lesotho.svg

141.98.11.217

200 OK

680 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/lesotho.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
680 B (680 bytes)
Hash
3aeb8c45312b8cec68df91a326f7932f
2db18cc98c2fafadb3f7150526050512edb5a642
fce89d9dd2ffa1785ee8700648dd46a7881a5c08a900f06d5ad5494565f8d1eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/lesotho.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2a8-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 680
Keep-Alive: timeout=5, max=56
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/libyan%20arab%20jamahiriya.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/libyan%20arab%20jamahiriya.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/libyan%20arab%20jamahiriya.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=56
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/liberia.svg

141.98.11.217

200 OK

1.4 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/liberia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1438 bytes)
Hash
f0ddfb19283bcfafa1763749cee3e24e
1adb8cc1d7ccc4ef6615029d5af1659959a2083a
a3d577949b8c17b22de48e228cb2f9e1b61b56319c2f4ef113e2dfbbeee21e5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/liberia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "59e-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1438
Keep-Alive: timeout=5, max=57
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/liechtenstein.svg

141.98.11.217

200 OK

569 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/liechtenstein.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
569 B (569 bytes)
Hash
da5ebba95f790b236d261797f9c173b6
abd738d1ffb0617c7bfd7b35d0c40e3c5091a45d
85bcb3666c386edad99b6cc91024d5bddd577b140bf8bcf49d5c1a8a28406101

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/liechtenstein.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "239-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 569
Keep-Alive: timeout=5, max=56
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/lithuania.svg

141.98.11.217

200 OK

576 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/lithuania.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
576 B (576 bytes)
Hash
4ee317525d42e2b94570c649455a1564
8168a0d81bd433d491af7c295f1953ddc3c90e3e
ef1fee9bb57dff016d46112aa750f29ea8ee37c1ea77c77c9fda6bc5cb7713cb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/lithuania.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "240-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 576
Keep-Alive: timeout=5, max=58
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/luxembourg.svg

141.98.11.217

200 OK

489 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/luxembourg.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
489 B (489 bytes)
Hash
9d5fc27d0ba9679a28bc847b38fa9623
4953e8c7ccd54662f549ce4998ef98d456b490cc
3fbf8ab7df32a99baea3155dc2776c787462bdbb41e52a7fc82c17dee78b387b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/luxembourg.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1e9-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 489
Keep-Alive: timeout=5, max=52
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/macao.svg

141.98.11.217

200 OK

1.3 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/macao.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1349 bytes)
Hash
0edc6b8ad9014a2a5a7849c0fe510e47
b7ae45ac21be9c92226d29273817b2d29afdf871
f76b3c94bbf24022c1d12aa7d17d736318df612edb81f0da9e4f2d35e225d442

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/macao.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "545-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1349
Keep-Alive: timeout=5, max=55
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/macedonia,%20the%20former%20yugoslav%20republic%20of.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/macedonia,%20the%20former%20yugoslav%20republic%20of.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/macedonia,%20the%20former%20yugoslav%20republic%20of.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=55
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/madagascar.svg

141.98.11.217

200 OK

466 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/madagascar.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
466 B (466 bytes)
Hash
a243ddd9656cb898ccb4e31f766a7f4c
ca35d724ce8719521e093fdbfc74ba4097927901
75ee5ebbddb3e1e6d043afb04e4f3b5d7c056000380fee8beff0c56719053514

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/madagascar.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1d2-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 466
Keep-Alive: timeout=5, max=56
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/malawi.svg

141.98.11.217

200 OK

716 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/malawi.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
716 B (716 bytes)
Hash
4e9b55cca455669b7df696837dc45a69
d455c2d78114d636119b6eeef4abbcae3d13e0af
0c4d912074dc9332bcc3c01adf0854f36052479a86b90088cae8051adfca1322

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/malawi.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2cc-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 716
Keep-Alive: timeout=5, max=55
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/malaysia.svg

141.98.11.217

200 OK

924 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/malaysia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
924 B (924 bytes)
Hash
3017a923419919f05d4fc5592d6c21a4
bc421e31038a9abf3515f52347d632ca4d4dea69
5835e36d9505bb7fd7d95681e11702b758d0067e7f860eef3234df1b6f5425cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/malaysia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "39c-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 924
Keep-Alive: timeout=5, max=57
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/maldives.svg

141.98.11.217

200 OK

496 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/maldives.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
496 B (496 bytes)
Hash
626eaf03393820fb3b9d9a96b374d7c2
19e9aa50d3a0cd66479b8cebce1562fa1e46a1c2
b4718f4f8c8dd78274e63cfa240454be109a02d1d223bb41995ce3af12e913c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/maldives.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1f0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 496
Keep-Alive: timeout=5, max=51
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/mali.svg

141.98.11.217

200 OK

592 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/mali.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
592 B (592 bytes)
Hash
5ccbb430983de1a638bee82158e18213
9dfd9b913ead1874dc9b6938cff7d34ac85159b5
ce23c879cbb196cec64dcbba4493bd554858e25c877249aba593804c165343f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/mali.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "250-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 592
Keep-Alive: timeout=5, max=54
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/malta.svg

141.98.11.217

200 OK

469 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/malta.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
469 B (469 bytes)
Hash
e458cd5c9ed46e38129f4a39c2890b30
3a3ab43c707f271ca2b819d1b7bca1e576fb4499
fce5e2bb5170ea36c50c535d3d89204015dddb1986f1c098274be8e441cde578

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/malta.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1d5-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 469
Keep-Alive: timeout=5, max=54
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/marshall%20islands.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/marshall%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/marshall%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=55
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/mauritania.svg

141.98.11.217

200 OK

545 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/mauritania.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
545 B (545 bytes)
Hash
96b17a62de127dba430ef0dc04ab3cd2
76b74119d37b7db9f2cc31c3c72ce232460f48fb
6d05b79c3f35847aebca19b6f68b965e5c9918fce157c4bbc963ecca4015b52a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/mauritania.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "221-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 545
Keep-Alive: timeout=5, max=56
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/martinique.svg

141.98.11.217

200 OK

1.8 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/martinique.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1842 bytes)
Hash
2a349bae153f2b46734c67ac8c956baa
a74dbeb2db170529f4def4c8d267624b862eafcd
fa9dccd06bdef55473da6a09c415adde6407fd247a6071bcf89a96391700b42f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/martinique.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "732-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1842
Keep-Alive: timeout=5, max=54
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/mauritius.svg

141.98.11.217

200 OK

679 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/mauritius.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
679 B (679 bytes)
Hash
bf87653ff042d1ebe860f3d1b11549d0
fd27c2334d9f327ec99812646c0e983879b1e315
3815b127d1908ce63e33405eac53d1adc26657c64e3092689f5008d1695a2071

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/mauritius.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2a7-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 679
Keep-Alive: timeout=5, max=50
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/mayotte.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/mayotte.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/mayotte.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=53
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/mexico.svg

141.98.11.217

200 OK

750 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/mexico.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
750 B (750 bytes)
Hash
044db8949a3a06873ed8acb7e7c43fcb
7ae9c6a6e0c1eb12bddab4e6c5c0b90a42be4ac6
a0b9a3714fd60920c8050945b87e60a9cb7a6246edb1cf685bc9fd38311c51d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/mexico.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2ee-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 750
Keep-Alive: timeout=5, max=53
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/micronesia,%20federated%20states%20of.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/micronesia,%20federated%20states%20of.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/micronesia,%20federated%20states%20of.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=54
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/monaco.svg

141.98.11.217

200 OK

355 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/monaco.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
355 B (355 bytes)
Hash
8b1b767532751aa0662a639e60601a78
73879d95c3b71c2cbd0a84a5dd35b1f41e55e47f
c5ae437e241cb12a646b3c260a03a275e9bd6ecdf65ba4bdd8a5ca6364ce6106

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/monaco.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "163-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 355
Keep-Alive: timeout=5, max=55
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/mongolia.svg

141.98.11.217

200 OK

893 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/mongolia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
893 B (893 bytes)
Hash
9d49622ba1440008811fc9de4e6cd9d7
890dcec15a3d43318c36ec4c2371258647180e5f
fb4dcfbf2648548a8628e25d98f2ddcb8562f2f4fd67a76d5f19b2df63da2ea2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/mongolia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "37d-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 893
Keep-Alive: timeout=5, max=53
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/montserrat.svg

141.98.11.217

200 OK

970 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/montserrat.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
970 B (970 bytes)
Hash
dc61846d255d6a5ecba48a1cb36d1872
ba0f68c5de81bd824a4ab190ca5b4caf0fc85487
e658fe37ecd8df0487ffb82c8bfd3e30a3c5d683621b8aec71fe2585c9523c1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/montserrat.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3ca-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 970
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/morocco.svg

141.98.11.217

200 OK

701 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/morocco.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
701 B (701 bytes)
Hash
48cbec4a586270ee5c8fc891816e43db
f4d72b2545106376564e1cd35796c85e0c9702b8
d643fa0903929f49e1295a980221f598e58f0aa7402fa7109598acad9420196b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/morocco.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2bd-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 701
Keep-Alive: timeout=5, max=52
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/mozambique.svg

141.98.11.217

200 OK

1.1 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/mozambique.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1056 bytes)
Hash
dd07a2a990618d0ca7d8205837040723
2430ab72c19ebbbd1b0d9333d4886c5f532a7205
f3869286ffbc75d7188b77d117a68b57a25de707ea06880bc0a1adf02ca838da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/mozambique.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "420-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1056
Keep-Alive: timeout=5, max=52
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/myanmar.svg

141.98.11.217

200 OK

721 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/myanmar.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
721 B (721 bytes)
Hash
d1f10728c0b802e294f952cf292ac221
1b4f3c07c3887e3712e1d2a26ed835250119c0f9
ebe2814f275e057710a92715c0f883d2f908bd4a4b08691f5ed75323842dfbac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/myanmar.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2d1-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 721
Keep-Alive: timeout=5, max=53
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/namibia.svg

141.98.11.217

200 OK

925 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/namibia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
925 B (925 bytes)
Hash
246cdf4ebf22711cb2cf29889c86817b
945c292a35dd3c75bcd8ed9c12a9dce7e70eb2a9
ee4870e113aace04d50e3c838e67a212c78fa6fe33f2293ce0f094752043884c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/namibia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "39d-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 925
Keep-Alive: timeout=5, max=54
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/nauru.svg

141.98.11.217

200 OK

737 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/nauru.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
737 B (737 bytes)
Hash
9d8db7739319fae764476ff348e56bd2
d60bc9460e76fccede8d2ea2a2dd03d5174357a4
a647fa7ed2b8a4cf45e9b8114d12ff8f609be33c1c5a720a91d70645c9b587c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/nauru.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2e1-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 737
Keep-Alive: timeout=5, max=52
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/nepal.svg

141.98.11.217

200 OK

989 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/nepal.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
989 B (989 bytes)
Hash
0ca32ddd06bd930b558c9a3b9c39285d
b4a813f8cfc2cc48b49fa70c1a55873f62ff10fa
652ddcb022c12c4283bf2989fe2163d85d74b4a4b4e16248ee8b30c9502bf92c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/nepal.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3dd-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 989
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/netherlands.svg

141.98.11.217

200 OK

489 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/netherlands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
489 B (489 bytes)
Hash
73cb91794dea36a1ef1c6370fa12e1a0
31a196267f1f86ebcbd76a9cc33193f209ede4d1
44da6f0409afc6df8f183b072dc88c0904b14bbc8c6a2743cfffd5d607a900fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/netherlands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1e9-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 489
Keep-Alive: timeout=5, max=51
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/netherlands%20antilles.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/netherlands%20antilles.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/netherlands%20antilles.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=51
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/new%20caledonia.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/new%20caledonia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/new%20caledonia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=52
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/new%20zealand.svg

141.98.11.217

200 OK

1.0 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/new%20zealand.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1036 bytes)
Hash
1db18ea3079534da1e91317332c3b10f
7719d4d5c48b0182b49838cb683f9817a6e28c39
efc041e7f68386d620efe1b19804649ed5e3330fdf7f807ecb97d927e710c18c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/new%20zealand.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "40c-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1036
Keep-Alive: timeout=5, max=53
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/nicaragua.svg

141.98.11.217

200 OK

815 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/nicaragua.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
815 B (815 bytes)
Hash
45ab62a180df7144ea6fb20e40a5961c
e006e92c8fbccc25a68fb51600fa8ed83594552c
b9ce80635f4f55cbb701ee74c38874b5a1570b768745d87e0b073c4411a8098a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/nicaragua.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "32f-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 815
Keep-Alive: timeout=5, max=51
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/niger.svg

141.98.11.217

200 OK

647 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/niger.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
647 B (647 bytes)
Hash
1808d3aca89f0badfebb02f31748180c
6ec9fa4a28b9a04979d97c3f8e3b8590e4696fa2
86d4f8ed717fa12302effee04987d1f9fb96abfea42b9642ba33b868f80e652f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/niger.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "287-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 647
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/nigeria.svg

141.98.11.217

200 OK

457 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/nigeria.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
457 B (457 bytes)
Hash
28a55d9666cab16543f1fb9a845bd41f
912d5553e0880bc79d7a67d03ae4cd6f5ddf0274
32f4098cb5841d7dc84bf66a2d6acf949e2e4fa0423f917a1f62a1f94d64539e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/nigeria.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1c9-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 457
Keep-Alive: timeout=5, max=50
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/niue.svg

141.98.11.217

200 OK

1.3 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/niue.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1280 bytes)
Hash
568761c7fddb50a783043db0a6c63410
b9c8da9e26b3c6150d6e09c054f0751d91dabf9f
6a081e5d322a5847df6d6d17c908b7372d3cf018866e6780c53b2cbf67ca0f4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/niue.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "500-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1280
Keep-Alive: timeout=5, max=50
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/norfolk%20island.svg

141.98.11.217

200 OK

618 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/norfolk%20island.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
618 B (618 bytes)
Hash
107d2aa653d0bb460a0e3af739da3cb1
457ce3a1ec2e39e2138eceb94d8f4744fbac096f
78446c5eacb6c9d3184af3125970bd4fd3a7266a77226e9789fb016909544a49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/norfolk%20island.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "26a-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 618
Keep-Alive: timeout=5, max=51
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/northern%20mariana%20islands.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/northern%20mariana%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/northern%20mariana%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=52
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/norway.svg

141.98.11.217

200 OK

792 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/norway.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
792 B (792 bytes)
Hash
69d3385c0270c59a2dd2f8216b8610e8
9e765e72e62eff68e0638c379b2d6fafab8d8af7
f19347f3f9fdde1b020bcb73883bd6ee50ee3f4e486505ca33805c388d236b73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/norway.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "318-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 792
Keep-Alive: timeout=5, max=50
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/oman.svg

141.98.11.217

200 OK

888 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/oman.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
888 B (888 bytes)
Hash
715e9fb6bf9938a29f7437367abdb5c1
b015eb3d785b994722e181c4ef5ec3fab15ad157
a42b39c70a5895ba63be8159d6dcd45f6739e1e216fbf6a73066883d85c8ec7d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/oman.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "378-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 888
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/pakistan.svg

141.98.11.217

200 OK

714 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/pakistan.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
714 B (714 bytes)
Hash
c76e066266fc2773d88e18617ae638a3
da29c06f7faf3332ce0ccffd0efb54748b0adb19
64ff40f9466e28aac6a6e7514a99ac6569209cb850b22130a96292eb601a19b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/pakistan.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2ca-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 714
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/palau.svg

141.98.11.217

200 OK

402 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/palau.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
402 B (402 bytes)
Hash
7a149258c90b7ceb11d155d729859c03
a947ce9c563dc123b1639c3bbfeed763dd694345
3a81a938719f88e864cb6cf625b78e5b7329645cc57e3933cff107bf35270101

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/palau.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "192-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 402
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/panama.svg

141.98.11.217

200 OK

706 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/panama.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
706 B (706 bytes)
Hash
1e086dc3211f2bcd7e9e137b7803d7f8
cbb65c914b5166d6d7b96729c2fbc58049454863
9600f4c850513c8fc2c6f440c4ea10f589379466269a9c93f0843c14b89fdf93

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/panama.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2c2-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 706
Keep-Alive: timeout=5, max=50
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/papua%20new%20guinea.svg

141.98.11.217

200 OK

1.4 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/papua%20new%20guinea.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1392 bytes)
Hash
47f74dccc495e62e1df04ae178a2d7c2
b1a6f0bee2bee7901b9026224d50b9d190aa031a
b3ab44f0c7695df85dfb6dabf9f31e2d6b9143f5b557de4507d7e7dfcecda7ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/papua%20new%20guinea.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "570-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1392
Keep-Alive: timeout=5, max=51
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/paraguay.svg

141.98.11.217

200 OK

697 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/paraguay.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
697 B (697 bytes)
Hash
b954172730e6650f135dcaf6d68ffab1
a1d0a0c16603752d9577df38bb58e5de6db826f0
db1f118f99091556a0753e37e2f7c0fcda5df5a29449153f288ec92aeeb7c59f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/paraguay.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2b9-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 697
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/peru.svg

141.98.11.217

200 OK

457 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/peru.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
457 B (457 bytes)
Hash
8b5586d30bba511b8b7f59157539eab5
4f2807f4b5f43f9e5b70dc5d4e182877f8679774
8ca8ae942203f3498e5da33f07bad66ffa599cc81209c8155e3985caed73b1f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/peru.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1c9-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 457
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/philippines.svg

141.98.11.217

200 OK

996 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/philippines.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
996 B (996 bytes)
Hash
077655746440d09d06841a2bf2365077
b77639a1d6b46eb966a97245026e72b651a202e1
dd66b0c669f92513735a4155267d09b13b2baa4595c85890063a6b9bcda74d04

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/philippines.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3e4-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 996
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/pitcairn.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/pitcairn.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/pitcairn.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/poland.svg

141.98.11.217

200 OK

355 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/poland.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
355 B (355 bytes)
Hash
172e2540b36312f3306a12ce4fe67222
0e7c77079b271d38cc818e389817269c72de9a50
f69d82fa59f27d39e6c4b7ebfd3a812a1aec246c6591efd8f1df706991630e05

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/poland.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "163-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 355
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/portugal.svg

141.98.11.217

200 OK

702 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/portugal.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
702 B (702 bytes)
Hash
9e55820549b44b9ddca850b0721c6349
6ca84d8e74aece7c31c4bd245eeb1f758bea431a
72a83ee61d335fe74cbc8018933f924cd9b8ff8edd14d013c16449b297a295b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/portugal.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2be-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 702
Keep-Alive: timeout=5, max=50
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/puerto%20rico.svg

141.98.11.217

200 OK

764 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/puerto%20rico.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
764 B (764 bytes)
Hash
ef1757fc75baa48e95f9f24a6a16d344
7b658afd6a6af696ee9aceec8a2b978c3cadb98a
cd0c8cec6befc05dd8bac09f33542ee70f2639419a625a9f3e59171e308ac233

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/puerto%20rico.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2fc-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 764
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/qatar.svg

141.98.11.217

200 OK

522 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/qatar.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
522 B (522 bytes)
Hash
dc0d13d55b9704ef2c0cab8a38678c10
94dae4d70bdc26717ae86601737f7c50d7ce4e4a
ec05f06019f899dbb179fc1c460b9f699d41ba3e4cec33be44d59a8b23c2b265

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/qatar.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "20a-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 522
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/reunion.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/reunion.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/reunion.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/romania.svg

141.98.11.217

200 OK

592 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/romania.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
592 B (592 bytes)
Hash
9ef0ffcd934ec87257d8746c7dc73bdf
43dc4807d4490af01e5a6b5ddcbba14452dd255b
f0526da7e4a2a7f36467a4bbfb7df70a1bfd2f7e81793700fc73a6c2a64399f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/romania.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "250-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 592
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/rwanda.svg

141.98.11.217

200 OK

818 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/rwanda.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
818 B (818 bytes)
Hash
6e9aadc0cdb0264b60d3b357f4589e4d
b15b2354944441774619b7d70bb24aa5e1e32990
697ffaf7a85165e9afbed868e021d1c1abc9f43c879f2c8ae36cfa76cb119117

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/rwanda.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "332-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 818
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/saint%20kitts%20and%20nevis.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/saint%20kitts%20and%20nevis.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/saint%20kitts%20and%20nevis.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/saint%20lucia.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/saint%20lucia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/saint%20lucia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/saint%20vincent%20and%20the%20grenadines.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/saint%20vincent%20and%20the%20grenadines.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/saint%20vincent%20and%20the%20grenadines.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/samoa.svg

141.98.11.217

200 OK

879 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/samoa.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
879 B (879 bytes)
Hash
38248003f4e9921f39dff88a38c039e7
1cd16f4bcffe840842662cb8faab4598ce399004
886580c8419437af8108a6903d93c3dcc613e88f2c84e6699a909ddcf9d55349

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/samoa.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "36f-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 879
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/san%20marino.svg

141.98.11.217

200 OK

1.2 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/san%20marino.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1239 bytes)
Hash
f76096452f67771e9eb37d879cf14058
17f57528e1fae4ac191edaf9964a5f70e54c878f
0afac7e57f403062955e97bf363b4225856dfacda39befafa62f7b9ec4fc1778

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/san%20marino.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "4d7-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1239
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/sao%20tome%20and%20principe.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/sao%20tome%20and%20principe.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/sao%20tome%20and%20principe.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/saudi%20arabia.svg

141.98.11.217

200 OK

989 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/saudi%20arabia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
989 B (989 bytes)
Hash
053bb3907ef9692602d6d9e29337e80d
087e0c2c41d48ee6bed678b183f2a88fc244197b
68117888eb5961323555a1a54d4dd58530b88a8873cd0efb937693c0d10210bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/saudi%20arabia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3dd-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 989
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/senegal.svg

141.98.11.217

200 OK

691 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/senegal.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
691 B (691 bytes)
Hash
2ae34acee2b22b6c64c9cc3dae424d0b
4fbcbb9141f1653ad55948fc3efdeec8f2077c1c
dbb9a16db27d72c20f4d4bf58f9d0b4a2d8d94f9896d4a81843c107f0b689c2c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/senegal.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2b3-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 691
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/serbia%20and%20montenegro.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/serbia%20and%20montenegro.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/serbia%20and%20montenegro.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/seychelles.svg

141.98.11.217

200 OK

790 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/seychelles.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
790 B (790 bytes)
Hash
c67dd4b9e4477b359077efff3c90ba89
014ace1a70a86a192e66c3098c3429f5afb8d638
b0f28fd2a6b068ec5eb1f70686a631316b63e16cf9d022dba1e0d577b8bd7c3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/seychelles.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "316-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 790
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/sierra%20leone.svg

141.98.11.217

200 OK

592 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/sierra%20leone.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
592 B (592 bytes)
Hash
ace7ed6216595d25d7100bc358bc9fd6
e4a041ba4c8896fb3aff39eeb4a4bb9041c53ec6
192c8dd88d3abeeb454fcef6d27955a5870e54184d16dc94b2aea45425b4e198

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/sierra%20leone.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "250-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 592
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/singapore.svg

141.98.11.217

200 OK

963 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/singapore.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
963 B (963 bytes)
Hash
5bd0b7d70ca2fd21d125d9d90e401287
11a99268dc26ce86b277e3313b2c5b5849abbe1d
e1657b936f74789b5c90603bb43ee3ef657d2905c449f5fb23303ba9e40a75cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/singapore.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "3c3-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 963
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/slovakia.svg

141.98.11.217

200 OK

1.1 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/slovakia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1085 bytes)
Hash
ed1cbd4cb603ed7828f9d6c955e5e009
34c95b6fc233b690809ddf7e1f2e3c197d22c7ab
7e9ea95c3fb534409a13c5048bd161dff9dfd1265c817c4e081fbc6a7256bdee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/slovakia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "43d-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1085
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/slovenia.svg

141.98.11.217

200 OK

721 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/slovenia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
721 B (721 bytes)
Hash
8571c92035adf141b7a48d3087d125d7
e292c3bbce01febf5ef2cb77bc0693331f7d54c3
d41fb074f68663fc65f69189027e729fcc1dea307a3e38410c8ee3071eecda9c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/slovenia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2d1-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 721
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/solomon%20islands.svg

141.98.11.217

200 OK

1.0 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/solomon%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1049 bytes)
Hash
1f23c184f8c344218ac004a2b3a522fc
8e7e0df1133504f4deed318af9aa9a721f1094db
c0fe89de88b3d0502ceab4508b84168f4111f85619777f3b8445e064a95edc7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/solomon%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "419-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1049
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/somalia.svg

141.98.11.217

200 OK

441 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/somalia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
441 B (441 bytes)
Hash
b791de8e0df9d35b162974c66010a514
6a12fad37124136005cc8a71ca2a54c723a9b6ec
246a818501a4feb8cf5437ede395ad2485666f5f4aa80fd396181c7fcfc8fd5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/somalia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1b9-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 441
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/south%20africa.svg

141.98.11.217

200 OK

912 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/south%20africa.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
912 B (912 bytes)
Hash
f0deac810ae9539f5625d6cc0d6ba2ac
34d125b409aa36cb6555767a85e3e71d17025fc9
aef2ca2c706d7a267c0054122c337c6ef22e5c00b97666435ffd54aff57be381

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/south%20africa.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "390-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 912
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/south%20georgia%20and%20the%20south%20sandwich%20islands.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/south%20georgia%20and%20the%20south%20sandwich%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/south%20georgia%20and%20the%20south%20sandwich%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/sri%20lanka.svg

141.98.11.217

200 OK

1.1 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/sri%20lanka.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1059 bytes)
Hash
ab5610206963efa6fa0c5c2603e0b2d7
fa4c63e4e17845cc593704664aac0d2ec7ac0616
d7681f3f68047b39f7cde89a730c23b0af47630a33f1368bf008dc87bd89e42b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/sri%20lanka.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "423-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1059
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/saint%20helena.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/saint%20helena.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/saint%20helena.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/saint%20pierre%20and%20miquelon.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/saint%20pierre%20and%20miquelon.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/saint%20pierre%20and%20miquelon.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/sudan.svg

141.98.11.217

200 OK

669 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/sudan.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
669 B (669 bytes)
Hash
1df60ba8e6814a8861d14ef61fe3dbf2
152d781865fa57eb9feb07aed7ae5511220204a3
74e677e4836b048c4423e5542cea60425b3be87603c5659e8094225b5a1accb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/sudan.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "29d-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 669
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/suriname.svg

141.98.11.217

200 OK

747 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/suriname.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
747 B (747 bytes)
Hash
27603e289feead9f247b2968732c42d3
f5e8a0ef34ae06dee1d45d0d0ea9b305411a2c8b
bbb9b45616860cbd2a8a9f837fe601ceba5492cfeb222db832b3850895e9f033

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/suriname.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2eb-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 747
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/svalbard%20and%20jan%20mayen.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/svalbard%20and%20jan%20mayen.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/svalbard%20and%20jan%20mayen.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/swaziland.svg

141.98.11.217

200 OK

1.3 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/swaziland.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1323 bytes)
Hash
5d21259fb62a7318a5e58b21c0092ec7
50c09915b09d4fa4a0eea52e6c4ec7ec88cea3f9
b7f84f2b20d99b53fb0e9d7684e878b63f8f2c04bb7e1a5c2d746b6dc3a3b49d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/swaziland.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "52b-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1323
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/sweden.svg

141.98.11.217

200 OK

541 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/sweden.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
541 B (541 bytes)
Hash
06528119067dd2c0d2af320ea222c0d3
616bafa47950fc93b0ff4bc9145858ae497153cc
d133f59d4b917b0500c2c03c9b52d0d1b987480a27ff5cd289b814e1ae42b869

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/sweden.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "21d-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 541
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/switzerland.svg

141.98.11.217

200 OK

416 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/switzerland.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
416 B (416 bytes)
Hash
ee1b4ee1947c42d0657b3c9c873681c4
495e44060293e29604efe8960f500711327adf03
b3d93d04c0e9e3292d3df343c1ae2e9defe5e50f51d2e4e87b01aec72aa77c70

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/switzerland.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1a0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 416
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/syrian%20arab%20republic.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/syrian%20arab%20republic.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/syrian%20arab%20republic.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/taiwan,%20province%20of%20china.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/taiwan,%20province%20of%20china.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/taiwan,%20province%20of%20china.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/tanzania,%20united%20republic%20of.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/tanzania,%20united%20republic%20of.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/tanzania,%20united%20republic%20of.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/thailand.svg

141.98.11.217

200 OK

606 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/thailand.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
606 B (606 bytes)
Hash
0d7a4d0d43798e21d9fd5d3d2e8058fa
f639ed7204b7f2de4b251e7c5548d18fb934c312
ff8d9a9470f1809962da265b4ed90f1d61870e6b808850850baa3fd87fcd0a81

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/thailand.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "25e-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 606
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/togo.svg

141.98.11.217

200 OK

710 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/togo.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
710 B (710 bytes)
Hash
176b971decf8aed1cf534969fab6daaf
005887f005d86d144c304de6526678da80ce0b26
1d0952fec1337f01a3a39c936e36475a07cdb59f4a5980c9ae5d7ac92c483f89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/togo.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2c6-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 710
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/tokelau.svg

141.98.11.217

200 OK

890 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/tokelau.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
890 B (890 bytes)
Hash
10f17df99da1ffe9615dd38c918d6fe2
740131a52d30b4d0e4536a3c24abc629d243175d
285e9c8222e54012d58341fb00229623153fa1715575fd3b870d12fa34fec566

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/tokelau.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "37a-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 890
Keep-Alive: timeout=5, max=38
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/tonga.svg

141.98.11.217

200 OK

471 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/tonga.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
471 B (471 bytes)
Hash
1ecbf37d718f1326ba1f79ba337e8e0e
1755220388176d10d1a5a3fa6546b9acc389585d
95489ecd8f281a27acff2232d2e9a15ea288ce164c6821f4eb21d919576c5ba9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/tonga.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1d7-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 471
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/trinidad%20and%20tobago.svg

141.98.11.217

200 OK

791 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/trinidad%20and%20tobago.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
791 B (791 bytes)
Hash
762ed6902146d5b2529011b1c2da68cf
7470d218ed1037a70c71d1d1e0d675b8cbedfd2e
a42bb1449ebaba871aa954d5a65495049d5258229924df35907d44ce0c4091db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/trinidad%20and%20tobago.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "317-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 791
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/tunisia.svg

141.98.11.217

200 OK

668 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/tunisia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
668 B (668 bytes)
Hash
f879725d7e0bec9a80c1dc15db25bec1
c368251cd7013e98b9b8f4fff6816a87e72cd471
3899b37cd21e8c2e4798ba7a52689e9f04165770bd1a0be208c54dfd19f4fb25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/tunisia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "29c-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 668
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/turkey.svg

141.98.11.217

200 OK

570 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/turkey.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
570 B (570 bytes)
Hash
7241f2defa08992159ef0c62ad5be677
f8a49278817e61a4dc20bdf019ab8753c3cd5e1a
8c258181a5919235b9758737b3a08fe3d07044d389695d2a49cb927902df2c84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/turkey.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "23a-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 570
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/turks%20and%20caicos%20islands.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/turks%20and%20caicos%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/turks%20and%20caicos%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/tuvalu.svg

141.98.11.217

200 OK

1.6 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/tuvalu.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1621 bytes)
Hash
e5e1824585b47cfd8fdf487ab81fe3bd
8e84005ee5a1b41767ccc1df2da773483e143504
816d0ca301517969591fd58413730bd9b991df1da9d1224a1dd815d30d00a345

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/tuvalu.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "655-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1621
Keep-Alive: timeout=5, max=37
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/uganda.svg

141.98.11.217

200 OK

1.2 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/uganda.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1199 bytes)
Hash
f251fd1a0155b20379b5ff5208ab4911
62636c22dd51531685c970cfe4b877ffc60f9dce
cdd76c498fba5633c2c219cffb23bada594cf5c009260c8fa21f828938ede594

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/uganda.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "4af-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1199
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/united%20arab%20emirates.svg

141.98.11.217

200 OK

568 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/united%20arab%20emirates.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
568 B (568 bytes)
Hash
95851dfb5d8c83aec47cef318dfd3cd4
fc4ec32547f361341520e0513f2e94a21ab45694
321ed0d2f54df5e34c66927c602ba38d85990fa970435852da0238bb5a2d6950

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/united%20arab%20emirates.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "238-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 568
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/united%20states%20minor%20outlying%20islands.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/united%20states%20minor%20outlying%20islands.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/united%20states%20minor%20outlying%20islands.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/uruguay.svg

141.98.11.217

200 OK

900 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/uruguay.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
900 B (900 bytes)
Hash
5a16ac87ea200237c2ff18f51f278b9e
fcdab72d126cb8f1fc46610bf343945f5bc027ce
7db266035d9c17519e7366dd357f260f4def1760868bb779177acea5c6eb122b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/uruguay.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "384-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 900
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/vanuatu.svg

141.98.11.217

200 OK

1.5 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/vanuatu.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1534 bytes)
Hash
ff246846177ed8610256de2b85ca5f08
d96f489e5932b87fa95df659168e1558add21398
2caa45b6a349139bc1d2f961f82759f64a952b799b9711d8d3a09fd26b6e85e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/vanuatu.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "5fe-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 1534
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/holy%20see%20(vatican%20city%20state).svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/holy%20see%20(vatican%20city%20state).svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/holy%20see%20(vatican%20city%20state).svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=36
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/venezuela.svg

141.98.11.217

200 OK

1.4 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/venezuela.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1413 bytes)
Hash
c440c3ab94add0d37346c3d1079e43d7
16ce39a32e442597f33b387ff3cefd84c0c5f67c
9d7a0e7ff4dc0d7b965de3943488e8fd2afdc7951e3693791e7ac5036f341872

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/venezuela.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "585-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1413
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/viet%20nam.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/viet%20nam.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/viet%20nam.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/virgin%20islands,%20british.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/virgin%20islands,%20british.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/virgin%20islands,%20british.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/virgin%20islands,%20u.s..svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/virgin%20islands,%20u.s..svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/virgin%20islands,%20u.s..svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/wallis%20and%20futuna.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/wallis%20and%20futuna.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/wallis%20and%20futuna.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/western%20sahara.svg

141.98.11.217

200 OK

0 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/western%20sahara.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/western%20sahara.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "0-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=35
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/yemen.svg

141.98.11.217

200 OK

486 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/yemen.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
486 B (486 bytes)
Hash
32d75697982798277a1ce593969a9b40
212210646492e450a8aebdbf2a6a82a9a28797d7
93400be32576b5a3cc2d61d980ee318563b7ba8ef4cd6e06faf46e0bc433b88e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/yemen.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "1e6-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 486
Keep-Alive: timeout=5, max=38
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/zambia.svg

141.98.11.217

200 OK

776 B

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/zambia.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
776 B (776 bytes)
Hash
d4c5a843527180fa8159c7ce7aa7f50c
f60c74ed8f5ad64db0b386a38a50d2f4c707ba66
574f0375ec50e0b40750935a8db8ead3f18235f6771af376cd77362034eefeb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/zambia.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "308-617e1218cedf8"
Accept-Ranges: bytes
Content-Length: 776
Keep-Alive: timeout=5, max=38
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/style_checkout/images/countrys/zimbabwe.svg

141.98.11.217

200 OK

1.5 kB

URL GET HTTP/1.1
rx-discount.com/style_checkout/images/countrys/zimbabwe.svg
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1481 bytes)
Hash
ae41156d159701abd214db7920dde198
954152cd77600c37d5b620bd3d957dc7dccc49d0
2082b21dac7500c3a19128107637c4c83db564f290c3963cd6dcd14cc4ea4527

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style_checkout/images/countrys/zimbabwe.svg HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "5c9-617e1218cde58"
Accept-Ranges: bytes
Content-Length: 1481
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: image/svg+xml

rx-discount.com/templates/design_3/images/doctor.webp

141.98.11.217

200 OK

11 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/images/doctor.webp
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (11084 bytes)
Hash
66fe70b1b4c1b6c79716fadc2661f0d7
063a429c1e71656aab02acc555ab97fb9bf99e62
cdb9fe8c9d7f9839fe4dc037f7f2f77d35f77248c45fbc4a31712bb2123b2cea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/images/doctor.webp HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:02 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "2b4c-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 11084
Keep-Alive: timeout=5, max=37
Connection: Keep-Alive

rx-discount.com/app/ajax_testimonials.php?lang=en

141.98.11.217

200 OK

1.2 kB

URL GET HTTP/1.1
rx-discount.com/app/ajax_testimonials.php?lang=en
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.2 kB (1196 bytes)
Hash
4bab9d00ae3eae37f1285f7ab69e4e56
f4e57516de599c800a917145f197408c022c10d6
d81ba7019c3b12e0865c018490d9c68620cb42cd517ecb824870f88d958a0091

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/ajax_testimonials.php?lang=en HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:02 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=uh1iin84hdsf2ckb0124r8cmq3; expires=Sun, 12-May-2024 10:55:02 GMT; Max-Age=180000; path=/
design=design_3; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
lang=en; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
aff=0; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
ref=https%3A%2F%2Frx-discount.com%2F%3Faff%3D1614%2F; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
ptrs_ip=91.90.42.154; expires=Sat, 11-May-2024 08:55:02 GMT; Max-Age=86400; path=/
ptrs_ip=91.90.42.154; expires=Sat, 11-May-2024 08:55:02 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1196
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/ajax_header_phone.php?lang=en

141.98.11.217

200 OK

326 B

URL GET HTTP/1.1
rx-discount.com/app/ajax_header_phone.php?lang=en
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
ASCII text
Size
326 B (326 bytes)
Hash
423646510fbeb3012ae8016dae0b2f5b
1686055df9ef154d75d224d65b8c8ca3c494eab6
52da91cfac89719b4ae905cb017024b3ba27e98d9ca7117c70abb41ae2da08b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/ajax_header_phone.php?lang=en HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:02 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=ibdu7k07vgepkt0vji3ea11tl2; expires=Sun, 12-May-2024 10:55:02 GMT; Max-Age=180000; path=/
design=design_3; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
lang=en; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
aff=0; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
ref=https%3A%2F%2Frx-discount.com%2F%3Faff%3D1614%2F; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
ptrs_ip=91.90.42.154; expires=Sat, 11-May-2024 08:55:02 GMT; Max-Age=86400; path=/
ptrs_ip=91.90.42.154; expires=Sat, 11-May-2024 08:55:02 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 326
Keep-Alive: timeout=5, max=36
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/ajax_license.php?lang=en

141.98.11.217

200 OK

149 B

URL GET HTTP/1.1
rx-discount.com/app/ajax_license.php?lang=en
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
149 B (149 bytes)
Hash
7566ce26689c47bd0f41f4224f1132e3
824da1a98802c1c5f8bd06ce8893a7e13cd29762
7152e51f256e4530d0a11b305a7dcec8f1501b19462485c5a48eb42d3ab72c0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /app/ajax_license.php?lang=en HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:02 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=jfltr74op1u8uc0mobea6ur5cr; expires=Sun, 12-May-2024 10:55:02 GMT; Max-Age=180000; path=/
design=design_3; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
lang=en; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
aff=0; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
ref=https%3A%2F%2Frx-discount.com%2F%3Faff%3D1614%2F; expires=Tue, 21-May-2024 22:41:42 GMT; Max-Age=1000000; path=/
ptrs_ip=91.90.42.154; expires=Sat, 11-May-2024 08:55:02 GMT; Max-Age=86400; path=/
ptrs_ip=91.90.42.154; expires=Sat, 11-May-2024 08:55:02 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 149
Keep-Alive: timeout=5, max=34
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/app/js.php

141.98.11.217

200 OK

0 B

URL POST HTTP/1.1
rx-discount.com/app/js.php
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /app/js.php HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 242
Origin: https://rx-discount.com
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:02 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=35
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

rx-discount.com/templates/design_3/fonts/Jost-Black.woff2

141.98.11.217

200 OK

19 kB

URL GET HTTP/1.1
rx-discount.com/templates/design_3/fonts/Jost-Black.woff2
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18772, version 3.459
Size
19 kB (18772 bytes)
Hash
4c5c38e28c54087db8fd0b69b7ced323
4c8fd9615b9432fbf9b8678da2e837e16d49e93a
c2de7993489ad9bbd6347610fef9a22bd32d3f7f6e0cca0cb4bc07eaf6914e35

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/design_3/fonts/Jost-Black.woff2 HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/templates/design_3/css/style.css?v=24042024
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:55:02 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "4954-617e1218f0138"
Accept-Ranges: bytes
Content-Length: 18772
Keep-Alive: timeout=5, max=34
Connection: Keep-Alive
Content-Type: font/woff2

rx-discounts.com/favicon.ico

193.243.189.83

200 OK

839 B

URL GET HTTP/2
rx-discounts.com/favicon.ico
IP
193.243.189.83:443
ASN
#56655 TerraHost AS

Requested by
https://rx-discounts.com/
Certificate
IssuerLet's Encrypt
Subjectmedichirurgia.com
Fingerprint70:BD:60:33:BC:04:E2:6D:3D:8B:4C:62:45:9B:B9:A0:BE:D3:1B:55
ValidityMon, 06 May 2024 15:47:37 GMT - Sun, 04 Aug 2024 15:47:36 GMT

File type
HTML document, ASCII text, with very long lines (853), with no line terminators
Size
839 B (839 bytes)
Hash
8a979d34dde37588e78c80a9185f6f54
d4c7e562dd5aaf1976019a2d8edca2c80cd1d554
5c8662cc140a231fb9e4b6d4581a0afcebe478c49eb9d33cd4acfaf129782ab7

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rx-discounts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discounts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.21.2
date: Fri, 10 May 2024 08:54:58 GMT
content-type: text/html
access-control-allow-origin: *
X-Firefox-Spdy: h2

rx-discount.com/js_code/init.js

141.98.11.217

200 OK

1.3 kB

URL GET HTTP/1.1
rx-discount.com/js_code/init.js
IP
141.98.11.217:443
ASN
#209605 UAB Host Baltic

Requested by
https://rx-discount.com/?aff=1614/
Certificate
IssuerLet's Encrypt
Subjectrx-discount.com
FingerprintD1:57:63:39:B9:61:F8:F4:F1:AA:95:4C:3D:72:F1:BD:2F:79:0B:9D
ValidityWed, 13 Mar 2024 10:47:16 GMT - Tue, 11 Jun 2024 10:47:15 GMT

File type
Unicode text, UTF-8 text, with very long lines (1324), with no line terminators
Size
1.3 kB (1337 bytes)
Hash
e632316b12d4d0585ebd802c470ca10d
896a2f987b157defe5f2c4fbdefc418af0bd24c6
e4a9dfd2533e7478e8c3cefb4682d18e8fd52a30b5f3e7fbbd0666b7a029787e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js_code/init.js HTTP/1.1
Host: rx-discount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rx-discount.com/?aff=1614/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 08:54:59 GMT
Server: Apache/2.4.41 (Ubuntu)
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 07 May 2024 18:12:38 GMT
ETag: "539-617e1218adab8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 638
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML