Report - salenzvs.live/product_details/3895768.html

Report Overview

Submitted URL
salenzvs.live/product_details/3895768.html
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 07:42:27
Access
public
Website Title
Girls bra student underwear girls have no steel ring development period small bra big children vest thin Buy China shop at Wholesale Price By Online English Taobao Agent - Online Store
Final URL
salenzvs.live/product_details/3895768.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
lovehairstyles.com	209934	2016-05-12	2017-01-31	2023-09-15	469 B	59 kB	52.7.47.10
www.albaselco.com	unknown	2010-09-29	2015-02-05	2022-03-28	446 B	109 kB	23.227.38.74
i5.walmartimages.com	6397	2007-12-07	2014-07-30	2024-05-08	507 B	93 kB	23.38.202.154
media.printables.com	unknown	1996-07-29	2022-03-31	2024-02-20	542 B	25 kB	172.67.5.123
salenzvs.live	unknown	2024-03-19	2024-04-08	2024-04-22	39 kB	1.2 MB	188.114.96.1
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	2.0 kB	170 kB	104.17.25.14
musicart.xboxlive.com	53475	2001-11-20	2014-04-26	2023-11-11	448 B	121 kB	23.38.200.8
www.contemporist.com	235444	2007-10-09	2012-07-18	2024-01-25	452 B	227 kB	172.67.135.47
miro.medium.com	13183	1998-05-27	2017-08-01	2024-05-09	413 B	1.0 MB	162.159.152.4
img.alicdn.com	8663	2008-06-25	2015-03-04	2024-05-10	446 B	32 kB	163.181.154.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed
2024-05-10	medium	salenzvs.live	Sinkholed

ThreatFox

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js	279 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:31 Last Seen2024-05-19 09:26:37 Times Seen310 Hash 0292da744fb4f768ae77370f868a674e 6dbafd633d187d11e2ef0a9a47044fd5646c70fb 068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468 Loading...

	cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js	338 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:09 Last Seen2024-05-19 09:26:37 Times Seen309 Hash de581e420bf52d70e353080a13094ea8 7e727d99fea8c31c2f2e3173105d585ee3289d31 4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5 Loading...

	unknown	199 B	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:37 Times Seen79 Hash 67a2c7b2c5a50b9967db9e9d1a0f4cc9 802c4eb3b2eaaa9cd03eafb632434d9bfcd6e99d e548dd3a15307e94b635e55caaee70050cfc332df229e5f8f341bee4f9ef1f76 Loading...

	unknown	776 B	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:36 Times Seen71 Hash be63d7a2a9f9124fc45a2742e182bfd9 3fd6281aaf80b0685b0ce1046a4153f9ae279b08 abd83281fb2c20c4a2c41fa07862c5f6ba8f59b20eabb2082dcb153524932118 Loading...

	salenzvs.live/static/market/js/jquery.min.js	84 kB	2023-03-07	2024-05-20
Pretty URL salenzvs.live/static/market/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-20 20:29:31 Times Seen14296 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	unknown	140 B	2024-04-23	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-23 22:26:41 Last Seen2024-05-15 18:30:59 Times Seen7 Hash 2270dada0fedb111ce154b3c2df42a09 173c6557d6169306fbb8b66c1a4bfdc847a03189 ddee22a4bb40faef2bec59071e3f6dfa6df1648b0a91122c6608cf89a01c01cf Loading...

	unknown	165 B	2023-11-13	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-13 22:39:47 Last Seen2024-05-19 09:26:36 Times Seen33 Hash fed33d948928ea8203e6fc0c3f096634 a2ce72caf9cd02165d69b4e3585b269652fb86f8 ec499d1b00a541fdc2041371d2cf5236074df01ee5dd0c805549edcf9820c9ea Loading...

	unknown	2.2 kB	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:37 Times Seen71 Hash bbc2c87307db938ed18aeb60f8617bf0 9f0f41df245ddd5d0c19a0dd031d399d5f803eaf fbb802425d01b533be464a7177298f884d1f48f6a48143cf094c4dc52bc91e6b Loading...

	unknown	1.5 kB	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:36 Times Seen71 Hash b43fa7cc5a45035a9f8a0abe1335b5a7 61933fd0d2e0e61647097d3cc72243ab77c85f1c b4967741000ab470155fd48a923ddec65a0247d5a4d7cd188b8027be2a4c6f69 Loading...

	salenzvs.live/product_details/3895768.html	8.6 kB	2024-04-23	2024-05-15
Pretty URL salenzvs.live/product_details/3895768.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 22:26:40 Last Seen2024-05-15 18:30:58 Times Seen7 Hash b985323a0512a1407fbd72eb80bef12d 8641f1dd00afa297965ad38016260df88ed3a6a8 70ea4296b44fbedfb3be3f18fbfc1e6b0a4172c748d066e15579b221379f4a12 Loading...

	unknown	343 B	2023-10-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-10-26 20:18:31 Last Seen2024-05-19 09:26:36 Times Seen48 Hash d782bb0f93d0dc2817d902065251d69b 3bb53cb16d433d8a05c6dfc1d8b84938c5ed0bec 75b5d8c94981a679ca296d05e7c7f458ba990b9e887e1f2f93622377147798a8 Loading...

	unknown	4.0 kB	2024-04-23	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-23 22:26:41 Last Seen2024-05-15 18:30:59 Times Seen7 Hash a1ae9322b7f5053d195abe468ad4fa30 7d4aa594ab6b2e338d025f6caf06ba782987abfa 7b9700d1acdf9b101128bd7463304d38aafe9a7d8fc6a130e552a0a15f1a081c Loading...

	cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js	15 kB	2023-03-12	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-19 09:26:37 Times Seen316 Hash 5f4a59735ca9517d0478f395439bd517 f820c08cf114da8ec451e8eedc0da51dfcba5e02 ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9 Loading...

	salenzvs.live/static/default/js/delighters.js	2.6 kB	2023-03-12	2024-05-19
Pretty URL salenzvs.live/static/default/js/delighters.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-19 09:26:37 Times Seen251 Hash cc31823856831d96acd96628fe1bc12c 4441d2792dc7fb9f54cde379cd6dd5085ae7af33 0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d Loading...

	unknown	9.1 kB	2024-04-23	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-23 22:26:41 Last Seen2024-05-15 18:30:59 Times Seen7 Hash 3187d266f96665449fe62c003440d635 0551819114fef6b09507318f154efb61cffbe622 3708f51bcde7a82fe0f85b082376bfabdbe570f303bcd101d2de0c6682ea5e90 Loading...

	unknown	245 B	2024-04-23	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-23 22:26:41 Last Seen2024-05-15 18:30:59 Times Seen7 Hash 56283f9a5f2f69932d89979363f2b92c 93947967130e8ea31129f6518e7e9b470029df4c 1a99b148a924c9dc9aa85315bf1343c5438103acfb20de395c9a8492613c8f9c Loading...

	salenzvs.live/product_details/3895768.html	9.2 kB	2024-05-10	2024-05-10
Pretty URL salenzvs.live/product_details/3895768.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 09:42:31 Last Seen2024-05-10 09:42:31 Times Seen1 Hash 25eb9e282121f8b44d7c6814e61f5da4 89ad47af36c9d50da2a7067ba5a6666a77b81655 746ab795422127e04b5953013dff5e4d3b414eba08567e62be230d5b13dcea09 Loading...

	unknown	202 B	2023-11-13	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-13 22:39:47 Last Seen2024-05-19 09:26:37 Times Seen33 Hash b7dbaac6930e7b2c4d39789ac243460c cc9b664caa39b976d433207e7e41fa04ed861b0b b9c5717a5fca9461367bb82a7502841fb2322fe571612bb9788c8be1d23a3de6 Loading...

	salenzvs.live/product_details/3895768.html	2.0 kB	2024-04-23	2024-05-15
Pretty URL salenzvs.live/product_details/3895768.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 22:26:41 Last Seen2024-05-15 18:30:59 Times Seen7 Hash eb4f0569f7f94095277a406a2bc3c9e4 68204e7c90d0db9b1db176355241ad8a732a8b6a ed8c867274d6238488a6198d514ef6527b2ebbf3aaf7d58fde858ead82f3f476 Loading...

	salenzvs.live/product_details/3895768.html	79 B	2023-03-12	2024-05-19
Pretty URL salenzvs.live/product_details/3895768.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-19 09:26:36 Times Seen147 Hash a71ddf2ef16448b1a9a116c9969bb84a 38f0cfe879b01e50b2022a5b46ccebe972b57afa f81cdd71a100042bdbdd3a8d1fa89581bc7763e26f2ff6eb7bbefda85e9143a3 Loading...

	salenzvs.live/static/default/js/public.js	1.9 kB	2023-03-12	2024-05-19
Pretty URL salenzvs.live/static/default/js/public.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-19 09:26:37 Times Seen200 Hash 53ceae9d8b9f4372ad101d91439cdbb7 662fa3a84762aee5bcb1da67ebbe2e37b3eeb79e 535ee4fa0189e79bd9a7d6ae4aa466180c4ac5b82b47647482ddce74587ce249 Loading...

	unknown	97 B	2023-10-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-10-26 20:18:31 Last Seen2024-05-19 09:26:36 Times Seen50 Hash 43ee2d60c2dfab527d889211d7a3f4ef 1b9cb62a6fa5ebd56d4ed53ccd82421d538f1645 d03579281e6352fc2db138234938e7d52437606fbd755910a62218583a5eebe0 Loading...

	unknown	10 kB	2023-11-13	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-13 22:39:47 Last Seen2024-05-19 09:26:36 Times Seen33 Hash 170c5e5c13d6422451a60e727adde3b9 563b0ad834d0fa9fd8ca4e0827e77464533ac076 2444a955d1c9343c6023768b5d7956ac3e864e6b8a89c2f8af53e30fc136b8af Loading...

	unknown	1.0 kB	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:36 Times Seen79 Hash e7e3b8fcf88dd9ccb044ef5dd45915cb 426037acb5a39793686b9b444fe700489bae963c 4079fce41d344828c2fc2659868de4578d5129a9835311215fb1941d2c3773f9 Loading...

	unknown	3.7 kB	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:36 Times Seen79 Hash 2f797b61ef7cc74388b3bc5c632a4c57 e52321b18d3b6a29875706e551cd1ca6f07e5b08 10ff3612f665baabd79e069759e88e84aaa2ce013789606d079e58673650e4e2 Loading...

	unknown	2.0 kB	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:36 Times Seen71 Hash c7eddf752593ca75c567e9f5aff590a4 ad456b19bd0ae1195bbd25b57af0371a5af1e3f2 d7d6b5dd0a87711ee3904abe8d2dba182baf97146c007ac66045ab7c397074a6 Loading...

	salenzvs.live/product_details/3895768.html	696 B	2023-03-12	2024-05-19
Pretty URL salenzvs.live/product_details/3895768.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-19 09:26:36 Times Seen147 Hash 207792bcff09eca0993cd75875f72095 1f602949e3de9dd8638601085791e25c6cc0acda ae57e93366c984a79002b078c27040993cd88c77218f277655fc031b6bb3e1d5 Loading...

	unknown	773 B	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:36 Times Seen71 Hash 15a39005ea43b9fa5ff86c3516ab5ee5 5c3e809063e8aa46dd2b3406874a6879a80e5bf8 4cba25fcb224ea4dbc3d577db7476d616ac7d4e3dd4110830c16709f8375e0f2 Loading...

	unknown	1.1 kB	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:36 Times Seen71 Hash 45c5402410be51c5c0222c8519cf660d 471fdc790f50cc0271ca1be5461f17d012cc6555 b643a82352094041aa8ef10323c3c64a683a85b61451fb439b1099c79ee02514 Loading...

	unknown	783 B	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:36 Times Seen71 Hash 9d25de5926c79fb8d7af32dfe8f594f6 69976077fe199eb227b0c7c4c34d78798c588b6f 45579e258830652d2bc8751d671b616b0525608d7de4b9c05637788fbb07be24 Loading...

	unknown	50 B	2023-04-12	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 00:31:29 Last Seen2024-05-19 09:26:37 Times Seen798 Hash 67a516f6876a6d5a6acd917aabe0571f 3cafb807a2d7fcf75a5092484795de52336ae1d0 cb909329532746539d41f5fe0c5f508bbf8191744c706dd5969753aa14948bc3 Loading...

	salenzvs.live/static/default/js/vue.min.js	94 kB	2023-03-07	2024-05-20
Pretty URL salenzvs.live/static/default/js/vue.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:40 Last Seen2024-05-20 21:06:29 Times Seen1280 Hash b21b8531847604ab5f2f5caaef51ba31 da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17 Loading...

	unknown	962 B	2023-11-13	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-13 22:39:48 Last Seen2024-05-15 18:30:59 Times Seen32 Hash 90bbe724f73b9b889d89a309f9047d5a 31c93ffdb5f15d539a7196a13b2a2b2bc679764e f8ff6f30266f43b8a5df43a361bec1637effc72ec2183173adb42d58495e511b Loading...

	unknown	163 B	2023-11-05	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-05 06:19:12 Last Seen2024-05-19 09:26:36 Times Seen60 Hash c48e720ebf7ba79ee5e3e9dd7b60179c 6e4146d5770164a59c5c95e8cf79d9c51d05b907 4bd9ebed99dddd10865ee1aff2700e770700f5a32c4dd83b9eb5a9b8fdcc6c57 Loading...

	salenzvs.live/traffic_statistics?gurl=	0 B	2023-03-07	2024-05-20
Pretty URL salenzvs.live/traffic_statistics?gurl= IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 23:05:27 Times Seen37896794 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	141 B	2024-04-23	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-23 22:26:40 Last Seen2024-05-15 18:30:59 Times Seen7 Hash 79e39e28409f9bdc28cdedf8889ba177 4b9f55a8a7171b5dcdf894e83dc3580e746a679a ab3bcea72c1927482e43ed917ea1f025cb9847a0e97f7482c7e77243fe6cdd02 Loading...

	unknown	209 B	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:37 Times Seen64 Hash 65e6fad0b80e5dae9ba33c36c87cbe46 2f27dd37b7ff2cf116e2932e497181aa8f68a08a 61e07b5ebd6b4033a1043820388f48ffc6be5afbad262f77e80c9e664a499295 Loading...

	unknown	2.0 kB	2023-07-26	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-07-26 13:37:44 Last Seen2024-05-19 09:26:36 Times Seen79 Hash aea6fdd0c50b5b2544fe2899a9a3b288 24fbf69d79b94bc623913211666a265d9c6fdff7 dab897deb7e6f1a9f27fa21ca6027a348e789937b09c02d64d783fd4d5c6c6a3 Loading...

	salenzvs.live/product_details/3895768.html	151 B	2023-03-12	2024-05-19
Pretty URL salenzvs.live/product_details/3895768.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-19 09:26:36 Times Seen146 Hash 4cc479dfa9707e2f24a8e129c80429b6 a6e2c685240dd740b22e226767035173703473a4 120dbe66705b4abb82ad0b16aabbd8ff3acee9be1fdfc30e77a2557012a1181d Loading...

		Size	First Seen	Last Seen
	#1 Write - ea47d7a66d8152302cd901d56844cb81	72 B	2023-03-12	2024-05-19
Pretty Observations First Seen2023-03-12 22:29:02 Last Seen2024-05-19 09:26:37 Times Seen150 Hash ea47d7a66d8152302cd901d56844cb81 235d8306b2b513c8851d054491a83beb3e194f94 ee7229be5e00ebb674d9f12a2aba9d62130a20978a0c27162a984e32530a1d5f Loading...

HTTP Transactions (46)

URL IP Response Size

salenzvs.live/static/mall/css/animate.css

188.114.96.1

200 OK

5.3 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text, with very long lines (65343)
Size
5.3 kB (5273 bytes)
Hash
a2debeb6012c56100f1180d3de887927
b49fa74ae3abff550dc4beff7e6e540ec1f37029
fee5e34c63f9527f33c78381943de33789c521a12f8ec151991bc5247d5f7bc0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/animate.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 5273
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "1184b-613961328e171-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OjyWI7T1rmQtu3mIYW7UgDXo1kSdCGR%2FPd6X04NE1Zb9kK5jLuGGna4lbowzzTzhzuj%2Fe%2FjqCz3f%2BQX5IYhC7B1RFTkrF6tnUQWvaBN20XY2Spv1jCVw1R%2BDDntAmdEO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43da3fb509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/ecicons.min.css

188.114.96.1

200 OK

7.5 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/ecicons.min.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text
Size
7.5 kB (7478 bytes)
Hash
abf739a4f700786a4e2d6abf4c81e3a0
aafb0578ed47df30cc871bc161db5f7d7cd6d444
9eef72c0a2fc38e6190244cfed729e9b9667529b47eabe2f446373d8958a968c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/ecicons.min.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 7478
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "9531-613961328e941-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4491
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cW1qW9bTBgDrFb3F2Ngit3WSdnwCj0pR0Pf90xQfYW2R72wrUuadkEUbK9by0GDWK97dTF4u9uJ5lnoDxDPRvJ15XIncD1TVvoUP54Fti0a9ssmZD8mBK3fcMJdleX9R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43da3db509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/slick.min.css

188.114.96.1

200 OK

483 B

URL GET HTTP/3
salenzvs.live/static/mall/css/slick.min.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text, with very long lines (1327), with no line terminators
Size
483 B (483 bytes)
Hash
da4e146913da6966d85a6b8686886edb
03a28dac9dfc6c33e6175c9c185911c56525d31b
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/slick.min.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 483
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "52f-6139613294319-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JWzrLkRD3vScB7k3RE6ABiy7kJQe1i2D%2FErQlBavsV8V8sdAtoFPc61ryapMpE3FETlY0epcptgvoA2sPxHYVgo9wcShJxkWtwNsuBcAJ2BTpN6Enmk3maarh94lSJIo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43da4bb509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/countdownTimer.css

188.114.96.1

200 OK

603 B

URL GET HTTP/3
salenzvs.live/static/mall/css/countdownTimer.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text
Size
603 B (603 bytes)
Hash
4c5a2eae14139012db8c7261d53a2b1f
d152958bb95adc8068f5249a72fc61a3f3c934a9
6135e3fdaa3cbbbdb11483b7ddefe4576b30c8e2a009264313c0833e61b961c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/countdownTimer.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 603
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "4fc-613961328e559-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUqDpx1mlChNn2%2B6rzr%2FvRbb0QpnZ0On%2FI2O%2FLNNdOQjU9lyxTMs9jwvudwoF0T9CNuJybN9bke49Awxqh8B2IEXJ8jxsPVy8XcXZ0oFu6rJNQ9HLSDu7osbqiADiF7w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43da49b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/store/css/checkout.css

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
salenzvs.live/static/store/css/checkout.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text
Size
1.2 kB (1249 bytes)
Hash
4b863c1345f71ff374b4fbbb6e78f442
5da106ab5de381b832786bbdd595900c08c451f6
99f7ad74232befd3e119ee5067ff9bb440d25bb05549f8d0660c9e02a977ba6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/store/css/checkout.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 1249
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "12d8-61396132b006a-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g1s3mqABLSFg251nwLoJOGWY%2Br%2BDSRybU%2BjGs4v%2BMKUG%2F83aDDO6gv3HZHMUChZ9k5VvgoUAw%2FzKk5INWBpbXwgMbD05aFuMF3BpkcfkZhGZL%2F107OBVNtMweDIj%2B3H7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43ea64b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/swiper-bundle.min.css

188.114.96.1

200 OK

4.1 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/swiper-bundle.min.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text, with very long lines (13428)
Size
4.1 kB (4135 bytes)
Hash
91a0424bb56d373b12fa509e49fa86d2
39087ce17748c48a5218767af371e2aabb576a49
665d1995ba3fd0f5caf431866b89bdfaf36debae2f1c07d8187bc559c41fadc7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/swiper-bundle.min.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 4135
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "357e-6139613294319-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suk6v1Urwg8erCQbuyY1EiKgDD4UFk%2B5vjWwWdOzx5Oh475QpAztvC2GMQA501I%2Bosqy4XRyz7kcja0Tqw10PJDsLVMWy6DwayFARuvII7%2FU3EPIhEIzTES5%2BuJypAX1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43da42b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/jquery-ui.min.css

188.114.96.1

200 OK

7.8 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/jquery-ui.min.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text, with very long lines (2363)
Size
7.8 kB (7809 bytes)
Hash
bd2605faa1a82b81a3499b489ed5fb22
dab30edbfa1758f8a150148675a4758822986c05
541607bcce7ec5803b0dfc7b0565deec6605b5f7e9f464420b530ffd75015db9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/jquery-ui.min.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 7809
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "865d-6139613294319-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xmIMD5YC8W0nJOFzMsbKltSB6gTyBnYEDCrTEcNa%2BmREU1g53xX0ymcfUlVEDFfxg%2BMfOitPF5etvJVXLh8CsK5PrPa77Q%2BsJJn8FR4QUbtTTybMMLePKb3OWgws0yDA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43da46b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/bootstrap.css

188.114.96.1

200 OK

26 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/bootstrap.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
Unicode text, UTF-8 text, with very long lines (560)
Size
26 kB (26373 bytes)
Hash
39e8a2967c8d284fe8fcb510e86c8e4c
6904f1ee11fd7c9a267a97096af2292f8858d226
7b7a0759889ed7da02124e9c2effa3f1052e4d434f0a9b161dda12d8986353da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/bootstrap.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 26373
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "32283-613961328e559-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06dJABYl6N43qYcsBy6c41WiW3vOqzA1w%2FNdDell3v73ZFgKxwar6wzdUIgcOc7%2FFkdCJ%2BQuHzF3YHNBthn6iE%2BWAI2iWLkJUma2DKWSQudP%2F%2BWsVPcVPE7dysH5t4vS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43da4fb509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/demo1.css

188.114.96.1

200 OK

48 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/demo1.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
Unicode text, UTF-8 text, with very long lines (562)
Size
48 kB (48303 bytes)
Hash
4ccd3337075c340f13b727f63253d055
83aa6fa4f31024a95f6f33621536955bbe4cd79b
045c76c6ccef51b7bad737e4a586f3c415bee97228bb9ec9efa5915c80f5b5d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/demo1.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 48303
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "6b248-613961328e941-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bU8YGjXTsh4i73Ehyu77auqz4iTLy3NIs38ZEh7KSMzxDq2sS7kSJtBTnxWpPSaV3E5AxWrI%2FKLcLj70lL9JT2iSycvVzSQ5VIIbV6Cugnl5ToobJgAkWTtV4NjKDsYr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43da52b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/responsive.css

188.114.96.1

200 OK

8.6 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/responsive.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text
Size
8.6 kB (8616 bytes)
Hash
5a0f0223020c05a39623fee1527a2b81
07468c1803b6ec9d1c47b051d099815d98618307
5ced93256785d0fc2aed667d047221aea1e152189227f76c0c5c5dd5b6798d60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/responsive.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 8616
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "f2c8-6139613294319-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkB55AAMQqAoJN5gRpuOYFWNXOffFAIyfjUctgPI51OytO9rV4bRCRq0sIm%2FJuJhAT3ZgETkQ%2BmUY%2BMaoO6kdmB4h62q7Vn1ICUDGHpFdWvmkogRjZbXUi8SuzV5KNQ3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43da53b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/product_details/3895768.html

188.114.96.1

200 OK

15 kB

URL User Request GET HTTP/2
salenzvs.live/product_details/3895768.html
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2315)
Size
15 kB (14819 bytes)
Hash
346de52351fc807f7b21639cfeb42d97
02cc330ce9a91cf1c617c2a6b8db203fa34d57c7
fdee115c7219d3ff9dc02e8d66c217ea4338f24e60f3d15c36b92a8b3ea28a50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /product_details/3895768.html HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:42:00 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:42:00 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yaJtoGEY6T1xJVjj28b0YiQYnuXUkwR0zthG9%2BZvxk%2FSyjnLw9FG%2BLxHqmmRlsV%2F1V%2BvfIcQE9qrYgsTB9ZwoTYJOA%2BgL584WCw9CKjkpR9%2BUvZ6YTSsCv1Y4T%2B4FqHY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a3d39f3b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

salenzvs.live/static/default/css/iconfont.css

188.114.96.1

200 OK

464 B

URL GET HTTP/3
salenzvs.live/static/default/css/iconfont.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text
Size
464 B (464 bytes)
Hash
717c6e58da97df4ca9866d0cf9f1eecb
53b035e4136e3fcbf6d710633c10562bbb8fb1eb
8b3c92ce43d9af1d42ae13507d542ff6de94684152fec5f111c1e138db769d5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/css/iconfont.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 464
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "55c-6139613276a70-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2053
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJkrfL9zHyuXihAXLWtL4oQ%2F6U3PPehcs9CsS1VRgVXQfziPbxW2wzsa0m3Kphx%2FMlpype3rgtUxF35d%2FlpD6n427haaeRBaQ%2BHjfEpDxbP4Hw9WTYipB4ZZhUXU%2B7HH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43fa7cb509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/logo.png

188.114.96.1

200 OK

4.5 kB

URL GET HTTP/3
salenzvs.live/static/logo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
PNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced
Size
4.5 kB (4523 bytes)
Hash
f9b9bde166706066a075e3ee6a597c31
9a0c872fb02fa22a5c238c9b85be38bae248e8be
dd4f65653bcceaa18f31ca082d38acc569b6c4c9f8f992655a8a497f9c6a0eb9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/logo.png HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: image/png
content-length: 4523
last-modified: Mon, 29 Apr 2024 05:48:29 GMT
etag: "11ab-61735cd8e644c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2052
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Od1sZCAcDwiSgmqRCBvxg%2BHTFhHCOEQkBZh6Wewq97t%2BHnd991ff5Jg%2FetzQt9jxqPajW2rstYGjGV3D111WQ4Kxdfp790sxYdeJdp86pyNep%2Bps5mu0g36vRlkYnRKG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184a440ab6b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/market/img/payment.png

188.114.96.1

200 OK

15 kB

URL GET HTTP/3
salenzvs.live/static/market/img/payment.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
PNG image data, 342 x 26, 8-bit/color RGBA, non-interlaced
Size
15 kB (14874 bytes)
Hash
d9e27afb8d07e73a5d78c58219db8284
2c8e0b0821ae555b66a6d9ad9d3f3a97d8164f99
1567d764b3ee71f11f52d807789d9a970c60dd195b39f2b295d476308d76aeb3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/img/payment.png HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: image/png
content-length: 14874
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "3a1a-613961329bc31"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4490
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uvbKJVXv4EuxXICAm%2BC89RF3PXGYDlFJ2e%2BM0oJypfsfcm5bOFEmQVkylAH%2BAGgvGYQ%2FQKr6RXa83dksgvB4xR1QWI0R1z6NoNw9ulqM1EjyT%2FKvQ%2BIbfFtqaPGm1kXf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184a442ae1b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/default/js/public.js

188.114.96.1

200 OK

637 B

URL GET HTTP/3
salenzvs.live/static/default/js/public.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
637 B (637 bytes)
Hash
53ceae9d8b9f4372ad101d91439cdbb7
662fa3a84762aee5bcb1da67ebbe2e37b3eeb79e
535ee4fa0189e79bd9a7d6ae4aa466180c4ac5b82b47647482ddce74587ce249

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/public.js HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: application/javascript
content-length: 637
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "76f-613961327a8f0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qExTrJ5sS1lrCOyCJNqf%2FfTddyK4t9Cz%2Bk6C3YGEMRuR%2F8DaSYE5dDAhYr7RqWJqA1pXylqGXqphr4sB7PtgDCJkizsBIJq7ZFEkQeERG28Vf%2F8D8ceXRyc6yLibX3dY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43fa83b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/default/js/delighters.js

188.114.96.1

200 OK

1.1 kB

URL GET HTTP/3
salenzvs.live/static/default/js/delighters.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
Unicode text, UTF-8 text
Size
1.1 kB (1149 bytes)
Hash
cc31823856831d96acd96628fe1bc12c
4441d2792dc7fb9f54cde379cd6dd5085ae7af33
0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/delighters.js HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: application/javascript
content-length: 1149
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "a4b-613961327a120-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSAEHPGXKHCrkBXwodEWrpH2dqKqbFQJj5eOEO8yZZwQO%2F9LIh6%2FG7wP%2FJqjqq3ZXgFo7mhfK5uoE0o8BP2MFEfmRPHA5IvBdxP4ibHPfmCObZsAmLi5WxvwajpyJis6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a440aafb509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/market/js/jquery.min.js

188.114.96.1

200 OK

30 kB

URL GET HTTP/3
salenzvs.live/static/market/js/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
JavaScript source, ASCII text, with very long lines (32061)
Size
30 kB (29497 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/market/js/jquery.min.js HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: application/javascript
content-length: 29497
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "14915-613961329d3a1-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0IWd%2FRvwrDrgcXvpv%2FFofc7qIC%2F2W3ieMbbEXf7%2FFcdEA52FpQM0GLDp%2BfuJAmhj80xhh1iHjm0hMfgFNbiMc92VB4oJiOzwoYFjvvsftHZpbudf7s1UUHw9CWOQdJz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43ea67b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/default/js/vue.min.js

188.114.96.1

200 OK

34 kB

URL GET HTTP/3
salenzvs.live/static/default/js/vue.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
JavaScript source, ASCII text, with very long lines (65449)
Size
34 kB (34225 bytes)
Hash
b21b8531847604ab5f2f5caaef51ba31
da8d7a59f4e6cc55ea58abec33ef9cebb9ba67c1
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/vue.min.js HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: application/javascript
content-length: 34225
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "16fc7-613961327b4a8-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2B4CwXiLIjQgLDwJyLicUwVlDrQGce8eldxSPgqRHo9a%2Fg3k2IbUcRoCv0X%2BbP8YI5Vhc6wLfGUz10joWpO1OXnfJLNoCp8ZgfUhqOrjfwsvprNsoPe8Z%2BS0FbtSTmQ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43fa7eb509-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css

104.17.25.14

200 OK

38 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/index.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (38108 bytes)
Hash
9a547188fa485f8ca9b2cc7d6d2524ef
7893335159a1f637eb24cd05aaba96ac156c7f65
897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433

HTTP Headers

GET /ajax/libs/vant/2.12.48/index.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css; charset=utf-8
content-length: 38108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-94dc"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 194563
expires: Wed, 30 Apr 2025 07:42:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D3QzW2pdtIh9pPE%2F0DpPWZL9KmNL%2BvqcmWB%2BGZuRHfas1u%2FuZPFo%2Bn1HOY1YdnRvkQOT4yXRWBtUT1NwkrWeat6lF5wKAP%2FXvbjOt%2FnBq3znuXR9hNvAVG92Tj6JhvoD%2BUMnOSy6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88184a44dc1a712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js

104.17.25.14

200 OK

4.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue-resource/1.5.3/vue-resource.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14957)
Size
4.9 kB (4866 bytes)
Hash
5f4a59735ca9517d0478f395439bd517
f820c08cf114da8ec451e8eedc0da51dfcba5e02
ff5c4da48c495fd0e611aec47b2986097c0351d5e1a527ab1ea64085dcdcdbe9

HTTP Headers

GET /ajax/libs/vue-resource/1.5.3/vue-resource.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 4866
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c785b9-1302"
last-modified: Mon, 14 Jun 2021 16:37:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 177753
expires: Wed, 30 Apr 2025 07:42:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FzBzOyvKfrT0PiQlcfA75oz8yWnTuOkcDJYQ%2B4%2Fr2K7NbD0HKcVMpIXyass%2BzVMJsd7lKTPvhyaRN2ORlCtTNuwtkn6KiPwugevUleKNAU7Vf8Q4VIlVdr8XlBl8MCi2c%2FksgqD4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88184a459d83712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css

104.17.25.14

200 OK

3.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16213)
Size
3.9 kB (3945 bytes)
Hash
951eae8c8a442c2940c54d180301ed41
771518669a370d915adf0d207f2a22092a768cd1
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css; charset=utf-8
content-length: 3945
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-f69"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 181355
expires: Wed, 30 Apr 2025 07:42:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dnPckuNfpFyH%2BJuboAaMss5%2BRuFqMUPuwwUwmxYJVmNmXaNINgRur6jbXMQa5HjaXUGR4ZVu%2FA4Uk9tjIYykXs3VWDfnBGS4x%2FHf6%2B5gTSnBMOQqgRW769PykPFwqTkdMepLKjc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88184a459d8a712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js

104.17.25.14

200 OK

68 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.48/vant.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (57307)
Size
68 kB (67811 bytes)
Hash
0292da744fb4f768ae77370f868a674e
6dbafd633d187d11e2ef0a9a47044fd5646c70fb
068b71488c3a0d9ccf95e76a72a93678f9baf45786e87e0b2dc8f1be25f72468

HTTP Headers

GET /ajax/libs/vant/2.12.48/vant.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 67811
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62b69136-108e3"
last-modified: Sat, 25 Jun 2022 04:38:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 730032
expires: Wed, 30 Apr 2025 07:42:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHLz8fLZbmT%2FpXpHCF2oMuvMTyE1tAMgM6a3Mia%2BDnfej9elqDcM533jfAn03xm9zJ1FCkKP6hBT2VCstP0VlhTdL6wUZRLojt%2FfMvtGlE6FUHdVmbBvBIT2CUxK0TARKKNTz6xf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88184a459d87712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js

104.17.25.14

200 OK

50 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.2/swiper-bundle.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
50 kB (49876 bytes)
Hash
de581e420bf52d70e353080a13094ea8
7e727d99fea8c31c2f2e3173105d585ee3289d31
4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5

HTTP Headers

GET /ajax/libs/Swiper/8.3.2/swiper-bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 49876
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62dffbc4-c2d4"
last-modified: Tue, 26 Jul 2022 14:35:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 139849
expires: Wed, 30 Apr 2025 07:42:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6gsd%2FtlFgMbuWXw0phTA3cvyt8C5aHgYNeox7bd8kzuBkoll8qX2z5kKxDg5w0PGk3dotsYxdVQ%2FOoT66fSawxXcm%2Ff2OAj7ZPEqdY8ElQdIAFlOXMUKqs%2ByoLY%2BtnTPKaWk%2F%2FB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88184a45ad96712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

salenzvs.live/static/default/js/delighters.js

188.114.96.1

200 OK

1.1 kB

URL GET HTTP/3
salenzvs.live/static/default/js/delighters.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
Unicode text, UTF-8 text
Size
1.1 kB (1149 bytes)
Hash
cc31823856831d96acd96628fe1bc12c
4441d2792dc7fb9f54cde379cd6dd5085ae7af33
0636cf1e7380cd58da452b76c4f7d8d902d25c735188b56d005c73a127bae19d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/js/delighters.js HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: application/javascript
content-length: 1149
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "a4b-613961327a120-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1r0hJVPrvmUEXrZU0SiVDswUtoQo%2FDZ%2BWtKdbCJDp2Z8wKpaVECiKhxjDlJdzDBFqtrfx4eucdfjfQE4mn%2BTntylVzFCwxrYP09uYOMup34yaVsKVOzBRahDp8UQfKV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a473f73b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/api/cart/index

188.114.96.1

200 OK

114 B

URL GET HTTP/3
salenzvs.live/api/cart/index
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
JSON text data
Size
114 B (114 bytes)
Hash
5e0f617f8c9758900c9eb72462e10207
269f6f9af785b3f29997b3241d8653a1340b01a4
af9632a94de6f3759c550ed97d55ca1b54ee125dd13863105e8aeb528f2dd1d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/cart/index HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
Authorization: 
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:01 GMT
content-type: application/json
content-length: 114
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6InBJUHI3cmQxQm1WS0ZGQ0dNMU9PSmc9PSIsInZhbHVlIjoiWkptdi9ITSs4MXZmWjl1UzZrMzVUK0FCNFhJbGYyVmJDblUrRWRPSFFUK3V5RmlKNWpRV0V1Wi9nSkYzd1REa0NlM2w2S1RQNDhicHR3NHdiWUl0ak9WaGtxdmRpSFZPalRNZjJGbGMzTENhTEpmZjg1YVova3ZRMlgrZFlwMEoiLCJtYWMiOiI1YWZiODMzOTdlNjJmYjZjMTY0N2E5ZmJkZDU5ZDVlZGMxOTYyMjBkZWQzMmZmNmFkYzkyZGRjZTBhMGU0ZWQ0IiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:42:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdZoTL9V5A6a5Wl%2Bv3G5tRgdvRb7FK97zNrQcggqMQOW151LGvlpi9Ya3OGqXM7fWXqqp%2BFZVvYj6eiElWzNXqSj4cEeNmw8YoY%2FTpL7Qp1cTjnIMeJA7T7HVJbtIta5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a478fc4b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/api/item/secondCate

188.114.96.1

200 OK

15 kB

URL GET HTTP/3
salenzvs.live/api/item/secondCate
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
JSON text data
Size
15 kB (15179 bytes)
Hash
0f6eb50a0e462ce99c859937f98d1631
1379fe41a7264432d9d4c95b35fdff97a532e58b
28493e1fb974bc45eb0e57bcd9bd09b0e6b43c94714c21bab08903a5f7b2b5af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/secondCate HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:02 GMT
content-type: application/json
content-length: 15179
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6InpMZ2tGQytTdDV0VThrRDJldzRoSGc9PSIsInZhbHVlIjoiV3hnY0JiZG5aTUJFdklmZ09lV1A2dDBuS0QvdDMzZ2VJemgzUVJ3YmVNNVBNaDFiWGQzSHFwWEJ2SlRiK0dZcWUrM3lKZ1BlZ0dGMlV5RFVPb0NPNTlPaG5Wbk93WkxNYXFxTDYvOWZGaE9VZkhGR00rb0ZydUJ0L3RmTWdOSjciLCJtYWMiOiI0NTRkZDI0MmQ3Yzg5M2JiMDNlY2ZkM2RjMTg1ZTk5M2ZjZTgxNzcxMDQzZWFjZDMxM2ZjY2FkMmI1ODIwZDNhIiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:42:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKHV7noH09WDiZQT31XQHvs9QGvp9ll0NTLw%2BhiyzI9iDa5Bg7ZKnWNky03q2PyrtNH2%2BKc%2FZshmo6ACz%2F330cCDHOHlXXMsaoI9lM9juXb1Rr648C3QPfL4wDO%2FeLVp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a477fbcb509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/favicon.ico

188.114.96.1

200 OK

78 B

URL GET HTTP/3
salenzvs.live/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
JSON text data
Size
78 B (78 bytes)
Hash
a44c87b0d55afacf14c8327af92e948e
3ccbcb7c5e0d553ce51030580dec3732eb477f9d
a0587eb4f330926619e867180d0f81a594dde4e75ddd471d2f1414024c9163ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImZzNzRQVEU5QXZxbWNqRkpXUTZoOHc9PSIsInZhbHVlIjoiTkF5ejZNM0JKUVpMeWJRV3NrR3NrUlREdk94RE9zbzVwekRPUGk2SEg2T01DK3VIUVlRSWVBWjByOFl3WWFrNVJxZVNTdkJCZGxWQ2QyRE43dmlpeXJRU1l5bnZmaXZPUmlxWmh1QnRKN0pOWW1XbE5KVmo3RjJsc0F3WVpGY0kiLCJtYWMiOiIxMDdlYjJjN2VmZjhkZDZkOGJkOGJiOWVmNDEyOTI0ZmMwY2EzOTk3OGMyMDNmODM4MjcxYjdiYzY3NjZjMjg5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpERjUwUjNsVVNoVkxwUU9ZeG5qUUE9PSIsInZhbHVlIjoiQ0Z6Mmk4UVZZTHNQNk13VkJMMkt6VERTTC8rc1JtY3FVZzJSdWUwQU9kV1p5Y3JrMTlWMkozVHlVc1RZU1VtSmg3RFJidmZtM00rQmltaXY3OXZCY2c3V2ptdCs0UkE1TnhqcDJtVGhOblFTL2R5RVdNK1U4Yy8zVGNnS0duQ0UiLCJtYWMiOiJlZTYzNDZlNjMxZTFhOThlY2QwNTRiZDc0NWZlMmI3NWJhMDNjM2IxOGFkZTMxYTQzNzgyNzQ5ZjFiNjFkMzQ4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:02 GMT
content-type: application/json
content-length: 78
cache-control: no-cache, private
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nv3i%2FRsCBM9QdkQNXxrNQ6s5X4HXjROpakmyxNUyUHPRkCb3OhYZw8%2Fb1U6xwpVR%2FRIDYbYNcjpSNxAr%2BDnmN2M9uJpiCOTFZwa7cWu6%2Fb3a%2BnGrq%2F9amVBXXg0CtniJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a4d0f80b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/api/item/info?id=3895768

188.114.96.1

200 OK

895 B

URL GET HTTP/3
salenzvs.live/api/item/info?id=3895768
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
JSON text data
Size
895 B (895 bytes)
Hash
013556b2d03d9c8d79aca866e6e92fb8
2dcfd01189f1c23b520d85a89673839955a3141f
fb123accf9c897808623f2a9224e284ece882c9e4851f9798e50ea672859b050

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/info?id=3895768 HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:02 GMT
content-type: application/json
content-length: 895
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Iks1M1hLSndaam56dTNBbTg2dkVkRHc9PSIsInZhbHVlIjoiTWt6aC92Qld3djdpcXQ3bkp0YlBIMGEyZnRmV3JJRm9UQ0E0QkhGTnczN1UwNVRkMzBjWEtRaVdENkZjckFBN1dYMzhJZWVZK3lIK1M4SDdBRDFTcGl3b2RybFJRbkhnOEQ3TVFWb0IwbldVSVJkdlRYeVQ2TERDQnlrUU5MWWIiLCJtYWMiOiJjOTlmODVkM2Q5Y2ExN2M0M2U1ODVhYmFmYmU5OTU2ODNmZDJmOWUxZjgyZmJjYzk2OTFmNjRlNjBmMzE2ZjI0IiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:42:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sr%2Bp4K4GQDTDyJYIHYjIk0W7rN1imqqmpoa5EBM2wIPJMMhzSujC6fD5T9JBjUZpM%2B9z6W5z9nESbP15GhLQR42Jfr277oDr16AdmcJOZjDIg6Doc5Leic4opJkJNRFC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a48189ab509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/traffic_statistics?gurl=

188.114.96.1

200 OK

31 kB

URL GET HTTP/3
salenzvs.live/traffic_statistics?gurl=
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
data
Size
31 kB (31351 bytes)
Hash
0d74dced8b19cc04ae188f1035c665de
25c5f73f84674572b93edddf47f6699efb24a4fa
0c16e32368114b29028ce6e703c0f9e11c33640ecbef76c53d2719dbe293c9f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /traffic_statistics?gurl= HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:01 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImZzNzRQVEU5QXZxbWNqRkpXUTZoOHc9PSIsInZhbHVlIjoiTkF5ejZNM0JKUVpMeWJRV3NrR3NrUlREdk94RE9zbzVwekRPUGk2SEg2T01DK3VIUVlRSWVBWjByOFl3WWFrNVJxZVNTdkJCZGxWQ2QyRE43dmlpeXJRU1l5bnZmaXZPUmlxWmh1QnRKN0pOWW1XbE5KVmo3RjJsc0F3WVpGY0kiLCJtYWMiOiIxMDdlYjJjN2VmZjhkZDZkOGJkOGJiOWVmNDEyOTI0ZmMwY2EzOTk3OGMyMDNmODM4MjcxYjdiYzY3NjZjMjg5IiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:42:01 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6ImpERjUwUjNsVVNoVkxwUU9ZeG5qUUE9PSIsInZhbHVlIjoiQ0Z6Mmk4UVZZTHNQNk13VkJMMkt6VERTTC8rc1JtY3FVZzJSdWUwQU9kV1p5Y3JrMTlWMkozVHlVc1RZU1VtSmg3RFJidmZtM00rQmltaXY3OXZCY2c3V2ptdCs0UkE1TnhqcDJtVGhOblFTL2R5RVdNK1U4Yy8zVGNnS0duQ0UiLCJtYWMiOiJlZTYzNDZlNjMxZTFhOThlY2QwNTRiZDc0NWZlMmI3NWJhMDNjM2IxOGFkZTMxYTQzNzgyNzQ5ZjFiNjFkMzQ4IiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:42:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekMZQ0nkRuPlX5f0Kaq5XDdYi%2FHzE481fjb%2FiqHXGlFKXdOmxdenV%2BaloDGgtgtlkG7%2FpQIaWmJJcioLm%2F6NPN5XrENf8bql1eIXHJASMOGyDQd61KLHNOKko8pgpTGg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a48a965b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

salenzvs.live/api/item/randomByKeyword

188.114.96.1

200 OK

1.2 kB

URL POST HTTP/3
salenzvs.live/api/item/randomByKeyword
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
JSON text data
Size
1.2 kB (1178 bytes)
Hash
4920656ac76ef8539027248e9b8d1de0
2edad77a9a769a0aa130aaf2c51f73f0a7e85951
adc08db291319ac8bcda507763a1ce321d552e3c348db3cd8c0e3b1835a5bc65

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api/item/randomByKeyword HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 20
Origin: https://salenzvs.live
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImZzNzRQVEU5QXZxbWNqRkpXUTZoOHc9PSIsInZhbHVlIjoiTkF5ejZNM0JKUVpMeWJRV3NrR3NrUlREdk94RE9zbzVwekRPUGk2SEg2T01DK3VIUVlRSWVBWjByOFl3WWFrNVJxZVNTdkJCZGxWQ2QyRE43dmlpeXJRU1l5bnZmaXZPUmlxWmh1QnRKN0pOWW1XbE5KVmo3RjJsc0F3WVpGY0kiLCJtYWMiOiIxMDdlYjJjN2VmZjhkZDZkOGJkOGJiOWVmNDEyOTI0ZmMwY2EzOTk3OGMyMDNmODM4MjcxYjdiYzY3NjZjMjg5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Iks1M1hLSndaam56dTNBbTg2dkVkRHc9PSIsInZhbHVlIjoiTWt6aC92Qld3djdpcXQ3bkp0YlBIMGEyZnRmV3JJRm9UQ0E0QkhGTnczN1UwNVRkMzBjWEtRaVdENkZjckFBN1dYMzhJZWVZK3lIK1M4SDdBRDFTcGl3b2RybFJRbkhnOEQ3TVFWb0IwbldVSVJkdlRYeVQ2TERDQnlrUU5MWWIiLCJtYWMiOiJjOTlmODVkM2Q5Y2ExN2M0M2U1ODVhYmFmYmU5OTU2ODNmZDJmOWUxZjgyZmJjYzk2OTFmNjRlNjBmMzE2ZjI0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:04 GMT
content-type: application/json
content-length: 1178
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 56
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6IkpwVDJCTkltRnY2RVpKMzZTQ1Y4amc9PSIsInZhbHVlIjoiQmxWK3JvRkY5T3ordnQ2d2owMTJzdUlLams1V3QrTzRWN284elhOc1ZWM1N0TlFJdUJxano5WCtVU0x1K0lNUjNQYnlvOGtONHI5REx1V1RNRy91NzRpbmszS1h5SEFmWHNMaEZZWm5HNGVDWlZNOGdTU0NKMzROQU9DR2tDeUIiLCJtYWMiOiJmNzYwZTlhODFhM2IxYTdlNzBlZmZkMjVkZGJhZDAzNWQxMTkwNmZjMzczYTZkMWU2ZjA0YjI0OWE0YTI3ZmQxIiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:42:04 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9T67tXrjRGP05mgDUhui7fd5ka3XMjBuwR04fsSRWsVuX2nzafk5kAfXKB3Y%2FQkNrlZou1yxFsxT7d0fHPKWu9cgiG%2BMYrggn5aIlhxIIBjqUG01qkcnoIBERSYF60h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a53b9a3b509-OSL
alt-svc: h3=":443"; ma=86400

musicart.xboxlive.com/7/51165100-0000-0000-0000-000000000002/504/image.jpg?w=1920&h=1080

23.38.200.8

200 OK

121 kB

URL GET HTTP/1.1
musicart.xboxlive.com/7/51165100-0000-0000-0000-000000000002/504/image.jpg?w=1920&h=1080
IP
23.38.200.8:443
ASN
#16625 AKAMAI-AS

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerMicrosoft Corporation
Subject*.xboxlive.com
Fingerprint22:F2:BA:E3:09:44:95:60:3E:25:31:D3:DC:93:9C:0C:7C:D8:77:39
ValidityThu, 18 Apr 2024 14:44:41 GMT - Sun, 13 Apr 2025 14:44:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 788x1080, components 3
Size
121 kB (120799 bytes)
Hash
d85f6ca52ea934fd7d630fa70330efe4
2f6a7cf006d94cbb0d167ed1acae97ca0c25cf99
233d9d53b2f294c8a0a36e2d92c6983aae88fe55e6179f6ef81dcb052ef30c91

HTTP Headers

GET /7/51165100-0000-0000-0000-000000000002/504/image.jpg?w=1920&h=1080 HTTP/1.1
Host: musicart.xboxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=604800, s-maxage=86400
Content-Type: image/jpeg
Last-Modified: Mon, 22 Jul 2019 16:48:18 GMT
Accept-Ranges: none
ETag: W/"AEBs5H0c/aPIuywKxAU1DaquHRgJSB0hMHg4RDcwRUM0NjY0RDUwOTU"
MS-CV: aNnb26AfYEeI9I+z.0
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: MS-CV,X-DominantColor
X-DominantColor: #EAE6E6
Content-Length: 120799
Date: Fri, 10 May 2024 07:42:05 GMT
Connection: keep-alive

lovehairstyles.com/wp-content/uploads/2022/06/lemonade-braids-tribal-style-pulled-back-hairstyle-683x1024.jpg

52.7.47.10

200 OK

59 kB

URL GET HTTP/2
lovehairstyles.com/wp-content/uploads/2022/06/lemonade-braids-tribal-style-pulled-back-hairstyle-683x1024.jpg
IP
52.7.47.10:443
ASN
#14618 AMAZON-AES

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerSectigo Limited
Subjectlovehairstyles.com
Fingerprint8B:2B:BC:AE:2C:8E:C8:A5:67:39:2A:7D:21:FE:E1:14:30:92:20:44
ValidityFri, 01 Sep 2023 00:00:00 GMT - Tue, 01 Oct 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 683x1024, Scaling: [none]x[none], YUV color, decoders should clamp
Size
59 kB (58856 bytes)
Hash
98f8728dd403958b90a71b81ef478c50
b4c31dd366ffccf8514d96bb6d13fc9b73800510
2b354ba766d57fc4b1e9852b408a0578f1fd466b8c731a2dc8b61730d9d56a2d

HTTP Headers

GET /wp-content/uploads/2022/06/lemonade-braids-tribal-style-pulled-back-hairstyle-683x1024.jpg HTTP/1.1
Host: lovehairstyles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:42:05 GMT
content-type: image/webp
content-length: 58856
etag: "64afd9a5-e5e8"
expires: Sat, 10 May 2025 07:42:05 GMT
vary: Accept
cache-control: max-age=31536000, public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.albaselco.com/cdn/shop/products/RALCSSTICKNU177BareReveal3_grande.jpg?v=1629801893

23.227.38.74

200 OK

108 kB

URL GET HTTP/2
www.albaselco.com/cdn/shop/products/RALCSSTICKNU177BareReveal3_grande.jpg?v=1629801893
IP
23.227.38.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectwww.albaselco.com
Fingerprint9E:AF:95:AE:0B:6A:6D:C5:10:E0:39:4A:8E:27:C0:99:8F:F2:51:5C
ValidityThu, 09 May 2024 01:26:57 GMT - Wed, 07 Aug 2024 01:26:56 GMT

File type
RIFF (little-endian) data, Web/P image
Size
108 kB (107706 bytes)
Hash
560d74beb5ace3773a3ca436f8d4271b
b3baef8085fa2a487eda6e2e110f040673388429
cfd7e1f1b28a49213c1632b7f3c38c012916dcd52293553fdac5bff39f4f7f18

HTTP Headers

GET /cdn/shop/products/RALCSSTICKNU177BareReveal3_grande.jpg?v=1629801893 HTTP/1.1
Host: www.albaselco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:05 GMT
content-type: image/webp
content-length: 107706
x-sorting-hat-podid: 176
x-sorting-hat-shopid: 56390484145
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
source-length: 291121
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 93e2b25b-2a88-44dc-ba8b-11349d55ac03-1715326925
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
last-modified: Fri, 10 May 2024 07:42:05 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UhYfTPePA8MdPImpQ9BtoyLkRqJfPpCTe57klsgFzyErmi9AD0B30QX51K84zDyhAUD3bO9NrsHSn6G1z6fCpl7Xl2CCViR92D2JE%2BkRQb52ae9%2FDJg3y7mfJM9efIbQWsqt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=231.924, imageryFetch;dur=94.542, imageryProcess;dur=136.481;desc="image", cfRequestDuration;dur=514.999866
x-permitted-cross-domain-policies: none
x-download-options: noopen
server: cloudflare
cf-ray: 88184a623d758db0-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.contemporist.com/wp-content/uploads/2020/04/modern-blue-rugs-geometric-080420-722-01.jpg

172.67.135.47

200 OK

226 kB

URL GET HTTP/2
www.contemporist.com/wp-content/uploads/2020/04/modern-blue-rugs-geometric-080420-722-01.jpg
IP
172.67.135.47:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectcontemporist.com
FingerprintAE:0A:3F:42:BF:B5:83:C9:43:86:FF:46:78:19:2A:06:30:71:6B:1A
ValiditySat, 13 Apr 2024 23:48:31 GMT - Fri, 12 Jul 2024 23:48:30 GMT

File type
JPEG image data, progressive, precision 8, 800x940, components 3
Size
226 kB (226307 bytes)
Hash
f9f12fa04b5a80c5b5bb3247ca09b692
896ad38b048e0d7c79acadf97149e434ddcdc679
d0784cf7b46b19ab3ff5dcdc16b05eb3be646f6337bec5097cfa032dc0f6370a

HTTP Headers

GET /wp-content/uploads/2020/04/modern-blue-rugs-geometric-080420-722-01.jpg HTTP/1.1
Host: www.contemporist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:05 GMT
content-type: image/jpeg
content-length: 226307
last-modified: Thu, 09 Apr 2020 02:25:16 GMT
etag: "37403-5a2d253d6cc1b"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z4wW%2BvFXo9rbOiZKJwkN%2FCSV2aH7Pc%2FBD1EpBYc5Id9YiOUDbQH4%2BUb3SkPTSWHsCHrTky7KgHrS6ydw5YwRHQxX6%2BZxYGWx47vxPqJMO8meJma6K48KdA90GDHI0TVLovaMJag3Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184a60db8ab518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i5.walmartimages.com/seo/Panasonic-42-Class-HDTV-720p-Plasma-TV-TC-P42X5_d212841a-c90d-484d-ae29-865355ba30a2.f8befa0853aabb98d56a19dcdfdac120.jpeg

23.38.202.154

200 OK

92 kB

URL GET HTTP/2
i5.walmartimages.com/seo/Panasonic-42-Class-HDTV-720p-Plasma-TV-TC-P42X5_d212841a-c90d-484d-ae29-865355ba30a2.f8befa0853aabb98d56a19dcdfdac120.jpeg
IP
23.38.202.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerGlobalSign nv-sa
Subjectprod.walmartimages.com
FingerprintC9:61:B8:71:85:E5:A3:B0:21:3E:35:DF:B9:B5:94:83:FA:23:76:10
ValidityMon, 28 Aug 2023 20:43:51 GMT - Sat, 28 Sep 2024 20:43:50 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1848x1848, Scaling: [none]x[none], YUV color, decoders should clamp
Size
92 kB (91712 bytes)
Hash
02029d3fc8b8817d1a4d098d3bf1323e
ce0d383cefd66e5ffd79f2b782a6e330d184a9b9
61b0d49cfa3af917c7f030fc57f801d9fa885457baa2bc522d4022b31fe6dcab

HTTP Headers

GET /seo/Panasonic-42-Class-HDTV-720p-Plasma-TV-TC-P42X5_d212841a-c90d-484d-ae29-865355ba30a2.f8befa0853aabb98d56a19dcdfdac120.jpeg HTTP/1.1
Host: i5.walmartimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-tag: v1.3.91
content-length: 91712
content-md5: AgKdP8i4gX0aTQmNO/EyPg==
content-type: image/webp
last-modified: Wed, 18 Oct 2023 19:57:47 GMT
timing-allow-origin: *
x-tb: 1
x-tb-oa-expiresat: 1728417466
x-tb-oa-originalcontentsize: 181430
x-tb-oa-originalcontenttype: image/jpeg
x-tb-oa-version: v1.3.91
x-tb-optimization-original-content-size: 181430
x-tb-optimization-original-content-type: image/jpeg
x-tb-optimization-original-expires-at: Tue, 08 Oct 2024 19:57:46 UTC
x-tb-optimization-resized-content-size: 181430
x-tb-optimization-total-bytes-saved: 89718
x-tb-optimization-version: v1.3.91
cache-control: public, max-age=30758400
expires: Thu, 01 May 2025 07:42:05 GMT
date: Fri, 10 May 2024 07:42:05 GMT
set-cookie: TS8fe4666a027=08c971f872ab2000ce3b1f8d91510a14a52f6052baba6e903eb8fbfe6096ffee3f6e9cda24f2af8708f546b27f113000f2696b8254157b155a6fd88ec26606f7ad3706ddc0409009a75daffeb33ecae2939cc543bed2586cbcbfe6163da57ce4; Path=/
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=749, product;desc="edge",host;desc="9a89257efff3",dc;desc="9bfd8eb",fetch-ms;dur=33,req-proc-ms;dur=47,resp-proc-ms;dur=2, Ak-cont-type;desc="image/webp", ak_p; desc="1715326925073_388255527_256217974_83324_816_1_22_13";dur=1
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-methods: GET, PUT, POST, OPTIONS
access-control-allow-origin: *
x-cdn: AK
X-Firefox-Spdy: h2

media.printables.com/media/prints/322797/images/2785932_3739fc18-e249-490c-9fe4-043e98e6d245/thumbs/inside/1280x960/jpg/large_display_07ab83ce-87f0-4f6c-9eab-e22f5047fc83_322797.webp

172.67.5.123

200 OK

24 kB

URL GET HTTP/2
media.printables.com/media/prints/322797/images/2785932_3739fc18-e249-490c-9fe4-043e98e6d245/thumbs/inside/1280x960/jpg/large_display_07ab83ce-87f0-4f6c-9eab-e22f5047fc83_322797.webp
IP
172.67.5.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectprintables.com
Fingerprint65:79:D2:CC:18:44:5D:A1:8E:C5:22:6D:C4:51:7F:99:AF:C6:1F:C5
ValiditySun, 21 Apr 2024 08:43:56 GMT - Sat, 20 Jul 2024 08:43:55 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 960x960, Scaling: [none]x[none], YUV color, decoders should clamp
Size
24 kB (24172 bytes)
Hash
d7d82f6ecddf70ccb6a12563896ea96c
0d23900fe5f43d8194974db583a02e0a6bf39544
7ce1cde1673dfe0539fb83ba622e05993873a02f21c864ed929cfd428d1c9a3b

HTTP Headers

GET /media/prints/322797/images/2785932_3739fc18-e249-490c-9fe4-043e98e6d245/thumbs/inside/1280x960/jpg/large_display_07ab83ce-87f0-4f6c-9eab-e22f5047fc83_322797.webp HTTP/1.1
Host: media.printables.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:06 GMT
content-type: image/webp
content-length: 24172
cache-control: max-age=31536000
last-modified: Wed, 22 Mar 2023 16:00:44 GMT
etag: "d7d82f6ecddf70ccb6a12563896ea96c"
x-cache: Miss from cloudfront
via: 1.1 1477d9a8c8937e52c63815feac5bc078.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL56-C4
x-amz-cf-id: HFxcNNyVdWLFufCyBCwdtJWiO0fsWtPemHWQf159lZglbL8ebqRzzQ==
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184a60fc66b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

miro.medium.com/v2/resize:fit:1400/0*SA3mmDQHxrXP6hiQ

162.159.152.4

200 OK

1.0 MB

URL GET HTTP/2
miro.medium.com/v2/resize:fit:1400/0*SA3mmDQHxrXP6hiQ
IP
162.159.152.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerCloudflare, Inc.
Subjectmedium.com
FingerprintF3:FC:CB:6E:E6:33:07:77:AD:2B:53:42:4C:B4:FA:11:D9:AB:41:2C
ValidityFri, 16 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 1024 x 413, 8-bit/color RGBA, non-interlaced
Size
1.0 MB (1023672 bytes)
Hash
600e7567c415c42192a9b799d867d673
61d941c104c65f51d878290a002ffd662d4e8cd8
fc32ab78a5bb2b8a0dc4daa194cf2adf1bde7f7f1e4e7fa582abb8ee63be5329

HTTP Headers

GET /v2/resize:fit:1400/0*SA3mmDQHxrXP6hiQ HTTP/1.1
Host: miro.medium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 07:42:06 GMT
content-type: image/png
content-length: 1023672
sepia-upstream: medium
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: inline; filename="0*SA3mmDQHxrXP6hiQ.png"
content-security-policy: script-src 'none'
etag: "kOh5IArmqbwi-UQnx70r884GPb_iKvNGsAhWyZ59jw0/RIjEzNDNjNjI2OWZlZWRkY2JkMGU1NDRjMTM5NDRhMmQ3Ig"
expires: Sat, 10 May 2025 07:42:05 GMT
medium-fulfilled-by: miro-v2/main-20240507-223507-a45e18f1bb
x-envoy-upstream-service-time: 390
x-request-id: 0bc8e20d-b4ac-4124-acb5-4a082ffffd62
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88184a60fc5756c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

salenzvs.live/api/item/getImageUrl?url=https%253A%252F%252Fwww.tiktok.com%252Fapi%252Fimg%252F%253FitemId%253D7217072798655647018%2526location%253D0%2526aid%253D1988

188.114.96.1

200 OK

56 B

URL GET HTTP/3
salenzvs.live/api/item/getImageUrl?url=https%253A%252F%252Fwww.tiktok.com%252Fapi%252Fimg%252F%253FitemId%253D7217072798655647018%2526location%253D0%2526aid%253D1988
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
JSON text data
Size
56 B (56 bytes)
Hash
ec61c31a44a0c0104e6d5311cf4ae339
1848acc365a85a7a3e06aac5226ad1182035c0cb
2776ea4bef8595a3ca3100fb8c6908f0e1a629b22595d8807a0fa5ace82f15fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/item/getImageUrl?url=https%253A%252F%252Fwww.tiktok.com%252Fapi%252Fimg%252F%253FitemId%253D7217072798655647018%2526location%253D0%2526aid%253D1988 HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImZzNzRQVEU5QXZxbWNqRkpXUTZoOHc9PSIsInZhbHVlIjoiTkF5ejZNM0JKUVpMeWJRV3NrR3NrUlREdk94RE9zbzVwekRPUGk2SEg2T01DK3VIUVlRSWVBWjByOFl3WWFrNVJxZVNTdkJCZGxWQ2QyRE43dmlpeXJRU1l5bnZmaXZPUmlxWmh1QnRKN0pOWW1XbE5KVmo3RjJsc0F3WVpGY0kiLCJtYWMiOiIxMDdlYjJjN2VmZjhkZDZkOGJkOGJiOWVmNDEyOTI0ZmMwY2EzOTk3OGMyMDNmODM4MjcxYjdiYzY3NjZjMjg5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkpwVDJCTkltRnY2RVpKMzZTQ1Y4amc9PSIsInZhbHVlIjoiQmxWK3JvRkY5T3ordnQ2d2owMTJzdUlLams1V3QrTzRWN284elhOc1ZWM1N0TlFJdUJxano5WCtVU0x1K0lNUjNQYnlvOGtONHI5REx1V1RNRy91NzRpbmszS1h5SEFmWHNMaEZZWm5HNGVDWlZNOGdTU0NKMzROQU9DR2tDeUIiLCJtYWMiOiJmNzYwZTlhODFhM2IxYTdlNzBlZmZkMjVkZGJhZDAzNWQxMTkwNmZjMzczYTZkMWU2ZjA0YjI0OWE0YTI3ZmQxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:09 GMT
content-type: application/json
content-length: 56
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
set-cookie: laravel_session=eyJpdiI6Imljb24rMnc4N2JMblVxOGlqMTV0RXc9PSIsInZhbHVlIjoiTUVkY3UwcjNVZ05mSWEwcnhFdE1DN2Y4WWg1Z3UvVTRVZE4zcS9yWEc4THpOUFRtclp0NVE0S2N6RktybFh4TGFHcHBXbGR6YXVSeDRlb0RYN1pXc2w2ZEZQUy9HREY0MFhIQ2hEVi8xdkRZNVcrbzJjKzYzOGxEVXVMSmVEbjgiLCJtYWMiOiI0YWQ4Njg3MzBlZDQxMDdkN2VjNzkzNjk2MTM1YjU0NTQzNzk1NzkxMzhlNWQ2NGM2ODQ1MjlkNWU5ZTA3NGEwIiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:42:09 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Kc69nG5gNFt%2FgHHK0MjcAuakid6ChoDh%2BfYDDTGWsvnX%2Bu%2B0PwNV%2Bnruu6dC3UPn2YjOFqDu8IfMWVr96ydQv7SuTVLgHsO9Ysg2%2BxTrRab2SpOBggeyXNEwoBB%2FVYo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a60ae48b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/default/img/20220514153821.png

188.114.96.1

200 OK

15 kB

URL GET HTTP/3
salenzvs.live/static/default/img/20220514153821.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
PNG image data, 245 x 222, 8-bit/color RGBA, non-interlaced
Size
15 kB (15411 bytes)
Hash
3ecbb8f543b70888626038f8cf81f227
a9bf6388621ba59e09e59e58713e8abfc04e5ff3
2214e58d7962a38491fb50f2f641b869917fba48120c02e5f207b5c9025326f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/default/img/20220514153821.png HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImZzNzRQVEU5QXZxbWNqRkpXUTZoOHc9PSIsInZhbHVlIjoiTkF5ejZNM0JKUVpMeWJRV3NrR3NrUlREdk94RE9zbzVwekRPUGk2SEg2T01DK3VIUVlRSWVBWjByOFl3WWFrNVJxZVNTdkJCZGxWQ2QyRE43dmlpeXJRU1l5bnZmaXZPUmlxWmh1QnRKN0pOWW1XbE5KVmo3RjJsc0F3WVpGY0kiLCJtYWMiOiIxMDdlYjJjN2VmZjhkZDZkOGJkOGJiOWVmNDEyOTI0ZmMwY2EzOTk3OGMyMDNmODM4MjcxYjdiYzY3NjZjMjg5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Imljb24rMnc4N2JMblVxOGlqMTV0RXc9PSIsInZhbHVlIjoiTUVkY3UwcjNVZ05mSWEwcnhFdE1DN2Y4WWg1Z3UvVTRVZE4zcS9yWEc4THpOUFRtclp0NVE0S2N6RktybFh4TGFHcHBXbGR6YXVSeDRlb0RYN1pXc2w2ZEZQUy9HREY0MFhIQ2hEVi8xdkRZNVcrbzJjKzYzOGxEVXVMSmVEbjgiLCJtYWMiOiI0YWQ4Njg3MzBlZDQxMDdkN2VjNzkzNjk2MTM1YjU0NTQzNzk1NzkxMzhlNWQ2NGM2ODQ1MjlkNWU5ZTA3NGEwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:09 GMT
content-type: image/png
content-length: 15411
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "3c33-61396132781e0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUJPSWtJfhN82sNVyrh1kCn0UEXEbKcePIe0S21wx73R09u9PzVxU2%2FE3ZkqfLNbH6mbvQhhvwMMQ9NHObx%2BMCRYhhzfYlmGplwDTs2lanGZzeo2%2BIfiJmX85qNhFejH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184a7d6ccdb509-OSL
alt-svc: h3=":443"; ma=86400

img.alicdn.com/imgextra/i3/2206665664088/O1CN01KujXNx1g4LiPpGKK2_!!2206665664088.jpg

163.181.154.234

200 OK

31 kB

URL GET HTTP/2
img.alicdn.com/imgextra/i3/2206665664088/O1CN01KujXNx1g4LiPpGKK2_!!2206665664088.jpg
IP
163.181.154.234:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3
Size
31 kB (31350 bytes)
Hash
c0c505132bb284362e4781ace81d6b72
cb285c0ef575740bb6e81438a9e1342124eb28b4
ba7ed91bddd8e0b50df3df3b3251089e7a02611073e331132588ebed64b5670a

HTTP Headers

GET /imgextra/i3/2206665664088/O1CN01KujXNx1g4LiPpGKK2_!!2206665664088.jpg HTTP/1.1
Host: img.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 31350
date: Sun, 14 Apr 2024 08:34:57 GMT
last-modified: Fri, 28 Jul 2023 02:36:55 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.105
traceid: 4f85b09e17130836975681626e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: jpg2
cache-control: max-age=31536000
ali-swift-global-savetime: 1713083697
via: cache10.l2us1[0,0,200-0,H], cache35.l2us1[1,0], ens-cache15.gb4[0,0,200-0,H], ens-cache14.gb4[1,0]
access-control-allow-origin: *
age: 2243226
x-cache: HIT TCP_HIT dirn:11:13574631
x-swift-savetime: Fri, 10 May 2024 01:00:44 GMT
x-swift-cachetime: 29316853
s-rt: 3
vary: Accept
timing-allow-origin: *
eagleid: a3b59aa217153269237334336e
X-Firefox-Spdy: h2

salenzvs.live/static/mall/css/font/Poppins-Regular.ttf

188.114.96.1

200 OK

158 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/font/Poppins-Regular.ttf
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
TrueType Font data, 13 tables, 1st "GDEF", 17 names, Microsoft, language 0x409, Copyright 2020 The Poppins Project Authors (https://github.com/itfoundry/Poppins)PoppinsRegularI
Size
158 kB (158192 bytes)
Hash
8b6af8e5e8324edfd77af8b3b35d7f9c
01d319c533f62ea29f03b5df8adfd4d93d2d2a38
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/font/Poppins-Regular.ttf HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/demo1.css
Cookie: XSRF-TOKEN=eyJpdiI6ImZzNzRQVEU5QXZxbWNqRkpXUTZoOHc9PSIsInZhbHVlIjoiTkF5ejZNM0JKUVpMeWJRV3NrR3NrUlREdk94RE9zbzVwekRPUGk2SEg2T01DK3VIUVlRSWVBWjByOFl3WWFrNVJxZVNTdkJCZGxWQ2QyRE43dmlpeXJRU1l5bnZmaXZPUmlxWmh1QnRKN0pOWW1XbE5KVmo3RjJsc0F3WVpGY0kiLCJtYWMiOiIxMDdlYjJjN2VmZjhkZDZkOGJkOGJiOWVmNDEyOTI0ZmMwY2EzOTk3OGMyMDNmODM4MjcxYjdiYzY3NjZjMjg5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkpwVDJCTkltRnY2RVpKMzZTQ1Y4amc9PSIsInZhbHVlIjoiQmxWK3JvRkY5T3ordnQ2d2owMTJzdUlLams1V3QrTzRWN284elhOc1ZWM1N0TlFJdUJxano5WCtVU0x1K0lNUjNQYnlvOGtONHI5REx1V1RNRy91NzRpbmszS1h5SEFmWHNMaEZZWm5HNGVDWlZNOGdTU0NKMzROQU9DR2tDeUIiLCJtYWMiOiJmNzYwZTlhODFhM2IxYTdlNzBlZmZkMjVkZGJhZDAzNWQxMTkwNmZjMzczYTZkMWU2ZjA0YjI0OWE0YTI3ZmQxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:04 GMT
content-type: font/ttf
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "269f0-61396132927c1-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1950
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FxAdOrEqS8RCPIli4in1g1FWh%2Fzi57Ybu6c21YO8ic89t%2Fx39bJWRoWsZGiA81RmFuaRUeBbthkf%2FVIL2jVN5un44HlbiPqwxSSnu6LfUBK6Q3L7H7NbKPYIIG7t323"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a609e40b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/font/Poppins-SemiBold.ttf

188.114.96.1

200 OK

155 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/font/Poppins-SemiBold.ttf
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
TrueType Font data, 13 tables, 1st "GDEF", 19 names, Microsoft, language 0x409, Copyright 2020 The Poppins Project Authors (https://github.com/itfoundry/Poppins)Poppins SemiBol
Size
155 kB (155192 bytes)
Hash
4cdacb8f89d588d69e8570edcbe49507
20b39c8b480c946b084d6aa09f12bf10b2ec5aa6
bf9c1ff640acc8bb5441a9b564360943f9db90969742aa33a36329b2828d2759

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/font/Poppins-SemiBold.ttf HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/demo1.css
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: font/ttf
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "25e38-6139613292ba9-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1946
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FjWR%2F8VZ9hKjrLhntAWmthABSagwEqtA1WqQ%2B00YgdGdQJFcuGsDB7cVORnrxLr5ACQbXn3ctygcWXtowX2LIEyXPA4DdmQ3%2Bz8AVeXSUmzm7Nx3pF%2B3uzzv%2Fq6DwLrO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a47f872b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/font/Montserrat-Regular.ttf

188.114.96.1

200 OK

246 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/font/Montserrat-Regular.ttf
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr
Size
246 kB (245708 bytes)
Hash
ee6539921d713482b8ccd4d0d23961bb
d25b35242deb1c6ff888b8162ca2aacc356d3899
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/font/Montserrat-Regular.ttf HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/demo1.css
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:01 GMT
content-type: font/ttf
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "3bfcc-613961328fcc9-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OeYKNitr1niurY2%2FBpHdL4XttPeNFg8AFdrejmdG4OENwIvXRyZO%2FyqFYtZy5sjpJ%2FId72Sz86EfiD%2BDMvpKmpRtsN4KYb3x9UqKyn2TcAiWNOo23Am%2FR1p1Me74iqa8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a48b97eb509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/bg-4.css

188.114.96.1

200 OK

452 B

URL GET HTTP/3
salenzvs.live/static/mall/css/bg-4.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
ASCII text, with very long lines (467), with no line terminators
Size
452 B (452 bytes)
Hash
75d2e5447a478cdc5d40f2f20a0cad6e
581fd4c4e4313bda85e54dbf23f6147c8203f52a
660bc5a80d75b5e2451246f210c51173dca79a0ed3121fe622294637afaeafe9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/bg-4.css HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salenzvs.live/product_details/3895768.html
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:00 GMT
content-type: text/css
content-length: 129
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "1c4-613961328e171-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LN9aMLFB0sjmwoJsffIBlGs8Z1ztFWoRVUZHw9Lt92zHvjMmiFhcNPmUhWSZWN8B8TnxRZ%2FbnxeaoOGracTbgfms%2B3bQwni%2Fa7kn%2BTmeo2cABMEaCsjqQXrqNpbA0JX5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a43ea5fb509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/font/Montserrat-SemiBold.ttf

188.114.96.1

200 OK

244 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/font/Montserrat-SemiBold.ttf
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr
Size
244 kB (243816 bytes)
Hash
c641dbee1d75892e4d88bdc31560c91b
f829de4c176fb2ccf5e33360920f48de6794434e
f227901ef48ac4d1fe4cc6ed0dbce99e6b38969babe5e05da2dfb33521b02944

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/font/Montserrat-SemiBold.ttf HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/demo1.css
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:01 GMT
content-type: font/ttf
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: "3b868-61396132900b1-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XwInvzyR1YebHl31SQa%2BKYWLdLEN1xNFq39KD7M07kHUknrmQKLJC5103BZVK%2FMDd7rBJZ%2FLlcfAaGD2zDsLOeLu749noY0JUx0ZWZ0P6FlLGqEFIJgUJbu8eNN%2B6F5J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a48b984b509-OSL
alt-svc: h3=":443"; ma=86400

salenzvs.live/static/mall/css/font/ecicons.woff2?v=4.7.0

188.114.96.1

200 OK

77 kB

URL GET HTTP/3
salenzvs.live/static/mall/css/font/ecicons.woff2?v=4.7.0
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salenzvs.live/product_details/3895768.html
Certificate
IssuerLet's Encrypt
Subjectsalenzvs.live
FingerprintC4:93:74:89:D7:54:43:B0:B2:39:98:89:7A:4C:0B:29:5E:EE:B7:66
ValidityTue, 02 Apr 2024 03:14:40 GMT - Mon, 01 Jul 2024 03:14:39 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/mall/css/font/ecicons.woff2?v=4.7.0 HTTP/1.1
Host: salenzvs.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://salenzvs.live/static/mall/css/ecicons.min.css
Cookie: XSRF-TOKEN=eyJpdiI6IlJkOUlGOHgxcTBkMk9oQ1Y2S0MwYnc9PSIsInZhbHVlIjoiY0wveXZMRjllbitZYmZrb3lqYVJBa214N2Jkak8zWXQrQ0h1bVdoRTVrMU9kb09ScWNlUmpYZjJZUXJTNXhMSE1kWU91c0xFaGI2Vkh5d1p4NW96WURKTHFSTlNac3FueEgrWEx5VEU4U0lnSnQyajdSampIOTdMckMyc1MyN1kiLCJtYWMiOiJhYzU0ZjFjODAzNjliOTA5ZmNkNjhhZTM5ZDNlNTRiOWVkM2UyMTJiODVlYWIwZWUwMmVkNjhkNDdiMmZkZWU3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImQ1cmQrSzUvQWRsWm5rQ0w4S25mUGc9PSIsInZhbHVlIjoiUHhXK3YxYUFCbng5dlk1SXhrTTJ6M3NlSWZkaU96cVcxM21lUURCcG51eEIwc3pCc21zSFBmaDYvVWtMb0pzMDlrUTlsSmVCUHBwTnF3SkFOOUppMlNCTDQ4Y1dNZm9raHkxdktVckJUY3lyNCs1NnhNcmtPVDRTdmYzSHRna3YiLCJtYWMiOiJkNmJkNDEyMDQ1YmM4ZWYyNjI1MGY3NGIzMjMxY2M5ZDdmZTNmNDI0MDBkMDU0NzcyY2MwMzc4YmUxM2UxY2MyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:42:01 GMT
content-type: font/woff2
last-modified: Thu, 14 Mar 2024 02:59:07 GMT
etag: W/"12d68-6139613294319-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StzoomK1tkeHdS%2FsaN8YN%2FUPJ29aX9oS%2FEQeW9AnmGsL9pNQ1%2Fw%2Bnw2wCdMvXb4eAFjrnEIucSCPO9TPrpXJAY46SEmP4b77G46c16A%2FV4RWuG1%2BSiDN7kKm0GDD3rro"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184a48c98db509-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML