Report - ninewestoutletshoes.com/

Report Overview

Submitted URL
ninewestoutletshoes.com/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-05 22:47:45
Access
public
Website Title
Nine West Outlet Shoes Lietuva likti stilingai
Final URL
www.ninewestoutletshoes.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
106

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.ninewestoutletshoes.com	unknown	unknown	No data	No data	29 kB	2.3 MB	104.21.35.159
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-05	8.7 kB	127 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-05	3.2 kB	45 kB	216.58.207.227
ninewestoutletshoes.com	unknown	unknown	No data	No data	478 B	36 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed
2024-05-05	medium	ninewestoutletshoes.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	www.ninewestoutletshoes.com/	158 B	2023-03-07	2024-05-18
Pretty URL www.ninewestoutletshoes.com/ IP 104.21.35.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:18:35 Last Seen2024-05-18 13:42:31 Times Seen437 Hash f898517faa32a1d50013fd8b9ab2aaa7 eaeadc084111ee29bc6e1c05e35cfb8a237cbf5f 828a54afa9f3f8d83b680f98ab03887c8fb7999d5eece48e4c7cb3a4842a03d9 Loading...

	www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_plugins.js	273 kB	2023-03-08	2024-05-18
Pretty URL www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_plugins.js IP 104.21.35.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:00:23 Last Seen2024-05-18 13:42:31 Times Seen410 Hash 61bced23c3ca3a6b3623097507a8e2e4 fa6e156543aee6ad5fd3f14799140842880142aa 1736d465416b468d9836583f60c9a3165138120678649560a81f6365378a2743 Loading...

	www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_zmain.js	54 kB	2024-05-06	2024-05-06
Pretty URL www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_zmain.js IP 104.21.35.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-06 00:47:52 Last Seen2024-05-06 00:47:53 Times Seen2 Hash 657b6fc5f6b612f62bf9fc3b4231a42d 2c65c88d583489044def61a402fa94ae4083506f 3b68c6d91ed98b466dac0b8ddbfe9a6c98eb8fe2ce1b37ea7c1e084d155179b9 Loading...

	unknown	37 B	2023-05-10	2024-05-18
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-10 05:59:15 Last Seen2024-05-18 13:42:31 Times Seen165 Hash 2ae35f23e69e0ebd06359dfbe0c5ce31 956b0ffc3c2eb6d3eeb8186f1d28a53d75d70506 8aade99f8e2e9831797b6836d32508679ccc13b2f63af0ca0015137690516e73 Loading...

	www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jquery.min.js	90 kB	2023-03-07	2024-05-19
Pretty URL www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jquery.min.js IP 104.21.35.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-19 00:48:29 Times Seen274979 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_extend.js	594 B	2023-05-10	2024-05-16
Pretty URL www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_extend.js IP 104.21.35.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 05:59:15 Last Seen2024-05-16 17:46:19 Times Seen151 Hash c8066c428aa37568d993688d7632e7f2 19094c44934483104346acefa04211617da1aefd fefd341651da17fa0a4265b6bd2ab7d63c92701d2001690cc7a90eeeb6c07fa8 Loading...

	www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_cookies.js	745 B	2023-03-07	2024-05-18
Pretty URL www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_cookies.js IP 104.21.35.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:35 Last Seen2024-05-18 13:42:31 Times Seen797 Hash 65807f4bee7bcb4f6af769919ee805d3 c75e394f474f9238cb539f8b7ef9708cc083eff2 6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598 Loading...

HTTP Transactions (77)

URL IP Response Size

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/logo.png

104.21.35.159

200 OK

3.3 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/logo.png
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
PNG image data, 240 x 40, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3324 bytes)
Hash
bac93314ba3967ae0ba999b9f8aa2c18
afd98d1295e9caa3d0f64a24431f1c4276c7749a
6467e426831c8254deb61b6adbb9af0e50a3332b7efd42abc6695e576b3053a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/logo.png HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/png
content-length: 3324
last-modified: Fri, 26 May 2023 06:52:05 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "64705715-cfc"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwWwYxDYMlyK3Mtx%2B%2BWEEjpUQpMrPTKkKGiuutIMkK%2F3hgtO2p6GFCZBP5Cc0VSEkGQDhzEG4Z2%2FQe7xrKJ7xOcP8Y6%2FHyhyQsWTL1cLjUqLzmk6WO2NhJnJdHP643zyO2HAwY1mlaLoI28OVFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445805b9d1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/waist-banner-left.jpg

104.21.35.159

200 OK

9.7 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/waist-banner-left.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 428x428, components 3
Size
9.7 kB (9688 bytes)
Hash
9e9247e70f8fc42938e22417caab9513
ce1c0f4e4f7582ab0d85d6d795fa90b453aaa731
42c6b23efed2db39be0bf66d966d9a651f79a058608d3454b899d3be4437b3ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/waist-banner-left.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 9688
last-modified: Fri, 26 May 2023 06:55:01 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057c5-25d8"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KfrWMQiDCoQbRwuWWqugvPVLkiuWEYgKDxenwOoeEY7P%2B73sWW%2FkOFMOik0mS3DCvW%2FSoUbLDBDlCIJJps5IZ%2BP8k99vjL4liwNexJy6RcdMS1gKfsMkI11yBf4tYVP599EfVbwlR4StQsLkdcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445807bae1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner9.jpg

104.21.35.159

200 OK

11 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner9.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 428x428, components 3
Size
11 kB (10912 bytes)
Hash
aafeb9e599082beb65c9fe2d9a0c5a59
e3f3952fd65dd7fe023763aecc680643c654d15c
e056d787ed79d4072feb513253420803fe1643deb8c6a79c5205cf63b365a367

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/slide-banner9.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 10912
last-modified: Fri, 26 May 2023 06:54:58 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057c2-2aa0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKwpC30Pn3gIZanxol9PChaRALc%2BYNCoi2Kj66fIJqmW3epc3qP7AaiPK59PgCvBINX2NhxPtaHMQkWL%2Bzs1pLNQbzf8yJKjmTnDYRfC8f1mXSApS%2BiJiyzAHd%2FJbk%2FVs4W0nnh4jk8GNCAJt8A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445808bb61c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/viduriniai-kulniukai/Nine_West_hippa_smail_s_koj_pir_tai_P8VL1252.jpg

104.21.35.159

200 OK

14 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/viduriniai-kulniukai/Nine_West_hippa_smail_s_koj_pir_tai_P8VL1252.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
14 kB (14075 bytes)
Hash
981d26c4368dea62b8140a23d8cc5d95
368d8619a5907c7f813e270dfdbb10c43190cccc
e1b8521e9121a9baad81449451684e21ee22c901311812d9f607468a489bb47d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/viduriniai-kulniukai/Nine_West_hippa_smail_s_koj_pir_tai_P8VL1252.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 14075
last-modified: Thu, 18 May 2023 08:46:54 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e5fe-36fb"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdZ758arR2lpqvUahM%2FMTDfXUvqe5kyzTeNEPeYxEpdIsMIG5lIuOo8wh1F4HTz1gIkmwdREEZcDDk9dyJpwhH8XNZWfQDycriWKmGmHq9qyI9S2jOc7KmejbN9uIimtu1sguB1pPasT9ZjfF88%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445808bbb1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/loader.gif

104.21.35.159

200 OK

35 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/loader.gif
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
GIF image data, version 89a, 128 x 38
Size
35 kB (35011 bytes)
Hash
362e988184d842aea3a0b5d09a64d13e
e4ab705fb063ffd2645ce8a25e59e889e98f211c
82656f23517068a7b3d92badc8c29716e53654cd2574d330b08823ca7f7b8fa4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loader.gif HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/gif
content-length: 35011
last-modified: Thu, 09 Jun 2022 11:23:04 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "62a1d818-88c3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esMB2BTzB2jiHGWF70FHoWnvuE5pbtib4%2Fl7HErJ4QbQI9U2NOh%2FWRcLSMtgzTiS4zVWngPRya3VxiSq%2BQWdpm7o8UYhFETNxXhqLcJiiDoaVng8mjcIAcGIuC0o5idaYrxu4%2BWVN7NBTjc8zNg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445805b9c1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/coupon1d.jpg

104.21.35.159

200 OK

33 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/coupon1d.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 720x250, components 3
Size
33 kB (33399 bytes)
Hash
29ca0b0f9de48f0e7601b2af80972d20
dbf51e3bbdd164938e73e1ce898396cba97a22dc
8425e925502a2495659f78f15f85f78a27ebe573af193190d75b4f326c08970e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/coupon1d.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 33399
last-modified: Fri, 26 May 2023 06:54:49 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057b9-8277"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4uZdn1nU%2BJEHVmtPaZAJPj84NJQIrHIKUE3dyYJx4Nsy8vmre1daZjvYTreWXTcjmU0Tz9EN5fYDMaEj0HZIebMW7eIRC64TZasE%2ByzTuAKhkbpvz94VOzsAqJ9yF0GS1eJAqVEGPJXhfTIDDbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445805b9e1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/coupon2d.jpg

104.21.35.159

200 OK

27 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/coupon2d.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 720x250, components 3
Size
27 kB (27011 bytes)
Hash
769736424cd00a212c6bf329c19f7347
e63727c97a4fd599ed328f53a5e12ac1f32ee80d
e9bf37b0d3e370f9978d2a1d46af42689a93cb66716a29bed98297da8e728798

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/coupon2d.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 27011
last-modified: Fri, 26 May 2023 06:54:50 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057ba-6983"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7IV%2B8Kon6uG3yNdTsm8lRXOKU2dz7rA%2FHuUeZUNGlUhogjJ2T0UeYuwJ1ShccLVL%2BdHSq1tKoo%2BfZFoCkzEuJzRGOpmJLt22VDAWiiDHZWNMy9fLx0Ur7FpPZ39GhB1xUkX2%2FmVAyWshLhZXZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806b9f1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_irina_valkata_P8VL2792_sm_lio_spalvos_multi.jpg

104.21.35.159

200 OK

39 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_irina_valkata_P8VL2792_sm_lio_spalvos_multi.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
39 kB (38980 bytes)
Hash
e40a7f65a3672fcf228fe99134df7cbe
4473f5caa6b020fb04e614907d25b8d443bebc9c
f91504e795ff6d44041f5990856cffd7b8085e231720b7a23cb1c16851e30640

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_irina_valkata_P8VL2792_sm_lio_spalvos_multi.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 38980
last-modified: Thu, 18 May 2023 10:04:34 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465f832-9844"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2Bw3phEdI5rWRFdNeMr%2FO8IUwnkEvGGV5YKbhg2EtX%2FGtIIxpEHYwlpxzdjdsaD79ow063R48%2FnlYr1XnyDffsRMYIdp1wi2ONNybyMOL4RgnO2Z0mKZhYQVJM%2BjceXkmsl91j5eUuxSnllYllU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806ba01c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_brooklyn_reaktyvinio_rinkinio_kuprin_P8VL2797_juodas.jpg

104.21.35.159

200 OK

42 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_brooklyn_reaktyvinio_rinkinio_kuprin_P8VL2797_juodas.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
42 kB (42259 bytes)
Hash
6551c678c37d932f935b36b2948c0dd9
bb6201f5e385a017bdb7460fff8bd3d0a57ed6e8
335e21a716819657a495f8ec9ee69490d5f56959584fbaccc28d80e6f9c3ee60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_brooklyn_reaktyvinio_rinkinio_kuprin_P8VL2797_juodas.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 42259
last-modified: Thu, 18 May 2023 10:04:49 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465f841-a513"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oEIswx1P0PhSZoQp7Hq2eWPNmLoa%2BDpRqr2mg3RV60pCJgtjKT1hGHroFNM5eEHOWjcQBNQSzTSCbCLDb5o9yzUJXrxCgqfz0byehKYdogsejSNGuseUa0tfsMFf5yONv1zYdb1L3h5X6TPgAeg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806ba21c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/krepsiai/peciu-krepsiai/Nine_West_zetta_ma_as_pe_i_krep_ys_P8VL2790_ruda_juoda.jpg

104.21.35.159

200 OK

30 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/krepsiai/peciu-krepsiai/Nine_West_zetta_ma_as_pe_i_krep_ys_P8VL2790_ruda_juoda.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
30 kB (30026 bytes)
Hash
bfcf634252661bf419167700160b3f87
1b629b45c20369d761279be6336eaf57d3815216
5d86d15e63acc9484164403d6d94b0922ef4cd3b876a8de02c990ed0ebd59908

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/krepsiai/peciu-krepsiai/Nine_West_zetta_ma_as_pe_i_krep_ys_P8VL2790_ruda_juoda.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 30026
last-modified: Thu, 18 May 2023 10:04:29 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465f82d-754a"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UNggo8sj3U2X7yPxia68ynaPXbaTZT494nE6ED0EOfDPu42S1bobm8csL9EAdWG8CJMEq7SrPL1tnODSBujX1yet0la7xFh%2BQzf%2BqlD6B7KQTeCwdHouKu7zj5G8TJaNebo%2BlWAJk2nLWp5a7uc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806ba31c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_cyra_s_ra_o_kuprin_P8VL2794.jpg

104.21.35.159

200 OK

32 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_cyra_s_ra_o_kuprin_P8VL2794.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
32 kB (31751 bytes)
Hash
54dac31c613f10589f9d9e4fbc6c1421
d3d327bbf6a94ca89c369862cf72eb2c84d9f520
f3af936b511f3e2041a772abdce70b9088918fd688d2c38fcdff899c4ac32095

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_cyra_s_ra_o_kuprin_P8VL2794.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 31751
last-modified: Thu, 18 May 2023 10:04:40 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465f838-7c07"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7VOsfqtl%2FEzjFHld0FHL9zVVAlFcRWoBHItDQPGb0vQf1C%2BurAH6ihe4ofzUCqWXovVVbvvgg4vUwszKsAFO%2FmFyBU3mOU0YczUXFc3yLzttB0t1MB%2FE%2BZHGFn7Ac6VvnbCNGWyWcdS3RqZUSIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806ba41c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_dinah_dygsniuotas_kuprinys_P8VL2795.jpg

104.21.35.159

200 OK

23 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_dinah_dygsniuotas_kuprinys_P8VL2795.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
23 kB (23268 bytes)
Hash
14ebf1239732b482af8279fda13d5824
2ccdaedcd53fbfe68e7d8cdbd7677ef3baec5b26
306d6f1cbbdfcd1f3eb80a3850293c75d9581a60e209b3456f3b53cac44e4da1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_dinah_dygsniuotas_kuprinys_P8VL2795.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 23268
last-modified: Thu, 18 May 2023 10:04:43 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465f83b-5ae4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTlq3%2FGb%2FG7hSpGgH0yYRz7Ppnhqu0m5926voQbeQ4CDHquUiJE9HBYR7%2BCPNfvWN6vMbjeyZjhC20PwfierLBk%2FPcFrVXCrMlxXJu9SQy2p%2FeOrffX8BIR7pZ37rfEPA2VYoc2F4eJzbcVYH9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806ba61c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_irina_valkata_P8VL2793_sm_lio_spalvos_logotipas_pienas.jpg

104.21.35.159

200 OK

35 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_irina_valkata_P8VL2793_sm_lio_spalvos_logotipas_pienas.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
35 kB (35259 bytes)
Hash
3233a8f62fbf4083016cb1cd07f7f6ca
c9adc5ef89c91250ac8b3f790630378dfa4ddf4b
616a674f3cab53b38935c575b4e6b107ad634036864a2013ed9a6ae965e860bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_irina_valkata_P8VL2793_sm_lio_spalvos_logotipas_pienas.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 35259
last-modified: Thu, 18 May 2023 10:04:37 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465f835-89bb"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYxXiWUdaPEiCAwcV9UF21dEYMsGzHhwiaYc4LBJ1NGxpcnwOnmA3OlPgfAAt1gnNoOaQXmKYzg4oRyrjmZQ7w7wkXkFVRanoaR6DBgE7g35GgnA2yY8lY2RWy%2BuQnX%2BCYS2jFM%2ByAKj7naDyfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806ba71c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner1.jpg

104.21.35.159

200 OK

26 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner1.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 428x428, components 3
Size
26 kB (25864 bytes)
Hash
536b460a52e1260c184cdb09f3e474c3
7522fbba880b0c520be37d85782c3ca752f4fa2a
c70ea24c9e01cc0bf5a5b1bdc0c749a20f4bd54489eff590db096fe92a586f92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/slide-banner1.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 25864
last-modified: Fri, 26 May 2023 06:54:52 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057bc-6508"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPI5rWrrkLNazPkFo36pTMnBYJdL%2Fid3ib0Jh5PPRZ4%2Bf912B1IuvI79ZORPye4E0D9ZY1SRZBn4DJn13CyF%2F82WrJJAjl3MLVGU2cOxNY22ClyCEQR%2BZSXxohh7nnAR2RjUcJF%2FKt1%2FWeFcocY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445807baf1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/krepsiai/peciu-krepsiai/Nine_West_rhea_mini_pe_i_krep_ys_P8VL2791.jpg

104.21.35.159

200 OK

40 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/krepsiai/peciu-krepsiai/Nine_West_rhea_mini_pe_i_krep_ys_P8VL2791.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
40 kB (39773 bytes)
Hash
3fbf1f3446aec6e547182a53fb68880a
599fe0092b671a90b5f7da457cb90b828c6e64af
7eb8340126dc8fba364fc0dcde6164c474cd94f948b5253fe16e274118649405

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/krepsiai/peciu-krepsiai/Nine_West_rhea_mini_pe_i_krep_ys_P8VL2791.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 39773
last-modified: Thu, 18 May 2023 10:04:31 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465f82f-9b5d"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpNGzRDnNQoWJ6etNuswrG1vFBLRt43wc2uQ0l1teaUw%2BFnl9lDSkFmOtvJpu28r9NByyxWDiixjXLRdyR2yhKEPO5WxzNKmc4tWmtYbMT9hGa34xdJJ6YMeySjKHrGExS7mz34BDyQP6VQoFPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806bab1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner2.jpg

104.21.35.159

200 OK

24 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner2.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 428x428, components 3
Size
24 kB (23744 bytes)
Hash
a91e1390b3e3589d288f137051461363
a4a501ce4df7e1f66913c72c367668ba33c737b0
d74b34ea121e81088d7fd76cbda01eead727febd34bf4c7ab425f7483e518c4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/slide-banner2.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 23744
last-modified: Fri, 26 May 2023 06:54:52 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057bc-5cc0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7t%2BXJ105sLV0ZxlYsvGrMZpZwceOzXKQol2kGod9Tzu%2B3M%2Box%2BBq77SVf%2B2zKTMr6xk9unGYc2z9USoHx7aev4B1q6HjOqYkrtu2CLMlJax8btW0OQF%2BiIlVf2zBqjtXGJXMSKyXT5WgmJWyKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445807bb01c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner3.jpg

104.21.35.159

200 OK

18 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner3.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 428x428, components 3
Size
18 kB (17973 bytes)
Hash
418d32240633742f169ace7848f96c11
d315926bb9d8b92bc87d7f0e2e074f31036b8b73
692bee3dcecd17855a6b02b51e003d6bbf234e049b1562540973b06d94acc8d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/slide-banner3.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 17973
last-modified: Fri, 26 May 2023 06:54:54 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057be-4635"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IimbRrf2wKCL7VOCerLuBfjGHQPRysweOQUW0Ldu%2BC4DpYxp9m1h4YAeZ2WFb4YFwm6vsHivZatgKtejJKdv962iO%2FJvhwMzPAQBAhhJdakzYWeORn4%2BoLO7VLmkvjhJletITTfMMBL4bLpY1N4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445807bb21c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner7.jpg

104.21.35.159

200 OK

23 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner7.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 428x428, components 3
Size
23 kB (22729 bytes)
Hash
4308f09a9f453193657e62747f4bf29d
ce0bc2a3abb31132297dee9d1473a7cb50358e27
223e5fa746470dfa695aaf80a279c036b656a336e27a2422de27ab6928082d94

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/slide-banner7.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 22729
last-modified: Fri, 26 May 2023 06:54:57 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057c1-58c9"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qVQIC40NNRbDXUH6kYP3sfcwurjYaXi9rfNk6xIRt7djvbUvdnLczLMXJp%2BMAGJSPOiRekgN9CZDAfZL4v1Ylg7j5pNVjpUJJ7J%2BI4J0ABlVCVZbTwGntOiSkLyPbWjYUURTQXEJMr4KZ7K53dc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445808bb41c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner8.jpg

104.21.35.159

200 OK

20 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/slide-banner8.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 428x428, components 3
Size
20 kB (19694 bytes)
Hash
6ca7188980618bbc8071296c3472f4c8
99311aed6604a75cc5672cdffc2b2e00e316bf09
d9b1318f3fa278175d55bb58850bc847c673e544ca9bda623fff42c4f93579ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/slide-banner8.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 19694
last-modified: Fri, 26 May 2023 06:54:57 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057c1-4cee"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nb2e3fMB2lvVh%2BXM46ERhD4DFnN5sxS1LagRLcYm1GpzHN7%2F4mlN7mmWHT%2FCQ6A3IMpSwPMTJQyKkmuYN112BuoFKE8g6WQlK8QyAG%2BzMgOW7N2gJbrUBRaStwgjeYH6F%2B3pyLjjkmVwtyckV60%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445808bb51c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/stropu/Nine_West_ildomi_smail_s_pir_tai_su_kulnais_P8VL1249.jpg

104.21.35.159

200 OK

18 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/stropu/Nine_West_ildomi_smail_s_pir_tai_su_kulnais_P8VL1249.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
18 kB (18023 bytes)
Hash
b7c4f1e95c0107f2d2774b11e3edd67b
623a1e3510257bc89efee9d115410384e8bba5a2
d0152ed96b7ef8c9630133d913e9fc1b2900b9d569898ac1c7446c5476d57110

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/stropu/Nine_West_ildomi_smail_s_pir_tai_su_kulnais_P8VL1249.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: image/jpeg
content-length: 18023
last-modified: Thu, 18 May 2023 08:46:45 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e5f5-4667"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzS%2FPz%2BzAPiy4oiK0D6A0KKRVIgXKpBazao%2FqpPsPQgusz8Sb%2BnPfzOfkMK4iUHNrbggQEyBKTFpabq6eVxXf3svS1%2Bw1LcrFLQRbF8z5lzJqor5yCbGNTYPXUfo2zGidec8iZV3Qi7FX2AL9xo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445808bba1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1257_neonin_s_ro_in_s_spalvos.jpg

104.21.35.159

200 OK

17 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1257_neonin_s_ro_in_s_spalvos.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
17 kB (16750 bytes)
Hash
dcf4d8a805b37c52a4570f3e818fa650
32a87b1a623b7556007222f8d7e8574522e26d3c
411aec8a755ce9b1f8239bb69a26f3b72da98ddc23ae7ca879fa8873d18be8e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1257_neonin_s_ro_in_s_spalvos.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 16750
last-modified: Thu, 18 May 2023 08:47:10 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e60e-416e"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVMfIp6R9lW2L6csIH89MUUfD%2FHOYmN4dG6066mEiTL%2BioBZ3LSfEAuxCv%2F49vWO9WC%2BQQz1zIFEbRy0l7EbAMXEFFOkbu3eySbAuhfztvAVNmEDtrYtTDpzJoxEO1H7zKlKsAshISJubBAPGIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445808bbe1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_vie_i_smail_s_koj_pir_tai_P8VL1254_m_lynas_ombre_patentas.jpg

104.21.35.159

200 OK

16 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_vie_i_smail_s_koj_pir_tai_P8VL1254_m_lynas_ombre_patentas.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
16 kB (15861 bytes)
Hash
dded73c76ef559710480ce36e96a42c2
3600f88a48fa9c348250a1d9a5580959cd064624
cd1277d4799ed9739e95aaaea85df32b93a6b970c8eb0237f84ee322df74d2d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/aukstakulniai/Nine_West_vie_i_smail_s_koj_pir_tai_P8VL1254_m_lynas_ombre_patentas.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 15861
last-modified: Thu, 18 May 2023 08:47:00 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e604-3df5"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASx2NjAn7CDPWe7CRzOZs1tMAUYx0MVp8X4xGi16mIdjxF68zkQjOjBjL6ZwgZ1g41tbluQxUU9TmlsTs5wM6b74y%2FYMOkC%2FhcNd158qmzOsLvAcjdo8bYu6EpeOIRrT3jt8WGUcF4Yda1DV4EE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445809bbf1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_Shayden_reaktyvinio_rinkinio_kuprin_P8VL2798_lazdyno_g_li.jpg

104.21.35.159

200 OK

51 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_Shayden_reaktyvinio_rinkinio_kuprin_P8VL2798_lazdyno_g_li.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
51 kB (51366 bytes)
Hash
83750d6b9749f1e3b5d7df80007520a2
babfa14cf96c80b1ed0e34852f35b0b487016f00
63203ce6913fe2850a61552d8ae1b6706b73933ac5f9473c7e966811ef05f391

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_Shayden_reaktyvinio_rinkinio_kuprin_P8VL2798_lazdyno_g_li.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 51366
last-modified: Thu, 18 May 2023 10:04:51 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465f843-c8a6"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6aDH9Krp%2BFeov%2FCirdAvhihkP2mXYaim687FV%2BUimvYK8oAUYu2nLjXXbrFwKYhnubUMo8SlIIlbMqCP57Q1aJwSHcIE2VLHRA9gMDgJM1R1GEMSEqrqOeN7lN2CQBdYGlUnWAzIiGCXvlfZcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806ba81c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_brooklyn_reaktyvinio_rinkinio_kuprin_P8VL2796_ruda_juoda.jpg

104.21.35.159

200 OK

50 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_brooklyn_reaktyvinio_rinkinio_kuprin_P8VL2796_ruda_juoda.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
50 kB (50340 bytes)
Hash
5fa4ceda7ec832bd050952237c31d564
9e95a39613938dddfa07a8f4bf12f8dfb7ac43d8
da4821e59614b0fc1b71348f5de7fdcd7c54debda60a730e97af37a91b5b96cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/krepsiai/rankines/lagaminu-krepsiai/Nine_West_brooklyn_reaktyvinio_rinkinio_kuprin_P8VL2796_ruda_juoda.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 50340
last-modified: Thu, 18 May 2023 10:04:46 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465f83e-c4a4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADzCTEFjeJ%2F48KHymbSinpd49W1%2FjVJXEogbcJqEK7fAw4uPTOcIfYg%2BzQAKGkpkDp2DwErIypNxNVfLl3RtKa2SI%2F0pFHAb4cM070KIcvzDUNt4LpCo%2BOu796dFU%2FjeVIQkei%2Bu4WcuPQqb0oQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806ba91c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner1d.jpg

104.21.35.159

200 OK

56 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner1d.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1440x120, components 3
Size
56 kB (56029 bytes)
Hash
81cfea5d962bbab1d3599fd791db8b10
9cb2ea0166579ccf0c603e0d4715693e019b2d2c
df9443ed5b5e5aeb19357fffb06f25789c117bd0bf8611ac885c3f7a901f0a64

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/banner1d.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 56029
last-modified: Fri, 26 May 2023 06:54:43 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057b3-dadd"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aYRtjNtmr6CWimDMAHQOXqwjq4U023Y%2FaoDe4kHcH08hgEfI2WLhwLCENPhoZ8b8eUtEVwap5i5Xi1NVCBJo0nYvZcOCFHZjsx5dlZSps%2FrOjzFJToMsOhV7zBs0KyDBjRVe0GhVWqS9nf%2BptnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445806bac1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/stropu/Nine_West_ildomi_smail_s_pir_tai_su_kulnais_P8VL1250.jpg

104.21.35.159

200 OK

17 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/stropu/Nine_West_ildomi_smail_s_pir_tai_su_kulnais_P8VL1250.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
17 kB (16895 bytes)
Hash
93799f6e9d4e3e4a0d09271ff104ca86
3927372d776b4c03f20bdac00db09a5f520d2ac0
f8e48e8af30b2bc99aa040182e299001806c8872cdef606e86958552463b3be8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/stropu/Nine_West_ildomi_smail_s_pir_tai_su_kulnais_P8VL1250.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 16895
last-modified: Thu, 18 May 2023 08:46:48 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e5f8-41ff"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fgvf9%2BE71bRnGJRLdM%2Bt0w2PjNjYQE8JNNClLt5dHQRVAZI1vBR3GL6Y5UsSoM8Vx48H9VrushC%2FeuVBaMDuCqJIcXboyPvXDMaJ3gmXsCMysZmguPiqSVG9akuaXhQv%2Bj5uP70voBo7jOlSrJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445809bc01c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/viduriniai-kulniukai/Nine_West_hippa_smail_s_koj_pir_tai_P8VL1251.jpg

104.21.35.159

200 OK

16 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/viduriniai-kulniukai/Nine_West_hippa_smail_s_koj_pir_tai_P8VL1251.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
16 kB (16350 bytes)
Hash
04a840ae45d148e2f58fe3729c1641ff
a01003fc5502cfb5f659ed8dc7378ffcea9461ef
5eca05b2539d261e23a37853a75b9aae582231f90e949ec32effdb65d9240574

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/viduriniai-kulniukai/Nine_West_hippa_smail_s_koj_pir_tai_P8VL1251.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 16350
last-modified: Thu, 18 May 2023 08:46:51 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e5fb-3fde"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSi9Tp7DRg8NebsMPUHSk%2FG%2BZil5pmrpscD5%2BLXYZv6ulPICGsTjFQeD9IOxQwBVFj0PfbM4TVxEcFoOT4fuJsLG2mmFO%2FUouagUTxdxxEdBFoJQl0JaPPdJSJyRcGSl3cgXJcfMy%2BM4If6Ky6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580abc61c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_vie_i_smail_s_koj_pir_tai_P8VL1253_violetinis_ombre_patentas.jpg

104.21.35.159

200 OK

20 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_vie_i_smail_s_koj_pir_tai_P8VL1253_violetinis_ombre_patentas.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
20 kB (20114 bytes)
Hash
e7d2571f5a181778f1fec7ba69176e55
ad9efb9e8f8eb602b2490038f5c33213dcb126ce
56b94ea3cfdaf8e81b4bedd57a479c54af0d0b3ce74d94e79374b60de0dbf6c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/aukstakulniai/Nine_West_vie_i_smail_s_koj_pir_tai_P8VL1253_violetinis_ombre_patentas.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 20114
last-modified: Thu, 18 May 2023 08:46:57 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e601-4e92"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSWR5ITmoxihRTtDOwlRKF3oouoFm4dsga9mGiR6vus4rn8lbdZyPXuR1R6ahQcTwmXTYqgUAOYB1Z%2F5LeXKtcyqPd181tocslXqn%2FrQSPoWlI0aolYPbAaAHAVgZgeXLGNN3Z%2BAsEqo%2BZ%2FHkw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580abc91c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1255_atogr_g_li.jpg

104.21.35.159

200 OK

30 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1255_atogr_g_li.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
30 kB (30147 bytes)
Hash
30a9a038a60eb0eee31154a4f026b8e6
9512f109677c12a2975b3a44a2c90cb34a93e391
5d727a44a5a218ff638ddc9ff7f1b3ed2d6df6b189c322addc5facbeb093235a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1255_atogr_g_li.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 30147
last-modified: Thu, 18 May 2023 08:47:04 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e608-75c3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SftuNoZThsFBTrscJB%2FJWV6thk7ibd4ni8nTpWfJd2BxZvdCDh699I3RdoFdMYrdNQmnhTtkqlSNBFy%2FNJ5vRkpit5k%2B11gZFqHGkYaX%2BSM8wQUYFIgrAaVh%2FgD3nIzjglUp7%2BrJt%2FDgCoG2UzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580abcd1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/stropu/Nine_West_ildomi_smail_s_pir_tai_su_kulnais_P8VL1248.jpg

104.21.35.159

200 OK

22 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/stropu/Nine_West_ildomi_smail_s_pir_tai_su_kulnais_P8VL1248.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
22 kB (22139 bytes)
Hash
5126024b49a24753aaa54e2cf46374e4
0c8e7b76a587c36029a3335e936a7c78d88e3e41
9c3ab59508a41ee1fcb534287d6206d730680de5689a762f018b92b323f15cbe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/stropu/Nine_West_ildomi_smail_s_pir_tai_su_kulnais_P8VL1248.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 22139
last-modified: Thu, 18 May 2023 08:46:42 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e5f2-567b"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7TSxkgN9h8GPazjPbrt1NkETE%2FdPMaxb8vUpOTXAw1%2Fi11l%2F3AMshwuVZZ%2FG2mh2SgieSEXt985wCWiIxVz5PM2fOWsjtvo5Srx4Fmbsxv9WCAZFA9M8l2lkoW5Bw3e%2Fm23bB7Xdi61B2a5VNW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580bbd01c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1256_tobula_oran_in.jpg

104.21.35.159

200 OK

17 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1256_tobula_oran_in.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
17 kB (16712 bytes)
Hash
463a29a98615139d1ed87dfbf18b8ebb
dbb17a2a1adf3d347b551f307444d5a48e5e284a
54607fbbecd238535390806fe63e88c04e08e03a4ced4a8e41c2226fe874ad2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1256_tobula_oran_in.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 16712
last-modified: Thu, 18 May 2023 08:47:07 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e60b-4148"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckbT8tBUoiglLzwRzn5RrcuB9X0ob26DqEtIwrGi5IaseIe5xptY6%2BhH2PbfDYLrGgeUVpNTlaw7ArmUCG5VMKYPU1pH04ZwdVX10W1HCOB77RWEfpYOWo57DUn%2FsNf9BbbYwKySVrOkSuP2sLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580bbd11c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/subject1.jpg

104.21.35.159

200 OK

89 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/subject1.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 720x550, components 3
Size
89 kB (89194 bytes)
Hash
7f6b2e0a524e772af3a8c8ee8386f5ff
4f3002d9951df45a5d18b3e7fc1a721f272b6258
cf42569c681bb12c06cf87cb51cd1272794af93b3804ddf5ee518410e4fd727a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/subject1.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 89194
last-modified: Fri, 26 May 2023 06:54:59 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057c3-15c6a"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ykdZRCzL4p1haAGaGKYpGcZRKg1N%2F8tAKsVwD%2BIc6BI%2BLDIlhccTZk1D6nexSGx%2Bys0mEpx3ddsFIQ1h0gnbCA33Dx5mSk0Wau0TAeWUKQFzpOSam72ajKObYGpsGbVmj6qQSifYRedOgSh5wa0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580bbd51c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/viduriniai-kulniukai/Nine_West_ezra_smail_s_koj_pir_tai_P8VL1247.jpg

104.21.35.159

200 OK

27 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/viduriniai-kulniukai/Nine_West_ezra_smail_s_koj_pir_tai_P8VL1247.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
27 kB (27019 bytes)
Hash
8f2b9e38fb1455a869fb5769806b6159
f0be0522a4330e72b975edf4094816f6847b364b
5ae50cd9f7e61177a1cf574781e46bcbe153f7f598193854f86cf0678eeb53a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/viduriniai-kulniukai/Nine_West_ezra_smail_s_koj_pir_tai_P8VL1247.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 27019
last-modified: Thu, 18 May 2023 08:46:39 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e5ef-698b"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mG0GpK7qGms1Yo5VaVWocCYjfMtGXqIHMzNk9%2FtksHFXv%2FHPU4CJReIJIHfMpNGf7X1rtFhLMmQX1fW5guR%2FudARfEdcRaT6hg8LbR66FvQitlbklV2Q6xrLUbyYSe7gQrGrVrIUcnXt39FkCGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445809bc21c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1258_k_dikio_m_lyna.jpg

104.21.35.159

200 OK

17 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1258_k_dikio_m_lyna.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 669x669, components 3
Size
17 kB (16649 bytes)
Hash
ceb3fccf517b921b34e149c96e63c605
7ded1ff81ba33439cba4a40d5f03811e97655605
0d33d09136257c682f1925249ee689529072af70d3c6721095f637df1ff60759

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/avalyne/kulniukai/aukstakulniai/Nine_West_Tatiana_smaili_koj_pir_t_pompos_P8VL1258_k_dikio_m_lyna.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 16649
last-modified: Thu, 18 May 2023 08:47:13 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "6465e611-4109"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Baw6iqNmOLkmbWdG4L58bjXq3OubP9%2FrH0xuAcjYNNvJc73FC9ostS1HgFlPUiw5jH8QgRp7qsUNTwooC7nv4Jzr7j0uCun7XBKOixG%2F6ChMLlstF6s1Ds8VWYX%2B0yytCr7eJaRz2jvysf6%2BXEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445809bc51c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner3d.jpg

104.21.35.159

200 OK

52 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner3d.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 720x550, components 3
Size
52 kB (51678 bytes)
Hash
919360b39f95c37e35230c08917878c2
9ed6a1c91c9191299cafa4ad343de31e0ab10674
460fb93e1592296f944f2770fd52ba6f489f51ed838af1172b1b5079a235267e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/banner3d.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 51678
last-modified: Fri, 26 May 2023 06:54:45 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057b5-c9de"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSoUniRUSGjArI2Vyxf1hAnxJSHRdWEUYR4U1LVdyaiZrNNODgLcONDhvACpv%2BsSBLbLwPgLrx97uQcSYord%2Fi4JYLX6ePpKWClexLEz5m%2B9MDF6KieGYpu7Y1oTynps1CvDWVze7gO2qEY8TfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580cbde1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/subject2.jpg

104.21.35.159

200 OK

56 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/subject2.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 720x550, components 3
Size
56 kB (56489 bytes)
Hash
3e497779f1d99e29c16421994d374ea5
f4ad77de5cf068703305af57a85b01c0f56d4916
9227b2fe1f6ebdabed8673c4f77221fac4f9d0693bfbfb2f9df7e6c0f6000608

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/subject2.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 56489
last-modified: Fri, 26 May 2023 06:55:00 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057c4-dca9"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGXUiywdJc3kMFvorrCjSi9VWvWh6LeY370AGZ3UW89SPKgFPGxdNxcY8%2FsPww6eKqoEFKEFiCJMa9%2FtGxoZv34pG12zrRtq%2BWmUduBQ%2FUjJXyeNeEPTmD5jQEkLv%2BhjkhmHNMB4SXVA5KS7iCk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580cbda1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner2d.jpg

104.21.35.159

200 OK

55 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner2d.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 720x550, components 3
Size
55 kB (54806 bytes)
Hash
90cae1b6d5135f7c121d2ebe89f6a9d9
7dfdcae63cccf155af64717f79e2877a9e155022
1a55c17f57a017cb446c426fd8af0fc93396049f4b50fc20988131d013260d97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/banner2d.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 54806
last-modified: Fri, 26 May 2023 06:54:45 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057b5-d616"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vLtKuiuE2%2FS6rJsGdhROgfdD4OHZb4VC5xR9xSFjqp%2FO38m331pG%2BM4hsaCbLgMcGMjTVL8Xf8rQxGYlUKzsKpwZX6HcNijba7mosqLXIBeJOEw78Np83kR5KSaPMt%2Fvgaz9%2FKjTTUdGrVzyOI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580cbdc1c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner4d.jpg

104.21.35.159

200 OK

58 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner4d.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 720x550, components 3
Size
58 kB (58482 bytes)
Hash
df5637d267f85b56370b3ef432b55e25
c9a18fcce82b74d3cd1efcaf03ab4197f8b05a04
e3186fd0441319b8fc1aedd5b6baf6b109ee2293623febb1b8f345b56012e78e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/banner4d.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 58482
last-modified: Fri, 26 May 2023 06:54:47 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057b7-e472"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FjHt5obJt8eJup45SVzJSwQUTI8FLRta3xOAMmCf6PXHKU3drsQMSbdKuEc9dqklGxaEznMOzwuNzEm%2BuywBXCv%2FAJ%2BGdifdIM6arAYram9%2FlwjBINU6wXNxEgugCwaTARBQENNSYdEkuQfm%2BPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580cbe31c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner5d.jpg

104.21.35.159

200 OK

39 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/ninewest/banner5d.jpg
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 720x550, components 3
Size
39 kB (38886 bytes)
Hash
f543889163ee28999032afb1e8e0a4c5
dc90c9316d12784d8211d5547b7d931180b84093
ae41faa2d596c8e59ee55d82f608a9f8e4b533f26952c1797072b3e917deab67

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/ninewest/banner5d.jpg HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/jpeg
content-length: 38886
last-modified: Fri, 26 May 2023 06:54:47 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Tue, 04 Jun 2024 22:40:19 GMT
etag: "647057b7-97e6"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oKCx1cULT6Lkz7bh78rNLp0CbD361THXMXKVPU4onXKo2TzDUuJqEz09Q1D9y2kaik0zVoOc0Ly8RBL3UucgizpjGzEE8qxZjaUi%2BQ55DJc3YELF%2B%2FPvraEzMepzEGIniCeqLnVYHlVHD3GZT98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580dbe61c06-OSL
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/images/payment.png

104.21.35.159

200 OK

6.2 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/images/payment.png
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
PNG image data, 248 x 26, 8-bit/color RGBA, non-interlaced
Size
6.2 kB (6248 bytes)
Hash
1fb5f66cada185d72ccefaeb9e9a2963
584108601272e3ed07abe10b4c3ca2f6b200d552
ef645db0e0a9a267fda954e584782b888929b2827548ecaef07600656022535b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/payment.png HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/png
content-length: 6248
last-modified: Thu, 09 Jun 2022 11:19:36 GMT
cache-control: public, max-age=864000, must-revalidate
etag: "62a1d748-1868"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRduYFZyVfyTMh4qVmx5ls4f8ZVKMuury%2BkVWq1mbE%2BbSdIiyNFJczMsW1V1ow5Qf7LxS0h8xxDds%2BqIbSaXRUz0JP0eLfDMLEqZWsvMqr5%2FlXxaAoafuh8TtMcOHGXUA0M0XYD7GCPuUVfSOuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f44580dbe71c06-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

142.250.74.106

200 OK

1.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.4 kB (1351 bytes)
Hash
137668f39809674f4676a78842704a60
bfd95bdbc16317c9619cb546d8ae6319ecebba75
7d8695b0629bc8d233f1735903d4935cd569772da51df361dcb5f4717359b2b6

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ninewestoutletshoes.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:57:12 GMT
expires: Fri, 02 May 2025 19:57:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 269406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2

216.58.207.227

200 OK

5.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5552, version 1.0
Size
5.6 kB (5552 bytes)
Hash
aa42a9a3d4fc9951ed37945ff1af85dc
6cd63d09cc1f526aba20b654ef5b55f8104586c6
a526dac26fcc645d428764b07fd6ae2ad3399129b75c22c8e149278157291189

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ninewestoutletshoes.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 21:19:27 GMT
expires: Fri, 02 May 2025 21:19:27 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:51 GMT
content-type: font/woff2
age: 264471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ninewestoutletshoes.com/

188.114.96.1

301 Moved Permanently

35 kB

URL User Request GET HTTP/2
ninewestoutletshoes.com/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
data
Size
35 kB (35367 bytes)
Hash
24b1140a6838554d17feb1b9b0073e95
1f675202f27faecdac46f932b99d6d9e2ad24302
c6c9544ba2a551966e193aa545ccdf55ab2a13549615a67ce46314f67803319b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sun, 05 May 2024 22:47:16 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.ninewestoutletshoes.com/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GelGG78vjSsf982PtN8PlfKkUMQxUsR8r6m%2FotI5kMq5uW923fJyV3KubRSAzSE3aMAf6VL51zIpU5czgXJ3kSUX84OUfkhBTLx5n7x84tgg1%2FtlsfR0%2FtHVKMLcqBJlSmNEEiUVtSZwpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f4457a0ebf0b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2

216.58.207.227

200 OK

5.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5416, version 1.0
Size
5.4 kB (5416 bytes)
Hash
89f0a93e3f008df326f17851c3678b24
346dde41c9643798b94cf0a16ab54278cd71cdfe
75cd1c2bbd47db72c1a7a720e764c7672a95bdae7033c570d549ac88c9add234

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ninewestoutletshoes.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5416
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:46 GMT
expires: Sun, 04 May 2025 09:28:46 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:01:13 GMT
content-type: font/woff2
age: 134312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

8.2 kB

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
8.2 kB (8156 bytes)
Hash
7ce66d86ed3538143c1282bcfbf1e7a3
baa2319bc9e2d70c6cf239e8974fc8f1a8405c09
ba19f28be4f167ee7963fd7d2e69388c058f6609dc3698bae26ce1fc65287089

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:17 GMT
date: Sun, 05 May 2024 22:47:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ninewestoutletshoes.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Apr 2024 03:25:26 GMT
expires: Wed, 30 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 501712
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/fonts/annimex-icons.ttf?teavmy

104.21.35.159

200 OK

141 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/fonts/annimex-icons.ttf?teavmy
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, adorn-icons
Size
141 kB (140608 bytes)
Hash
7d3c0284348a1f07b4cd6ff41354551b
6ff4eb286a7b3c980866382a40dd9279c99cb9cd
924025d175bc0292a137b2b46a4ee48e77c8618c3ea19e44214b6abf30f16005

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/fonts/annimex-icons.ttf?teavmy HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/css/style_plugins.css
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: application/x-font-ttf
content-length: 140608
last-modified: Fri, 26 May 2023 06:51:41 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Sun, 05 May 2024 22:45:19 GMT
etag: "647056fd-22540"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sf6vX8tsT9qWAnI0zNY46RKNgkziwKEcsQjIKUc2duhNiDCDSfmYWrFHiPwsaBsKR3%2BrUONYv4lGlG5714%2F0TEOeMnA9f1h3YAocCRb1XJ1vCBMuYc65E2Xmrihu3JAhKLmqru93jliUmjolDLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445836cfc1c06-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

6.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
6.8 kB (6848 bytes)
Hash
655c6d7c624cbdea390ee4ca28079cd0
471c0431ebb5f6e3a0b3170e2b5d9bce6c84df02
58f83f4b92d86c7c924d1180f9dd126f0a22ab35ec93f1e68923c4a9075b37df

HTTP Headers

GET /css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/css/style_plugins.css

104.21.35.159

200 OK

221 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/css/style_plugins.css
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type

Size
221 kB (220793 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/css/style_plugins.css HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 06:51:31 GMT
vary: Accept-Encoding
cache-control: max-age=14400
expires: Sun, 05 May 2024 23:40:19 GMT
etag: W/"647056f3-35e79"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQ%2F%2BMH0bKxq%2Bwvqpjk2ESyUQkWqgYb2%2BduNrB%2F%2BEFW%2FLf8WlgoW12oNDGNk0gheukXBREM8F%2FEMacL41n1xj1un8fCMbecsfrP2DOCwmCipbJnk4BRMAqS3VK8XnTUuuE8pSiavh6MDDnykQHoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f445805b981c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/css/stylesheet.css

104.21.35.159

200 OK

61 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/css/stylesheet.css
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
ASCII text, with very long lines (349)
Size
61 kB (60672 bytes)
Hash
f8c9f0085816da20bf05deab9f6effad
25c2d3a72c17707cda20c9104e564df838a70aa7
e3ec30cc203601997ca37a9c0a912e998677ff4b8ccbd5d9eabd90b226d4c3df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/css/stylesheet.css HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 06:51:29 GMT
vary: Accept-Encoding
cache-control: max-age=14400
expires: Sun, 05 May 2024 23:40:19 GMT
etag: W/"647056f1-ed00"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yl0nEymie1zsGsCpcEFviOZVukPlwxYBea%2FdBRlUt4g7JgcsIyX%2FkyehiUjftL8e09etB4v6IFSHis75dr5wxiSVq8%2BDPEKCx0chUAeu0Y8OvR4AdnwuNPFqfI3QnpgcRlFBnKEVwcA8zqjcVMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f445805b9b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Staatliches&display=swap

142.250.74.106

200 OK

808 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Staatliches&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (826), with no line terminators
Size
808 B (808 bytes)
Hash
da420df8479f8779cde5fc034d4cc67b
40e95fcf89bfd02023345af67b83dd45543c29d9
21c8c585a8724114950fa78cb426dd7ff797cab8c34cb44231ea087c6c515d61

HTTP Headers

GET /css2?family=Staatliches&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ninewestoutletshoes.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:08 GMT
expires: Fri, 02 May 2025 01:53:08 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 334450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2

216.58.207.227

200 OK

5.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5400, version 1.0
Size
5.4 kB (5400 bytes)
Hash
08561ea67d7f08581c541eb12bfccca1
385c9e8a34c6c5113747113395589101260ac7e9
3d52320b7513a9e20df42e02b61709b91a5c2c2a25708225c664eb4639f3b0fd

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ninewestoutletshoes.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 17:32:06 GMT
expires: Fri, 02 May 2025 17:32:06 GMT
cache-control: public, max-age=31536000
age: 278112
last-modified: Fri, 22 Mar 2024 00:01:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

9.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (9708), with no line terminators
Size
9.5 kB (9492 bytes)
Hash
cbb724e5f0c70cc680b0a3cf208a602e
7bb23f4e0d2a2306ce2a8c44b5c29778235d4580
533e25ed8b776dfe43e6cfb857fa5feee61b4e554dead3ec80cbaf2afa928d21

HTTP Headers

GET /css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

5.0 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (5076), with no line terminators
Size
5.0 kB (4968 bytes)
Hash
48d4822accd8873d2852967645115cef
1b20048c205fa24b4fff0afa458ee1fa2c45612f
27b1f874ce4c14645ec6df13bdf94d9a3381db78c5e4720903dd20d0e4bbc0b7

HTTP Headers

GET /css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap

142.250.74.106

200 OK

2.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2310), with no line terminators
Size
2.3 kB (2256 bytes)
Hash
5cf712cf2b0969e17db3030c359175fe
a6bd8bc94377508e45d8b0708c67057efd7ec40d
2590d0359a53a2ba40a5f4074121465e36893f365cf2a67f7c803249cbad479e

HTTP Headers

GET /css2?family=Glegoo:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.ninewestoutletshoes.com/

104.21.35.159

200 OK

70 kB

URL User Request GET HTTP/2
www.ninewestoutletshoes.com/
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type

Size
70 kB (70041 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=p8fkrgn29007b56bgjjjdu601a; path=/; domain=.www.ninewestoutletshoes.com; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4Kcv6QThY7tEXufJvyYcWDh7uCs1sJzcQbAf9wsIr1L3sfEpkB5rdpQ8hhiqjGG8%2FeDq1%2BCS4y3Grq6e%2FPB%2BwHYgLGRPJGZOlZk4XpcMbVaQj7qgqpsL41naV5fPfLlI9%2Bjf7A7sjP0iHhsbFU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f4457b4a9656cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

4.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (4884), with no line terminators
Size
4.8 kB (4776 bytes)
Hash
b600e1e7a6306ebd12e31c84c6e1f1e1
f60eb78fc60e2436151e80ef892f5058a4fdf874
bf93d7866220f1f029dbd4d40e9c34c92f92b6ccc5cdd2fe091e2518941cb663

HTTP Headers

GET /css2?family=Quicksand:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap

142.250.74.106

200 OK

16 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
16 kB (15598 bytes)
Hash
56e4df90a29f863f6faa6ccb7567e401
9f3f0306cb0054763e377c6f456890e33f546cd9
165c919c26eb19e053a7cf522566f7cfa686a2782e252b7cd39e15e5d8b4bf15

HTTP Headers

GET /css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Alata&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Alata&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1179), with no line terminators
Size
1.2 kB (1152 bytes)
Hash
1f9ff1758f44a8354f9be6ccf531cb8a
7fd5c0f675262d59736c063d0569dd7fab71256f
37dfb66736045e51980abc5c9c002b3a658a8fadc626f4a0aacf957fe90b6809

HTTP Headers

GET /css2?family=Alata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
11 kB (10980 bytes)
Hash
0f3106ce705bbf98161187fc94d15542
99688690db95c115bbc142ac516d7aa8d8bfade8
376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4

HTTP Headers

GET /css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

9.7 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (9912), with no line terminators
Size
9.7 kB (9696 bytes)
Hash
40698f9f19b1a609d2636f5eef9a3e30
46ff448bbf2fb3b30ecc73402877f8845445f8ba
f3f7baade7af0f0b4587523c53317642d7c18c2501e70aaae37b93e7ee9a6545

HTTP Headers

GET /css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/css/style_zo.css

104.21.35.159

200 OK

154 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/css/style_zo.css
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
assembler source, ASCII text, with very long lines (542)
Size
154 kB (154301 bytes)
Hash
338a6ce8c8199e3d12b9b0cb285d37a7
cf5fe97e4ed2892105eca8dba6968a69e9c11fc7
d06314d034cac6aa2a48b6a8038cc8aba947bbc67ff9708005246b3d697640a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/css/style_zo.css HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 06:51:32 GMT
vary: Accept-Encoding
cache-control: max-age=14400
expires: Sun, 05 May 2024 23:40:19 GMT
etag: W/"647056f4-25abd"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7vd0ZW0BGfCLheepaqvTAvHbOFRN4LQBzSvfk3MAGJpo8pm%2Fg6g5vkmBb45lWrnUzyjS6CPBMqxQe0wam%2BENHTf2PARwQFtyfiAxzuHiQuo5x9IKrO0B4h07nyqBWSJM7eXzcuc4ScZaDxyikQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f445805b991c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_extend.js

104.21.35.159

200 OK

594 B

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_extend.js
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JavaScript source, ASCII text, with very long lines (651), with no line terminators
Size
594 B (594 bytes)
Hash
8010855e15d5074321041f2f237115eb
f5ffb026de6707488b4338d200423056f744c337
e168518c5a91b51ace366e2d98a1ff9fd70721406ff5519185e24427e1d3c9f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/jscript/jscript_extend.js HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Fri, 26 May 2023 06:52:25 GMT
cache-control: max-age=14400
expires: Sun, 05 May 2024 22:45:19 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fo7UBQsN2jZUr2u92lxc3pf%2BKjzDnMBkdUZ8hX%2BtCOcpNdBjKVfknH3%2B%2BxiLDQTHrDOlruMlXevgHT5TD%2B8gw0wtQ9jMPbTkFBHx1%2FdnuG%2BbOMlKxPV6VLsWdusbAYQgnVeF5pQv8PhUVpF5l%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f44580dbeb1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/css/style_zp.css

104.21.35.159

200 OK

17 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/css/style_zp.css
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
ASCII text
Size
17 kB (16797 bytes)
Hash
3e301345eb177583051fab64f51b8100
8efa1e8824cdc1ff6cf303a0fbe6b1e22db01e6e
fb3db3832fd7d697b5437b24e144c69a737159a936a8fe5c0087abf2471da86f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/css/style_zp.css HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:17 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 06:51:33 GMT
vary: Accept-Encoding
cache-control: max-age=14400
expires: Sun, 05 May 2024 23:40:19 GMT
etag: W/"647056f5-419d"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mcKI0UF2bd5WSav%2FgLZlfe5IPKRL%2FFIitIRA7C%2FOJD7uzf4jurAa5KU1mK%2Bp4apzkueVQBf%2FlOMD2KsLWHGcW2tp%2FCDi7whfWRefdvL4O6cRz99b9r3gcfK9HOuGXZk4vxLY0GILKPJcHjuGBBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f445805b9a1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jquery.min.js

104.21.35.159

200 OK

90 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jquery.min.js
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/jscript/jquery.min.js HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 06:52:23 GMT
vary: Accept-Encoding
cache-control: max-age=14400
expires: Sun, 05 May 2024 22:45:19 GMT
etag: W/"64705727-15d9d"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rru0HHclNhjVaZrSxlv%2BTo%2B89p35FL29vxPDqCzKB5qsVxi3iztrCH6IykNKfBkvDt1ytIJaKG%2BMQ%2FdYZuVWbD6vL2I%2FrPh8TxvVEQHgt07yl7ZpSFruqLhD%2FWb4FlkV7YAvCmWHBO770KhQAqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f44580dbe91c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_zmain.js

104.21.35.159

200 OK

54 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_zmain.js
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JavaScript source, ASCII text, with very long lines (528)
Size
54 kB (54278 bytes)
Hash
657b6fc5f6b612f62bf9fc3b4231a42d
2c65c88d583489044def61a402fa94ae4083506f
3b68c6d91ed98b466dac0b8ddbfe9a6c98eb8fe2ce1b37ea7c1e084d155179b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/jscript/jscript_zmain.js HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 06:52:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
expires: Sun, 05 May 2024 22:45:19 GMT
etag: W/"6470572b-d406"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NjkwOz6WrmDRf9RwbBK6k3vCwmIbTIF5InT%2Ba4zYAJiDc4HPf5qb4l6%2BxNYrds3XiPp9HznSVIDOAFdWcNHx%2Fto8flyxJINSo0%2B0K5q4YPrhlMfxFXhuwFOGI6%2FEt3NBaxf%2BMNLUpoWBx8YBwAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f44580ebf31c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap

142.250.74.106

200 OK

2.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2424), with no line terminators
Size
2.4 kB (2370 bytes)
Hash
4c11106146294a0f2e0f9a7cd792e1d2
53f4815a87a769d098f64ad9dfafc157f7d572d1
66f67ff9a9b48f878ba4db2df85dcb68e5640e189ecc19cb7a4a8604b7412e94

HTTP Headers

GET /css2?family=Merienda:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_plugins.js

104.21.35.159

200 OK

273 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_plugins.js
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type

Size
273 kB (273266 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/jscript/jscript_plugins.js HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 06:52:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
expires: Sun, 05 May 2024 22:45:19 GMT
etag: W/"6470572b-42b72"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9z8ooFObVi6U6A4RWfvylqNwH9qFC4GXgwXn2lWg0S9CmjSpVN8ORmGNtaf5fWmxuIz%2FzE1pd%2BVg64cZqPc%2B%2FW3r%2FZe3xXk4WHMZ7HdDZ0qCp%2B1J2SVtbcZGaUesmuOp6AUZ3KihrdOeOCtxbbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f44580ebef1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_cookies.js

104.21.35.159

200 OK

745 B

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/jscript/jscript_cookies.js
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
JavaScript source, ASCII text, with very long lines (781), with no line terminators
Size
745 B (745 bytes)
Hash
1d1e5b216c4be6e75bf6f58c39804e4b
da4fbf0c9a9aa5174536e9338412311c3fcaf982
fbc466f0293a8b6eaf8ac7435c51dda455b047eb2e2b156cf8acfd0df61f8c15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/jscript/jscript_cookies.js HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Fri, 26 May 2023 06:52:24 GMT
cache-control: max-age=14400
expires: Sun, 05 May 2024 22:45:19 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FQ%2BSj3fwNrQPS5U6SVNfLpOYDcBdjMtNz02TXWWSpGiJwxE3vTiX8ZRQLg0JD7D0T%2BEGmU9e2iuhKqWmztuuPvX1uFSOfSa%2BK%2BEI%2BwJVD79nIKqb1d07VnCHOjT011RdzGjTY4ufZY%2BuTjrA30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f44580dbea1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
11 kB (11178 bytes)
Hash
eb9023562ab1966f30dc99199c862e99
c61e56985a7df5262657c080393142f4f3e674b0
23daa07b4cbfa8e9a4a4aa17f77ebab31297e8dcd5f1c082dc21f284ab5dd03a

HTTP Headers

GET /css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap

142.250.74.106

200 OK

2.6 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2605), with no line terminators
Size
2.6 kB (2551 bytes)
Hash
d7e91faccd8b5b75c6794babc60413e9
490a3fe1bc93ea7dd9cff81c80eca5ea6cad68b3
8d4ecadfe561b26cf0addd9f7e39055b19844488449e0091a936a77fdff727d9

HTTP Headers

GET /css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap

142.250.74.106

200 OK

6.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (6420), with no line terminators
Size
6.3 kB (6258 bytes)
Hash
74a37b69a4c15801b8edcc9cd42c503c
23d843eff81be41b551ff2ab24a550017f77207f
d706baa7aa0457db3dc2bbb3af441adb4dc2cf87f8c3611c85a281ddbe939ec7

HTTP Headers

GET /css2?family=Jost:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

142.250.74.106

200 OK

7.6 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (7812), with no line terminators
Size
7.6 kB (7623 bytes)
Hash
ea047ba198aaa7637f27cf64c74fa8be
52329f1f70a60957c92db2a590bb97b25796dc19
11a942088d049579ba79db59d72e631d2e26f1fc2b12ee0dba2e2e3ff65d2477

HTTP Headers

GET /css2?family=Roboto+Condensed:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/favicon.ico

104.21.35.159

200 OK

4.3 kB

URL GET HTTP/3
www.ninewestoutletshoes.com/includes/templates/ninewestoutletshoes/images/favicon.ico
IP
104.21.35.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectninewestoutletshoes.com
Fingerprint4B:26:E9:BA:C9:F0:07:48:B1:57:D5:91:8D:BF:11:82:87:98:0C:62
ValiditySat, 27 Apr 2024 08:34:09 GMT - Fri, 26 Jul 2024 08:34:08 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
db9896e94c79e1f2cb8f12027da2c34e
410d6e24d05163afd949da17080461c2e5a4057d
752b84ebe5e6c13b734089e1cb70bae766c6d8a4171f6ca5c4b7c4f41cffb09b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/ninewestoutletshoes/images/favicon.ico HTTP/1.1
Host: www.ninewestoutletshoes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Cookie: zenid=p8fkrgn29007b56bgjjjdu601a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 22:47:18 GMT
content-type: image/x-icon
last-modified: Fri, 26 May 2023 06:51:59 GMT
cache-control: public, max-age=864000, must-revalidate
expires: Sat, 04 May 2024 23:07:00 GMT
etag: W/"6470570f-10be"
cf-cache-status: HIT
age: 171202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozCehb42YvAu9%2FX%2BJj8BU2loNLsw6mlT5gfcOgjcYITAefXEVEbeXX03a6y8dNI2EGEaWS5%2FZIoy87WiF%2FfhD7JSP9rPnyM2Z%2FAcMmBPu3omuBAtcm0QhNcyLdY9uOe0lNuHaYi2juvsh%2B7aVME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f445865dc51c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap

142.250.74.106

200 OK

9.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.ninewestoutletshoes.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (9530), with no line terminators
Size
9.3 kB (9314 bytes)
Hash
c5939125786ce6b5ed8c4f0a2bedcf52
528777daa60c7b5d52e78018151ba873c94d640e
819fb2fbdc024c04b03c88da5d5c7e0bdb4616630d72ab65491cbaab120f46ec

HTTP Headers

GET /css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ninewestoutletshoes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 22:47:18 GMT
date: Sun, 05 May 2024 22:47:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (77)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size