Report - toysalesstore.com/

Report Overview

Submitted URL
toysalesstore.com/
IP
104.16.198.133
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-02 20:02:29
Access
public
Website Title
Warning - J***T
Final URL
toysalesstore.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sc-static.net	1183	2017-03-16	2017-09-05	2024-05-02	404 B	20 kB	54.230.82.240
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-02	1.1 kB	43 kB	216.58.207.227
cdn.staticswin.com	unknown	2022-08-02	2022-08-02	2024-02-29	1.4 kB	518 kB	104.18.169.76
toysalesstore.com	unknown	unknown	No data	No data	6.2 kB	218 kB	104.16.198.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-02	medium	toysalesstore.com	Sinkholed
2024-05-02	medium	toysalesstore.com	Sinkholed
2024-05-02	medium	toysalesstore.com	Sinkholed
2024-05-02	medium	toysalesstore.com	Sinkholed
2024-05-02	medium	toysalesstore.com	Sinkholed
2024-05-02	medium	toysalesstore.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	toysalesstore.com/	139 kB	2024-05-02	2024-05-02
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 22:02:35 Last Seen2024-05-02 22:02:35 Times Seen1 Hash 8d325d146463d39de0b6ba8414dc3ef0 cd707bac7cb9d1d72dee055fa4c0a30f1c39e0c3 5bf7c2bbcacd9965a781376dd8f31b98b9b9c5d9e7d39e45a8aa2359f0a69ecf Loading...

	toysalesstore.com/	462 B	2023-09-15	2024-05-16
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-15 00:25:12 Last Seen2024-05-16 18:52:20 Times Seen289 Hash 9b90fddfcd524a4730652cf40123a5cc 8f5f4ea5368f81ab8df47dc1e97fa39440c2bd59 34bb0fdee7ef950a3697de247751cd1e3f3ce55b60bc1c2b584562bf87ad9d01 Loading...

	toysalesstore.com/	3.8 kB	2024-04-11	2024-05-16
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-11 20:33:05 Last Seen2024-05-16 18:52:20 Times Seen22 Hash dce9cd11ec730306ff9a08b76e76062c 27d85d9448b0d022d55cf991e78082c5b381efcf 5bf93e70121efe5f262cbd55eb91b7e40c979de8ccc360a27292e8f6e7c8623b Loading...

	sc-static.net/scevent.min.js	46 kB	2024-04-25	2024-05-07
Pretty URL sc-static.net/scevent.min.js IP 54.230.82.240 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:07:31 Last Seen2024-05-07 06:38:16 Times Seen359 Hash b63285518f1bc28f01cfe8bfb4e6ca47 850cf5957261d3d7bc5484797f5ea6f32630f52f dac99c71e943d58b4fac29e7bed45da2fc55ceec4d6627ecce863dec95a520aa Loading...

	toysalesstore.com/	1.1 kB	2023-11-16	2024-05-02
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-16 21:56:15 Last Seen2024-05-02 22:02:35 Times Seen4 Hash a71fbf430109bde74cad474506d31d06 b6cd7fd0ae73fdf9eabb2158aa0b6edccd83ac09 e8f5df8557f2590765839fcc33334ebc65dfadca346fa4fba774051044b7df9b Loading...

	toysalesstore.com/	126 B	2024-04-06	2024-05-16
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 13:59:58 Last Seen2024-05-16 18:52:20 Times Seen26 Hash ffd78f1ecf4ac331c56e1e33918f748d 6178e5a3bc390d07e0cbd04971baa86dab3ee9d0 f856558f1b4b5b4291595975127bdfd3447c23f50645142defdcc13534d25a4f Loading...

	toysalesstore.com/	2.6 kB	2024-05-02	2024-05-02
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 22:02:35 Last Seen2024-05-02 22:02:35 Times Seen1 Hash 555331d7544551c2814b94b0cb7b08c7 d1dce4d76176b9d597ca5b350784637b172dba7c 6b57c734409459d811f76b5beb00f1e2f87d06fddea06085601adc64bd18dba1 Loading...

	toysalesstore.com/	5.6 kB	2024-05-02	2024-05-02
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 22:02:35 Last Seen2024-05-02 22:02:35 Times Seen1 Hash 534cf457b3163c8ee13d1dbfa9799ea6 6893586f82d52ee398f86c095f7ebd6d6d2acc89 21fd741fbb7969c9bb56c612ea090a8ae8dded62dff7b74920588475d3fb25dc Loading...

	cdn.staticswin.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6	28 kB	2024-02-23	2024-05-16
Pretty URL cdn.staticswin.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6 IP 104.18.169.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-23 06:41:52 Last Seen2024-05-16 18:52:20 Times Seen37 Hash 07fb0d45d962f0ee4546b0d70a2722a3 a4116bd5ebcbea2503deb6a44e0fc3c2894aae45 7ce4586aca574aba3f3c6e0ab119e28e28dd04338899cdb552bf6845b8150938 Loading...

	toysalesstore.com/	544 B	2023-11-16	2024-05-02
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-16 21:56:15 Last Seen2024-05-02 22:02:35 Times Seen4 Hash 1ed115f0da4d69ac906af5a8ce15ec10 1565306afe998124724a2e52dda3dd1fe1b130be d95b49ad5fac5e30f82f2276085d38862a3e85b7c9755dee7cf4910d5a7b0f36 Loading...

	toysalesstore.com/	2.0 kB	2023-03-09	2024-05-15
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 08:29:29 Last Seen2024-05-15 22:53:36 Times Seen100 Hash 3cb265b6fb5eb5b20eb2f5d46064ede0 24b0083425efb7d1182c43585f58319dfdd73c69 4170914aa32d52157f651482a6a9568504f2892219fde3312f4b2913e8942160 Loading...

	toysalesstore.com/	795 B	2024-01-05	2024-05-16
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-05 14:24:07 Last Seen2024-05-16 18:52:20 Times Seen101 Hash df556482bc0e408b20960b0c56caa361 6579da4db483f73a82ca0c8538808d782bd0a8b1 76b604091ff73f90ce21f6b18d41f116bd92a10cb2a437f22867ae05cf88817b Loading...

	toysalesstore.com/	11 B	2023-03-07	2024-05-16
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:39:41 Last Seen2024-05-16 20:03:24 Times Seen398 Hash b308b7fe5c1c2bbdc0cb686d451b84aa bc83eb7e6487768f88af9fa4db682f0d3daaee17 636159b35205da4142a43bc02d2849d77d3ac07a0946211585cde15a9c6ff21f Loading...

	toysalesstore.com/	1.7 kB	2024-02-05	2024-05-16
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-05 12:20:18 Last Seen2024-05-16 18:52:20 Times Seen47 Hash d9276cf7f2a76b4014c48d4047a1263b 7ae277464b82e88aad62e2e044d35e4de1ac9821 8ce0039ca330976d947efb409e27fe2e589c91299ec79a9c71603c1bcecd69f6 Loading...

	cdn.staticswin.com/uploads/0/theme/default/public_assets/public.js?v=6ef0de85294e3deadea6a0b5829f86f8	484 kB	2024-04-25	2024-05-03
Pretty URL cdn.staticswin.com/uploads/0/theme/default/public_assets/public.js?v=6ef0de85294e3deadea6a0b5829f86f8 IP 104.18.169.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:51:55 Last Seen2024-05-03 01:42:22 Times Seen10 Hash 3b8cb2d1a8ecf00bc4adb475eccca97f 85783d7825e724937c2a3981ef7f478bcd958aa3 3a788760495c7ece61909c6549604215f3bd80e22b567a160b73c40e389a5320 Loading...

	toysalesstore.com/	3.2 kB	2023-07-23	2024-05-16
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-23 09:47:36 Last Seen2024-05-16 18:52:20 Times Seen325 Hash 54b2d73ece20a11eb2899e085b085664 e8520354b1dff4d5867bc8bf57553a30f5739221 c3ff84344d41e2f19b0124f780d06fc3b1739a974eed811b75cdd0a0b5c2274b Loading...

	toysalesstore.com/	18 kB	2023-11-14	2024-05-16
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-14 10:07:10 Last Seen2024-05-16 18:52:20 Times Seen206 Hash 291a64329dc9bf041d4c69b591dacc43 5039842aae8652258c1e9594c336af2baffcf0a2 bb0f973d78d777df54f32dbbcccb22af4107aedcdc29bd72712c7184d0140ebb Loading...

	toysalesstore.com/	36 B	2024-05-02	2024-05-02
Pretty URL toysalesstore.com/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 22:02:35 Last Seen2024-05-02 22:02:35 Times Seen1 Hash f4ea6c217f49c07650adc2752922e7e2 f0769d0a29e60a705c4409979281395edc8e5435 c4e60baf533c663ed49b3a0aa957d4d33aa3ebfb4e1491e53907a0ac736c58b4 Loading...

HTTP Transactions (12)

URL IP Response Size

sc-static.net/scevent.min.js

54.230.82.240

200 OK

19 kB

URL GET HTTP/2
sc-static.net/scevent.min.js
IP
54.230.82.240:443
ASN
#16509 AMAZON-02

Requested by
https://toysalesstore.com/
Certificate
IssuerAmazon
Subjectsc-static.net
FingerprintE4:8A:DF:2D:95:33:E5:93:D4:43:8A:14:06:EA:EA:E8:AD:29:20:0F
ValidityThu, 21 Dec 2023 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (28360)
Size
19 kB (19396 bytes)
Hash
b63285518f1bc28f01cfe8bfb4e6ca47
850cf5957261d3d7bc5484797f5ea6f32630f52f
dac99c71e943d58b4fac29e7bed45da2fc55ceec4d6627ecce863dec95a520aa

HTTP Headers

GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://toysalesstore.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 19396
server: CloudFront
date: Thu, 02 May 2024 20:02:05 GMT
access-control-allow-headers: Content-Type
access-control-allow-origin: *
content-encoding: gzip
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=24b5be485c2747719f2dadcc8288a94b;max-age=86400;expires=Fri, 03 May 2024 20:02:05 GMT;Path=/scevent.min.js;Secure;SameSite=None
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sBbb67Xy5XoEXlsNfWXy5wLl6vMta8W1MGTD16tsk2fFWnl2uwutQw==
X-Firefox-Spdy: h2

fonts.gstatic.com/s/concertone/v12/VEM1Ro9xs5PjtzCu-srDqSTijP4.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/concertone/v12/VEM1Ro9xs5PjtzCu-srDqSTijP4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://toysalesstore.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24308, version 1.0
Size
24 kB (24308 bytes)
Hash
b26313145d22461c7e4d26325dd7d53e
e739cde7f91e5f1875b4f3757580e7b54472500d
6d11209d1442b020864f7c35c777ecb20a359c743121536d5e2c0a0c7557c0d6

HTTP Headers

GET /s/concertone/v12/VEM1Ro9xs5PjtzCu-srDqSTijP4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://toysalesstore.com
DNT: 1
Connection: keep-alive
Referer: https://toysalesstore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 07:21:57 GMT
expires: Fri, 02 May 2025 07:21:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Jun 2021 23:09:16 GMT
content-type: font/woff2
age: 45608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/didactgothic/v14/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2

216.58.207.227

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/didactgothic/v14/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://toysalesstore.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16812, version 1.0
Size
17 kB (16812 bytes)
Hash
96ae2bdadfc6d96a7d8a966e6c3245e8
d3c3afc81f5470ecebd724cc40397e094d37084e
f4f686558e91f9d8b396d13a42e218e7a33ef391c97fb68de337af804592169c

HTTP Headers

GET /s/didactgothic/v14/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://toysalesstore.com
DNT: 1
Connection: keep-alive
Referer: https://toysalesstore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 04:49:25 GMT
expires: Fri, 02 May 2025 04:49:25 GMT
cache-control: public, max-age=31536000
age: 54760
last-modified: Tue, 01 Sep 2020 05:24:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.staticswin.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6

104.18.169.76

200 OK

7.8 kB

URL GET HTTP/2
cdn.staticswin.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://toysalesstore.com/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticswin.com
Fingerprint9A:72:CA:09:9E:95:9B:EB:7D:7B:26:11:22:54:26:F2:C1:41:C2:FD
ValiditySun, 02 Jul 2023 00:00:00 GMT - Sun, 30 Jun 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
7.8 kB (7833 bytes)
Hash
96afd8ae933a668f3daf26bd95bc95a6
4285b6fe54816e3e60f8effc0b396ce1b9848868
5f2c27fd8ce921c5c8663ea491139714306effb9f081505dc5bd09b1de7ce568

HTTP Headers

GET /uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6 HTTP/1.1
Host: cdn.staticswin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://toysalesstore.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:04 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 66319446D31A233331370702
last-modified: Tue, 30 Apr 2024 15:09:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16609357670485251830
x-oss-storage-class: Standard
content-md5: lq/YrpM6Zo89rya9lbyVpg==
x-oss-server-time: 1
cf-cache-status: HIT
age: 2562
expires: Fri, 10 May 2024 20:02:04 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 87da9b5c9c8b5691-OSL
content-encoding: br
X-Firefox-Spdy: h2

toysalesstore.com/favicon.ico

104.16.198.133

200 OK

6.7 kB

URL GET HTTP/2
toysalesstore.com/favicon.ico
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://toysalesstore.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttoysalesstore.com
FingerprintF9:F1:11:85:B2:C3:88:31:60:9B:D6:0D:97:C6:26:1B:80:7A:4C:07
ValiditySun, 17 Mar 2024 08:26:01 GMT - Sat, 15 Jun 2024 08:26:00 GMT

File type
gzip compressed data, from Unix
Size
6.7 kB (6661 bytes)
Hash
b82375e053140b4dc948afc4dec12f2b
32f4deb0660bc7571d3b70e584252757602638f2
8efc756f53753a2ba373219bad056f73cbb018772bafc7397542a14c8a08f853

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: toysalesstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://toysalesstore.com/
DNT: 1
Connection: keep-alive
Cookie: oemsaas_global_visit_id=C77ADF10-35B1-085C-C327-DA724EEC8EFA; oemsaas_checkout_visit_id=A6A9BB34-BE61-EA0A-B9B7-CAED04DE5E6F; oemsaas_global_visit_session=11C21C84-DA40-3CC8-17B5-A40ABEB768A9; PHPSESSID=d04684acb173914729694821d68aab5d; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-05-02%2020%3A02%3A04; _scid=67794bbe-10d2-4019-b22b-abe253050f87; _scid_r=67794bbe-10d2-4019-b22b-abe253050f87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:05 GMT
content-type: image/x-icon
last-modified: Sat, 12 Feb 2022 05:23:27 GMT
etag: W/"6207444f-46"
cf-cache-status: REVALIDATED
expires: Fri, 03 May 2024 00:02:05 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 87da9b606877569a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticswin.com/uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e

104.18.169.76

200 OK

25 kB

URL GET HTTP/2
cdn.staticswin.com/uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://toysalesstore.com/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticswin.com
Fingerprint9A:72:CA:09:9E:95:9B:EB:7D:7B:26:11:22:54:26:F2:C1:41:C2:FD
ValiditySun, 02 Jul 2023 00:00:00 GMT - Sun, 30 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
25 kB (24840 bytes)
Hash
66eda0dd6672bd051feb0d39b9f9197e
fce0d05f5389afdf45501d1ca44b13b4edbbd1e6
ccfdc21df473396a2dd78496fd4c04b5703ab0f516959898c75cdeb668c2c97f

HTTP Headers

GET /uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e HTTP/1.1
Host: cdn.staticswin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://toysalesstore.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:04 GMT
content-type: text/css
vary: Accept-Encoding, Origin
x-oss-request-id: 66322A93342C483536FF4EED
last-modified: Tue, 30 Apr 2024 15:09:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3603105492076268374
x-oss-storage-class: Standard
content-md5: Zu2g3WZyvQUf6w05ufkZfg==
x-oss-server-time: 2
cf-cache-status: HIT
age: 2562
expires: Fri, 10 May 2024 20:02:04 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 87da9b5c9c8e5691-OSL
content-encoding: br
X-Firefox-Spdy: h2

toysalesstore.com/

104.16.198.133

200 OK

209 kB

URL User Request GET HTTP/2
toysalesstore.com/
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecttoysalesstore.com
FingerprintF9:F1:11:85:B2:C3:88:31:60:9B:D6:0D:97:C6:26:1B:80:7A:4C:07
ValiditySun, 17 Mar 2024 08:26:01 GMT - Sat, 15 Jun 2024 08:26:00 GMT

File type

Size
209 kB (209141 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: toysalesstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
execution-time: 0.0432939529
trace_id: 0582C40D-5253-F5A1-A362-E704D391F75A
set-cookie: oemsaas_global_visit_id=C77ADF10-35B1-085C-C327-DA724EEC8EFA; expires=Sun, 30-Apr-2034 20:02:03 GMT; Max-Age=315360000; path=/
oemsaas_checkout_visit_id=A6A9BB34-BE61-EA0A-B9B7-CAED04DE5E6F; expires=Sun, 30-Apr-2034 20:02:03 GMT; Max-Age=315360000; path=/
oemsaas_global_visit_session=11C21C84-DA40-3CC8-17B5-A40ABEB768A9; expires=Fri, 03-May-2024 20:02:03 GMT; Max-Age=86400; path=/
PHPSESSID=d04684acb173914729694821d68aab5d; path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87da9b532cc1569a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

toysalesstore.com/homeapi/collect

104.16.198.133

200 OK

9 B

URL POST HTTP/2
toysalesstore.com/homeapi/collect
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://toysalesstore.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttoysalesstore.com
FingerprintF9:F1:11:85:B2:C3:88:31:60:9B:D6:0D:97:C6:26:1B:80:7A:4C:07
ValiditySun, 17 Mar 2024 08:26:01 GMT - Sat, 15 Jun 2024 08:26:00 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
311486df619d42e069bcdc41e73f335d
b3f9153ae3eef9847a707e36b7f54f989d4a4235
587b05cd8d59f9820d2cf168b07d46b1519d12ee7a2f7062a2490da0a99ccb50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /homeapi/collect HTTP/1.1
Host: toysalesstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://toysalesstore.com/
Content-Type: application/json
Content-Length: 548
Origin: https://toysalesstore.com
DNT: 1
Connection: keep-alive
Cookie: oemsaas_global_visit_id=C77ADF10-35B1-085C-C327-DA724EEC8EFA; oemsaas_checkout_visit_id=A6A9BB34-BE61-EA0A-B9B7-CAED04DE5E6F; oemsaas_global_visit_session=11C21C84-DA40-3CC8-17B5-A40ABEB768A9; PHPSESSID=d04684acb173914729694821d68aab5d; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-05-02%2020%3A02%3A04
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:05 GMT
content-type: text/html;charset=utf-8
trace_id: 688414C5-AD47-E263-F06E-84862B3578FC
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87da9b5dfc9c569a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

toysalesstore.com/homeapi/collect

104.16.198.133

200 OK

9 B

URL POST HTTP/2
toysalesstore.com/homeapi/collect
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://toysalesstore.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttoysalesstore.com
FingerprintF9:F1:11:85:B2:C3:88:31:60:9B:D6:0D:97:C6:26:1B:80:7A:4C:07
ValiditySun, 17 Mar 2024 08:26:01 GMT - Sat, 15 Jun 2024 08:26:00 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
311486df619d42e069bcdc41e73f335d
b3f9153ae3eef9847a707e36b7f54f989d4a4235
587b05cd8d59f9820d2cf168b07d46b1519d12ee7a2f7062a2490da0a99ccb50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /homeapi/collect HTTP/1.1
Host: toysalesstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://toysalesstore.com/
Content-Type: application/json
Content-Length: 856
Origin: https://toysalesstore.com
DNT: 1
Connection: keep-alive
Cookie: oemsaas_global_visit_id=C77ADF10-35B1-085C-C327-DA724EEC8EFA; oemsaas_checkout_visit_id=A6A9BB34-BE61-EA0A-B9B7-CAED04DE5E6F; oemsaas_global_visit_session=11C21C84-DA40-3CC8-17B5-A40ABEB768A9; PHPSESSID=d04684acb173914729694821d68aab5d; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-05-02%2020%3A02%3A04; _scid=67794bbe-10d2-4019-b22b-abe253050f87; _scid_r=67794bbe-10d2-4019-b22b-abe253050f87
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:05 GMT
content-type: text/html;charset=utf-8
trace_id: E7EE7BDC-D7A1-64CA-FEC3-B576EEACFFD7
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87da9b61197f569a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticswin.com/uploads/0/theme/default/public_assets/public.js?v=6ef0de85294e3deadea6a0b5829f86f8

104.18.169.76

200 OK

484 kB

URL GET HTTP/2
cdn.staticswin.com/uploads/0/theme/default/public_assets/public.js?v=6ef0de85294e3deadea6a0b5829f86f8
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://toysalesstore.com/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticswin.com
Fingerprint9A:72:CA:09:9E:95:9B:EB:7D:7B:26:11:22:54:26:F2:C1:41:C2:FD
ValiditySun, 02 Jul 2023 00:00:00 GMT - Sun, 30 Jun 2024 23:59:59 GMT

File type

Size
484 kB (483790 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/0/theme/default/public_assets/public.js?v=6ef0de85294e3deadea6a0b5829f86f8 HTTP/1.1
Host: cdn.staticswin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://toysalesstore.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:04 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 6631099F91795F3433CB6ED4
last-modified: Tue, 30 Apr 2024 15:09:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13733871732335455998
x-oss-storage-class: Standard
content-md5: O4yy0ajs8AvErbR17Mypfw==
x-oss-server-time: 3
cf-cache-status: HIT
age: 78585
expires: Fri, 10 May 2024 20:02:04 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 87da9b5c9c955691-OSL
content-encoding: br
X-Firefox-Spdy: h2

toysalesstore.com/homeapi/collect

104.16.198.133

200 OK

9 B

URL POST HTTP/2
toysalesstore.com/homeapi/collect
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://toysalesstore.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttoysalesstore.com
FingerprintF9:F1:11:85:B2:C3:88:31:60:9B:D6:0D:97:C6:26:1B:80:7A:4C:07
ValiditySun, 17 Mar 2024 08:26:01 GMT - Sat, 15 Jun 2024 08:26:00 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
311486df619d42e069bcdc41e73f335d
b3f9153ae3eef9847a707e36b7f54f989d4a4235
587b05cd8d59f9820d2cf168b07d46b1519d12ee7a2f7062a2490da0a99ccb50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /homeapi/collect HTTP/1.1
Host: toysalesstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://toysalesstore.com/
Content-Type: application/json
Content-Length: 367
Origin: https://toysalesstore.com
DNT: 1
Connection: keep-alive
Cookie: oemsaas_global_visit_id=C77ADF10-35B1-085C-C327-DA724EEC8EFA; oemsaas_checkout_visit_id=A6A9BB34-BE61-EA0A-B9B7-CAED04DE5E6F; oemsaas_global_visit_session=11C21C84-DA40-3CC8-17B5-A40ABEB768A9; PHPSESSID=d04684acb173914729694821d68aab5d; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-05-02%2020%3A02%3A04
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:05 GMT
content-type: text/html;charset=utf-8
trace_id: 440B66AC-E42D-8826-8C2C-3E4682983A09
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87da9b5ddc67569a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

toysalesstore.com/homeapi/facebook

104.16.198.133

200 OK

86 B

URL POST HTTP/2
toysalesstore.com/homeapi/facebook
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://toysalesstore.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttoysalesstore.com
FingerprintF9:F1:11:85:B2:C3:88:31:60:9B:D6:0D:97:C6:26:1B:80:7A:4C:07
ValiditySun, 17 Mar 2024 08:26:01 GMT - Sat, 15 Jun 2024 08:26:00 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
86 B (86 bytes)
Hash
aab6a718f96d68b4eed15ff9b5a16a16
de22c01ffda29c42c6d76aae5fafe46bd05c44ff
fe13f3b74f70bef9ad788618f163738c9b2dd2d4a8e7c5c04562810857b4db14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /homeapi/facebook HTTP/1.1
Host: toysalesstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://toysalesstore.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 435
Origin: https://toysalesstore.com
DNT: 1
Connection: keep-alive
Cookie: oemsaas_global_visit_id=C77ADF10-35B1-085C-C327-DA724EEC8EFA; oemsaas_checkout_visit_id=A6A9BB34-BE61-EA0A-B9B7-CAED04DE5E6F; oemsaas_global_visit_session=11C21C84-DA40-3CC8-17B5-A40ABEB768A9; PHPSESSID=d04684acb173914729694821d68aab5d; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-05-02%2020%3A02%3A04
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 20:02:05 GMT
content-type: application/json
trace-id: D53B97B6-D1B1-63B4-5D38-889BEB19C55C
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87da9b5ddc7e569a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML