Report - shortsvelventysjo.shop/C0L

Report Overview

Submitted URL
shortsvelventysjo.shop/C0L
IP
172.67.216.69
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 13:53:37
Access
public
Website Title
Just a moment...
Final URL
shortsvelventysjo.shop/C0L
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
78

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
shortsvelventysjo.shop	unknown	unknown	No data	No data	6.7 kB	443 kB	172.67.216.69
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-25	7.7 kB	1.2 MB	104.17.3.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-25 13:53:11	high	Client IP	172.67.216.69	ET MALWARE Observed Lumma Stealer Related Domain (shortsvelventysjo .shop in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed
2024-04-25	medium	shortsvelventysjo.shop	Sinkholed

ThreatFox

Scan Date	Severity	Indicator	Alert
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer
2024-04-20	medium	shortsvelventysjo.shop	Lumma Stealer

JavaScript (77)

	URL	Size	First Seen	Last Seen
	shortsvelventysjo.shop/C0L	4.6 kB	2024-04-25	2024-04-25
Pretty URL shortsvelventysjo.shop/C0L IP 172.67.216.69 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 15:53:44 Last Seen2024-04-25 15:53:44 Times Seen1 Hash 433f53c7103bca0bf7f63b1b51479517 dc38cb361414092402e50f434367feffffe4444d 4e3ef5d687b6d4b3e95d95e75b5e998d4202a3494b67fea3ab71c5f831760e68 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed1db0c9cb515	428 kB	2024-04-25	2024-04-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed1db0c9cb515 IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 15:53:44 Last Seen2024-04-25 16:31:06 Times Seen4 Hash 21dd54cb199f1ec142655d7c64ba361a 04a1f17cd0cad44bd52c2a2cb3a00312ff179dee 251152b571947af5a26cf0777305a9781aef1400b1e5cc2003c4930ae2bc655f Loading...

	shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed1d868b656b4	397 kB	2024-04-25	2024-04-25
Pretty URL shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed1d868b656b4 IP 104.21.16.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 15:53:44 Last Seen2024-04-25 15:53:48 Times Seen2 Hash b34ec93f2d6448d663e0556acedb7745 6f83abd4e376fc08b2952039481a6e3639f68bb4 92abb9528436182d549e2ea963d79604b9a5c8b642821a188bc4d86705d610dd Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	3.5 kB	2024-04-25	2024-04-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 2ece35a759e9a3d2eb90ed7e459f5554 df6a64b50d7d7ea3f76cd7baf310711162a09829 33c9673412e546bf1150bb66fc95b80a671a6b4663a27a011708e215e6c79233 Loading...

	challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit	42 kB	2024-04-18	2024-04-29
Pretty URL challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:08:49 Last Seen2024-04-29 16:17:51 Times Seen2594 Hash f94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b Loading...

		Size	First Seen	Last Seen
	#1 Eval - affcbeae8b4214ff9b45854e0193ac5b	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash affcbeae8b4214ff9b45854e0193ac5b dc6b13b0ad232aafd1cf5c31c0d048ad5e9ca20f 8348411f5e95155a41afb2829edcf46dcea988defc76064b3947cdf5466804db Loading...

	#2 Eval - 8128eafaef68e5b69aa89691ac1c872f	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 8128eafaef68e5b69aa89691ac1c872f 82ac959fa602eba238194ffb99bfcf1f97a7ac2a 71877968754584f01720051f850e4f047ba88efde546c9a734f5723a24be22f9 Loading...

	#3 Eval - 0a9f6d0cb362cf8fcb3f78cb51e50150	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 0a9f6d0cb362cf8fcb3f78cb51e50150 6ac15fedbb4d42cb9607f7b0d31391a158cbbdc2 cc9d99744ca6207b455454f851f6d568e8ca6353d2f5045fb4747bcf52e43711 Loading...

	#4 Eval - 1f1cb7c7436ca5956a5202ab7e7d55d8	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 1f1cb7c7436ca5956a5202ab7e7d55d8 b3a7fd8513cb8b2f0a1648fb3ff77ac6a6cd4e9a 7c1b7def37cc8850be61e84ecc014e1f889f89e21e394bafca6bcc2521faceda Loading...

	#5 Eval - 4f2112f828b2e3ed93500cbd0562c0e6	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 4f2112f828b2e3ed93500cbd0562c0e6 801c4af61663ba54f851ac422fd7ccbc97a9a69d 9531bbfeff27d79f7d63d2e264cae100bf32cd14cdce9a2d5b994809c4daab68 Loading...

	#6 Eval - faeb0e272cd105dfb5229d95fd8dea28	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash faeb0e272cd105dfb5229d95fd8dea28 2492d51f5b982a88ef6d7f73f669703299106939 af079194baed2bddd2c25707aa2fe6380fcf4de985eb3fdedc440a6120dceb65 Loading...

	#7 Eval - b7a662fd83961c789915962e55e42337	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash b7a662fd83961c789915962e55e42337 a7916dcd89613682dcbb6e5a3e997ecdd0a311d2 8cc5b4d63380c23f3877ad75dd92a30b8ced3846489137481e791b9a119b28ad Loading...

	#8 Eval - 7ae56fd78c2ea7d080bdb5d0ca2d6982	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 7ae56fd78c2ea7d080bdb5d0ca2d6982 004f5edfd807ce72b9dd0363406ab6e9ec282cec 26af01912367a80508978e780ae72e4017109a0836f53f1582e2df39ab0333df Loading...

	#9 Eval - 0badd637ce63eeca79205d4178306d06	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 0badd637ce63eeca79205d4178306d06 6c62686682bc6c1a38a38625d561531fc576b5f4 e62ab5b7b5f604813d01afc8ed1e747e4dbb48c19c4b841a4031a2d96325f4ab Loading...

	#10 Eval - cb28e9cd453f9eae7cfe881d33fb4626	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash cb28e9cd453f9eae7cfe881d33fb4626 6ef40631d3daeb267b1757560bc41feebee9c157 6db06b91a5545464782c2b2bca1568a4c8123878465121a69cf17b6e59e63341 Loading...

	#11 Eval - 5bab299fb670a2ac243ba54cbadad2e6	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 5bab299fb670a2ac243ba54cbadad2e6 3df8144ad0c1a04b5460962263d0ed4598625ddf 5bacf8df992925bd1bb0ad307967a54aada5e01030fbffd16feb4ace1d731f93 Loading...

	#12 Eval - b48ae99b44535da88028afa05d19a798	163 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 22:05:46 Last Seen2024-04-29 15:42:01 Times Seen553 Hash b48ae99b44535da88028afa05d19a798 9ef82c7e71b5f9ffa9dd44391fa8167182b23e85 9d28ad479ce95584fc50fde66d331410b33603a51f3477badac173d4f16fd2b9 Loading...

	#13 Eval - cc31d0ccc93be0b8fffcc596de17ee6e	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash cc31d0ccc93be0b8fffcc596de17ee6e 9a5c04f61a0bc62b8ba46ee78652a72e2f10972c 2ec06049ce92b31b7ac6aff1d386484aa66f8978284fc1e2d29c6364ff66f96a Loading...

	#14 Eval - 88c08c034b726fadefe7a064f3db0510	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 88c08c034b726fadefe7a064f3db0510 d95298acc035bb5bf5fc0ff1d62a11b18b38e971 938faed6e01e584097e96383376c40253409bfec8b3122e3946fc19e5cb51384 Loading...

	#15 Eval - 47f73e1b2156c219ac59a1690c6a7f34	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 47f73e1b2156c219ac59a1690c6a7f34 8f2098cf4441124b9e145126465a332b21459d5e caa65aca648fdf4e38d0c539e6d48a62258d89a3a3c806488f7404e31df490be Loading...

	#16 Eval - 2fb79b9dcc45025a99aaddca856fdd8d	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 2fb79b9dcc45025a99aaddca856fdd8d 14f76cb9ee005efcb4885d482cadbcda7ce75020 abd28494349645580cdef46415eed6d47e871fb1cfe80aa98088ee832d7ea3fb Loading...

	#17 Eval - 666b48f4ee4eb6a4257f4a04156e2438	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 666b48f4ee4eb6a4257f4a04156e2438 31c0fb0b0e45c26d652324e34c85210b387b6a89 c884ff73ae34241be535b14e1add61d547b19a23936ea4e39d65564ba7693baa Loading...

	#18 Eval - 6026df37dd8a2d5f398d768733d2368f	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 6026df37dd8a2d5f398d768733d2368f 4d74aa4f71492f195f4397406d879b24f0d4ae72 6cbdcc8d99b9c1773a43a480d24a5fe18d6959878a2cd19fee924a310d7f896c Loading...

	#19 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-04
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-04 20:57:38 Times Seen351491 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#20 Eval - 74862fb0f5e79ab03985a81325051aa4	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 74862fb0f5e79ab03985a81325051aa4 13305a0d250eeb0d521336a993da3d81c9e0bc09 fbcdd350a2a6a1022d6855c8e0270e8e26c22dc3ea154a62b6f3d22c9baddceb Loading...

	#21 Eval - 0de678c186d27ae894c0d1d48591f263	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 0de678c186d27ae894c0d1d48591f263 d9eaf263740604579f50b689a45b9b468228acd8 3b2b5efeaf5a9fced13a01bddab702720336e6ec9ca75417cbfaca1d7486b173 Loading...

	#22 Eval - 5a57052b21597c18f19d823a4a93d1a3	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash 5a57052b21597c18f19d823a4a93d1a3 0ac8bd1a1e1a19048c0a5f27fe612efeedc79050 36e9122d388c5f9c2914984494cd4ee581a58173b8173c611f0979c429c53aaf Loading...

	#23 Eval - e1f6d851ef6b6466ee123614d4e514dd	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:45 Times Seen1 Hash e1f6d851ef6b6466ee123614d4e514dd 349d0b5fb726af3f88d5591666064c2a5303030e f970d7a422f26f6c8e52d3d39096de44e553cb625615aec9e100fd8e9d7c95ff Loading...

	#24 Eval - effe3637e26bf7c0149538ffe38160e2	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:45 Last Seen2024-04-25 15:53:46 Times Seen1 Hash effe3637e26bf7c0149538ffe38160e2 6bb20b5d49b1a4844fdbe07a4213e6006075e966 62eab9c1d93222b8630fc97d58f8ff58d97865d24527531d32bc50cefb06e8e9 Loading...

	#25 Eval - a67cb27c3b28930118cf6d1b1fc230ff	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash a67cb27c3b28930118cf6d1b1fc230ff 0b378b2b1a799806f712e874347473c0488f4951 33dbd854d841bc0614f8c7afffe129fda7360ebbf72ee8157599256810ecc8e8 Loading...

	#26 Eval - f4a82799b00ca1bf562f3ec190021f9e	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash f4a82799b00ca1bf562f3ec190021f9e 520d7db1d5183c44d88eb6c7e97158933460ded3 a8952852da69765bfe5520017cb59058fba8b696298ad6da7e590753c625a353 Loading...

	#27 Eval - a2f58defb060a0e131189f2bebd0c518	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash a2f58defb060a0e131189f2bebd0c518 0060ae21eac92f22d7122f005c89ffb07f996f6c 6eeaa66b24d5e1da9a1c9a7dac488ea73829c9ffde561348bf80eaaf2a17784e Loading...

	#28 Eval - 31d5c131e7bdebb8a3b5781eb55490e9	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 31d5c131e7bdebb8a3b5781eb55490e9 e1676049679f6f5e7b15f917a148c1b0b6b4246a 80701f3af4c5ca8bea3b2b258cb1259430f4e73f262b2a13a12a2d06c224f772 Loading...

	#29 Eval - c418db3ba05cd43f60ed8d880904c062	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash c418db3ba05cd43f60ed8d880904c062 898350142cbc91f74b57769cd16eda90fd2778a3 76ad643c83ed75a519744a1bbf845965b96cf10c9ae531983847f52a0fecdf2f Loading...

	#30 Eval - b2817aaa56b55769edff208ad08a7123	144 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:52 Last Seen2024-04-29 16:17:39 Times Seen510 Hash b2817aaa56b55769edff208ad08a7123 88a1d4427808a4d4d76512850999ced991ca50bf 8651c9316df355c619ceb82b13aa160dc82103cc86994c3444d5d78bb20a5292 Loading...

	#31 Eval - 68581eb74e831f806d3283a1c1fe09ec	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 68581eb74e831f806d3283a1c1fe09ec 085c9080d77ca7532147092306bd38c48f3087b2 b5990cea7b50eede158e1fc7ebc6058e32c1949bb38384a5f17ae59c71bfd145 Loading...

	#32 Eval - 94c981f772da3f2ed552cd504fc96e04	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 94c981f772da3f2ed552cd504fc96e04 1eeca2c079b0c0d771292d31b5ab95e0c4ebe64e 37531c975c46b756398c318e17239de49a7dcb10de25edcd215b3ab3d06515f7 Loading...

	#33 Eval - 5fa4b39ff61c205f3ef59aff594a19f8	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 5fa4b39ff61c205f3ef59aff594a19f8 fc4277ebfc93c2e713cbb983d53156526c8f5185 e84dd236e3eb61913e76e40c6610221105509b116f2025e5c2ba7dff67e20a7b Loading...

	#34 Eval - 43c81e43a6e7d9140033055ff3e04983	62 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:51 Last Seen2024-04-29 16:17:50 Times Seen2736 Hash 43c81e43a6e7d9140033055ff3e04983 b0eca03913678cb38c488c7c79cc4f9d2755ea17 3f7ef931c657c4333a401c40e8b0b8d1ff3b164542af45e14242314c0ec39f34 Loading...

	#35 Eval - 0980fce619a32140650c516309af1f1e	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 0980fce619a32140650c516309af1f1e 9e85bc093efb02efe52e7a3ec54e7447b94bc2a3 edbc2c2aba7acfaa73a736c0e621d716d43842a6398fa97c955a356feb687e74 Loading...

	#36 Eval - 238b627e5debdb8f1256c5726ffca7da	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 238b627e5debdb8f1256c5726ffca7da 0fad9679e18b74263fb19a8505917e1d6f8f287c a2ec15dc15cebbf8117bac50bfe693e1b2c79dfa555c38cbda04660ce58f8776 Loading...

	#37 Eval - 42e4f42c3614fe89b1e94eb0d04c1873	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 42e4f42c3614fe89b1e94eb0d04c1873 93b3d69756dc820e3ea34afff02326d775427e44 eb015aa745224dcb36bcdeee2b47b5cad16a5e44e8965d28d11d5ef93a2624ea Loading...

	#38 Eval - 67b083408646959113d1e6828bc54b4c	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 67b083408646959113d1e6828bc54b4c f818bcf8629277b8ad793b922b5b8fcf2965af9c c44adb4a0ceea283cb57e9f38e5de09bc60bb2663e8582c744c0cfc2dbefa5f9 Loading...

	#39 Eval - 3e8cbd8d7ef50d69020b5d110d88be50	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 3e8cbd8d7ef50d69020b5d110d88be50 3b008b155fa6aa898a5e5f94151d8747f3b448bf 6fab2ee330d588e6157a1c3cefd953e3f0d758e2544c5ce9e21a8e93a57c0c62 Loading...

	#40 Eval - b8f562835fb9799378ae7b57e29199a5	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash b8f562835fb9799378ae7b57e29199a5 d9d538561611e73b5419e9f763af1e7f76855d57 99c335708e7ef930f2fc3536f64643b19849f9a6e2200c9259abea25409279f0 Loading...

	#41 Eval - 2358975adcf7e1d6403b83038b623a58	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 2358975adcf7e1d6403b83038b623a58 11f1e18e107c7b42476dff4cc8207635c2ac9766 f04ac90b9f072764341a6e3336d97a354c27a43d9044e69904a1ca999df63209 Loading...

	#42 Eval - 3ef47c2f74c3cbf700ce3e5b341e332e	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 3ef47c2f74c3cbf700ce3e5b341e332e b41549949443e8f9aaa327689fabc45ce13644da 442ac1b6cb047979487ed3a5723fcd0829165febccaa3496cf6bf1ab80a24469 Loading...

	#43 Eval - 65d450beb7b4a1f52660992f456e66d5	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 65d450beb7b4a1f52660992f456e66d5 5201db69033255d1d5ad4bd8e7e53202d9d0b8d6 6edf351bc5d3a421cc2b786dccf3dfbdeac088e0d98624d8a436b03805567946 Loading...

	#44 Eval - 87d5c403861bcd61b994b1a186af7c39	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 87d5c403861bcd61b994b1a186af7c39 d1034ef6def2046347ccfd187a8fd85eefe88915 09c84a3eb2007515613a9109df9111e34ee7814767ec3153589b0ee72f15baca Loading...

	#45 Eval - 83f19dd72096cc8007d7cb6fb61e8138	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 83f19dd72096cc8007d7cb6fb61e8138 a828cb47d4882cb83fec33de9753594cc567a667 6e064de5760fc327c2a81768a301998256ca5b7e6f7c6cc28a9a3e56b524b2e3 Loading...

	#46 Eval - e238c963c35f207f0f5fe8f9195980c6	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash e238c963c35f207f0f5fe8f9195980c6 bf6bec0742b4fd1c2ef2137c4b9e53bf062f2db8 54b7c390e6d4c660d3985d11a10b229553aa3335f12fde8407188cd799666355 Loading...

	#47 Eval - ee3a6bf342981bb6376418c2bda281ef	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash ee3a6bf342981bb6376418c2bda281ef b64ea3400d008c55bfc70055c5aa169b34b4f129 0e5949d24c138a4ac200ee6605444b0ed66550a2ed70f73be846fd4216806d07 Loading...

	#48 Eval - e8462db18fb8d3566d8e0032f95d60a9	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash e8462db18fb8d3566d8e0032f95d60a9 15e81023995ff330ff3473bce5b2dcd2c87f57df fc719bced59f024095098ed2ff0ee50a0e8fdbf2258a332ff94ba726e1684a71 Loading...

	#49 Eval - 3d84b5f67764b84ae4168f375b8d4d46	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 3d84b5f67764b84ae4168f375b8d4d46 03194384e6c077ca1830078bf236ede17076ed4a f72b1191d6eae291e43ccdfecf7dc0e2130b9e99248e972676847e602bb9c87a Loading...

	#50 Eval - 91fad97edaad40bda1ac3e0ef6169a87	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 91fad97edaad40bda1ac3e0ef6169a87 65c6f7f7f4ac8ec8cd7e783738a6a26e65a76992 5039a36612f0f57b361bf989205fca028d034af33296acddf7c38b30adfdaa13 Loading...

	#51 Eval - 41c15acabce5986b5eaec68dd03da521	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 41c15acabce5986b5eaec68dd03da521 4794749e8ade0cf756d7ac7d5bdb7e5a8ed4f6a5 b9d6e8907f2e6f3194b5692ac80b35d826de6da1bf88148fd66b10bf79018c4d Loading...

	#52 Eval - cacbdbcc1b5e26e1822905868f3e7e31	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash cacbdbcc1b5e26e1822905868f3e7e31 f67dc5e9156241bc35e1c4a9558fca562d7dd0e3 3e2e59f2379f6926da99b105e5b8f12b720b4323e611b05115da6eb26c837400 Loading...

	#53 Eval - 5cf0cc5aa6a54771159d7e099467f3b9	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 5cf0cc5aa6a54771159d7e099467f3b9 a16dae38e8de7f5adaf80b77cd5bab10c9faf87e fb0f8868dce47d21716c223e36a32c208ef00adb3e01067c5042eca87ddfbaba Loading...

	#54 Eval - 735d68ee22d1af15aa29b8239e00bb65	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 735d68ee22d1af15aa29b8239e00bb65 b8d365ac23f4adf66d6d5bea2249fe034c1c444e 763bd01e116a44b8cec9464a8488d28bee7870296ffc2c870c3a3a649865450f Loading...

	#55 Eval - 3a41b56d84e4c4430988dd345b6609f5	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 3a41b56d84e4c4430988dd345b6609f5 aed3cf69fbe893fa4fa5292e6dc535cbe59201cc 9030ee6b5cc1f1279a112f072f726166d21bd64cf0479d5048a82549a417563b Loading...

	#56 Eval - 6f48ed78255216180f2cf37685b2620e	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 6f48ed78255216180f2cf37685b2620e 5aabe0c5a881ce62dc7129e2a47e5aa76a89a8b0 f9cee0716456e2975af6b6d6594fba21051f1079c008c004e7ae489622d0655d Loading...

	#57 Eval - 7553461b28095cb5e958e68dbe90ac35	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash 7553461b28095cb5e958e68dbe90ac35 9dbc6220518879069c87c3fa4ccc48ae8215b69b fef0dfdb28ccde23acb9c4ee55d3505af8a47d68ae2b79bfa38b70837babcf87 Loading...

	#58 Eval - e99f7ad290282dbf100165e58b68276b	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:46 Last Seen2024-04-25 15:53:46 Times Seen1 Hash e99f7ad290282dbf100165e58b68276b fc0a54c91de559e3a71b0f8c4c8f52db23dbcb4f 2380f66187092c997402bde550f080a685b65872cb1ed8ae2da2e11d53a2b90d Loading...

	#59 Eval - fa9320cecbb2f956d940bf86161907cd	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash fa9320cecbb2f956d940bf86161907cd d67d6fe1eb44625893b15530daca69c74df7c157 987516df224ee5f47044ffb273fc88bd2ab44f88ed6b26ac0ac1214d82300e51 Loading...

	#60 Eval - 791c47a04217b3dc2b32ca61b6c1a396	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash 791c47a04217b3dc2b32ca61b6c1a396 4f102a0520a5bba7ebbdef7b9e80838c6ec024d9 771d836187e386ed4fb8b050c851d71bc7316f466cab3a482cefd3ecfae78103 Loading...

	#61 Eval - 1f44b2de781982412cb8830932b1280b	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash 1f44b2de781982412cb8830932b1280b ccb8d6d2ea757c980751de1afe5a574c52aeb2e5 60822b9bbab4c37184997e4963f0037588be338bc7bb08816abefeafaabecdc1 Loading...

	#62 Eval - 2ecde3e405df4c17165443ba4424f361	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash 2ecde3e405df4c17165443ba4424f361 65b30448bc304863a122a88cb02f0ccff26feb79 9b9f8afcf28535bed3a456a355d7972bb62255ee82a14ba2fff3830894ce31c9 Loading...

	#63 Eval - c4bfc121baa59773de491921730eeaf2	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash c4bfc121baa59773de491921730eeaf2 66d7011db8140a4c90423bc1703f5a62a0309be9 2a1862745ff5ca2179cb94ceddfa80e1cd9f0082759f70192c04ea9026243e77 Loading...

	#64 Eval - a620ce096af5fb54150387492553dfe0	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash a620ce096af5fb54150387492553dfe0 91aee4a8df634e0527ecf1da9e92405b0e9cc59f 1351866bfff332c9211ffaefc84e922fdce42b104e357427220da9ed1dce2c16 Loading...

	#65 Eval - 593b4eb6d478cd2fc22bcc4c8a314710	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash 593b4eb6d478cd2fc22bcc4c8a314710 f83c657cd67ab11bdcf649bfde1f66e5467b6c57 da9ab42d772e097c07fe03d56d4280a04e44ab3d5f49d8f48b8029964244fbb5 Loading...

	#66 Eval - 5fa4521bae0725c704a69d759f5d16c8	1.1 kB	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 16:08:57 Times Seen2 Hash 5fa4521bae0725c704a69d759f5d16c8 42654cef7ab121c91cd3c71344ef34c796c10338 04af16c7863bac965963ad6a4a6906ca83159c387e9d8312c009e69f9ef0816b Loading...

	#67 Eval - ca9afa40035e756ef623fd9089e07cd4	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash ca9afa40035e756ef623fd9089e07cd4 a125ade37a035e3963c10db838e4562377db10ae 1a6c601f70e5722d85b91e185631a04fddb417ef227d6ae0826c4840568fccf1 Loading...

	#68 Eval - a483e03691fa7927ebe370c8ee087917	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash a483e03691fa7927ebe370c8ee087917 10d8f5bb4ae0e80bd335674a7218e12c613b4cc5 6e098daae9ea4b6bd5a74c2aeb9a500f2eab3a896ff4ae4b7cb91ae1355f339e Loading...

	#69 Eval - cd1f7d4cd36a15d9bc674f04da1bd871	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash cd1f7d4cd36a15d9bc674f04da1bd871 6c625e882789258cf8b465b055b0e50f8e5ed316 e964bd217353a2909780a8c4ecd6da115b5350fcc2678abbac77fddb8821f52e Loading...

	#70 Eval - 95d94ee2c0b9f26b78b3a099efe28ef9	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash 95d94ee2c0b9f26b78b3a099efe28ef9 a2b8df570968c4233e1fe79d33f3b46144915423 6cfee46c46e765d79cb57c69a9affbb8e991ba54641e4a2b6e243802ea4d7f79 Loading...

	#71 Eval - 36aeb6f0c893b8f59386115256507329	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 15:53:47 Times Seen1 Hash 36aeb6f0c893b8f59386115256507329 efebe6df49ef9b639adb1eda78adc518e4b56c4d 84e05c85388e38abbbd24651aaee3cbb13fcec02ddcd672ecf7bd5943736ea48 Loading...

	#72 Eval - 947340c7d7e0dbed4fc88ac6257c1828	1.1 kB	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 15:53:47 Last Seen2024-04-25 16:31:02 Times Seen2 Hash 947340c7d7e0dbed4fc88ac6257c1828 21adabec2e3eec5ceb9f7b119015a930abc3da19 c8342f35426884ae87bcb00cf94ce222847e1d5ca6279ea63809cc01530b1c48 Loading...

HTTP Transactions (26)

URL IP Response Size

shortsvelventysjo.shop/C0L

172.67.216.69

403 Forbidden

7.4 kB

URL User Request GET HTTP/1.1
shortsvelventysjo.shop/C0L
IP
172.67.216.69:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (394)
Size
7.4 kB (7425 bytes)
Hash
2b5cfe89bd8407d8ae8814e40d040d76
cc71174a72588301204e7c482d71fc1b815af623
252189be7a8ec5bf4d5b9d238c862aadade80233ab00eea5535fbb41742737e8

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /C0L HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Thu, 25 Apr 2024 13:53:11 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Thu, 25 Apr 2024 13:53:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cEupqpTy9TyJP%2FrWTsb5nWUKdl%2F78SSDJEED%2FpEwgBBmk4P2Q34nNNORqFPtB0M%2Bc7Rq92YXlBfb7ElFIDK8ezXZU2d8OjRnpM5VyW8D7QRq0U0Gjkp2gOl9YzdSgcjLEB5IIx4QuCEa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ed15f7f375690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

shortsvelventysjo.shop/favicon.ico

104.21.16.225

403 Forbidden

5.9 kB

URL GET HTTP/1.1
shortsvelventysjo.shop/favicon.ico
IP
104.21.16.225:80
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L

File type
HTML document, ASCII text, with very long lines (14484), with no line terminators
Size
5.9 kB (5915 bytes)
Hash
6474a7f51b7facbb6e28224eea9139b8
8ef08ee5c0c0241493c42a31a5be9230108721c5
3544045efb3e86df919b0ab480505c6e276736d6448c1be780a9ab444a5c3d2c

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L?__cf_chl_rt_tk=64DAawd0yJBQ2MBTg2EE4uo59mh35Jo__D2QuglnOB0-1714053191-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 13:53:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: omdEADKUm0295r7dWnBFXT6NGYGucbNuWhmcZVvt5jvVUUe6Bt+MHzE8NhmHgIliyDsg1EA0NT/VzAUDyrRirntwGpM8RPb864Rfn2M05JGkqdG6zeVwEdZbYL4M2PevKeTgbHjOImdq7cMVLAgQsQ==$cA3c/XG1ZmHpslc30PDfuQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWjdLORLFHqzbiCBM2wACht5GsL66SIlN%2FgozZ8xFtcyctMunKOySqKuZr5CJz%2FD9Tb%2BQsAJSl77voJ2bXK0WDfJX9mgcKd4qxkv%2BEhWnNVJ%2FYItl5JnoSz4hzWtSOfJkQJjsCpQvtsb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879ed161bc900b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed1603a0456ca

104.21.16.225

112 kB

URL
shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed1603a0456ca
IP
104.21.16.225:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
112 kB (112290 bytes)
Hash
79e8033e56a0da5582f7942c43133d8e
15f7bcfbc9264349920701c00e51f71bbe3954a3
be7e6a2e8c1e9e19d914b75f1909fb258232b364d9e79a5e78d51667ccd361a5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed1603a0456ca HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L?__cf_chl_rt_tk=64DAawd0yJBQ2MBTg2EE4uo59mh35Jo__D2QuglnOB0-1714053191-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 13:53:11 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mt6n26cEO97FnPcGzXpzT0QFeNObsurPIUR0oX3nXL9yN9jZmUYc9QkPPcZyEa9NQ6p4pNNGhZZBD98VazKAkHRv5%2B7oDRVBOx5adAPuf7vbALxAoeKUJ67VBAF9NG4mHrlZGkseUFzU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879ed1611e13b4f3-OSL
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/favicon.ico

104.21.16.225

403 Forbidden

5.9 kB

URL GET HTTP/1.1
shortsvelventysjo.shop/favicon.ico
IP
104.21.16.225:80
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L

File type
HTML document, ASCII text, with very long lines (14398), with no line terminators
Size
5.9 kB (5851 bytes)
Hash
d4d90bdf5ebc68d51a4434075ad16e35
dc3a82447ba0984485a2c0611c2cae52233cb6fd
275cadd727f3064900f1766770801cbaacc364f7f32a2ea4976272dff0dfc756

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 13:53:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: l/irS+kxp4PSRbxamkYCID6kPhv9nNcK5Mefy/far5yekGVs/pCTv6vd5Gy+MuR9wrtVkAuTOQsF8Tvtcan2fyP4pyLpsz2QCiqdnRvmfLV+SPc4Uxy3jWMBatSuI68KHWaYVPIknHGMmlLdX2lCEg==$yrqFuPqhy/Q65elGZEybtQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pFzs9EwEJm4FC7XDcMuaNcbrvzKUiGc6eYVhZNfqbTAYiYExwDrZ7jfHjCGroCFZqJksyoWKVgfkdF2SdGArvZNjcjwOc1wg5rDEq6IbmutX%2FP0%2BrF1r8qz884%2F7VK2Nc%2Bd01sfcv2x"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879ed1625fa2b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1185341848:1714051607:-cmLP6UI7w55214hhOC78iqo-CcBEJ-RSEkjgz4h26E/879ed1603a0456ca/064df46a218f0d3

104.21.16.225

12 kB

URL
shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1185341848:1714051607:-cmLP6UI7w55214hhOC78iqo-CcBEJ-RSEkjgz4h26E/879ed1603a0456ca/064df46a218f0d3
IP
104.21.16.225:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15996), with no line terminators
Size
12 kB (12177 bytes)
Hash
7c27a102850f67e5525353ccbb3c3859
6bf36a727c808f1d9f7811c829dfdf953db71952
afea5333ecdd74ac6d1592280cd85c01b51874e311bac2ba34312ef211ff62a2

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1185341848:1714051607:-cmLP6UI7w55214hhOC78iqo-CcBEJ-RSEkjgz4h26E/879ed1603a0456ca/064df46a218f0d3 HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L
Content-type: application/x-www-form-urlencoded
CF-Challenge: 064df46a218f0d3
Content-Length: 1850
Origin: http://shortsvelventysjo.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 13:53:12 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: Mfj09XWBEP9rx87G7ZF5XEhJV/Jf/Xq70zQ0hZwhsvuip+PqBY7VeSJjjc/lEg28$F0U3msx+I5+FTYnWdwQFRQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UoVx6jkVqJTJzbzvG7sCI48s1E870CMV6zNh1oUvNdnQmgL1ItSL8Rgun9y%2FDhzTMCnPjvoFE8VYospekr%2Bt9ggHSLiv%2BEXLW0XZ9%2Bi8k8msoOwLap2Oqfi0hBGLQJFqP3Q4DreRn7d"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879ed1632c7356b4-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/caal1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:12 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 879ed1646be0b515-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed163fb85b515

104.17.3.184

172 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed163fb85b515
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
172 kB (171821 bytes)
Hash
74bfe139e81900d5fb6867eb5127d2d2
1b47966e82287d2acaf4cadedd08280ffc6a003d
dc84cb059196da9a8fc8f753ddd5b22ff6487c190a3d2a8db17c83d8b392f9af

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed163fb85b515 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/caal1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:12 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879ed1646be6b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/506884785:1714051705:4uBrbixmCc3EqL8VGaqd6L_1nppTBX37YLPxnpVbdsU/879ed163fb85b515/dcbbe4938e417e3

104.17.3.184

24 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/506884785:1714051705:4uBrbixmCc3EqL8VGaqd6L_1nppTBX37YLPxnpVbdsU/879ed163fb85b515/dcbbe4938e417e3
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22536), with no line terminators
Size
24 kB (24247 bytes)
Hash
34788df1d581c5eb3c244a61f6ba9917
7865fbaff67e3a22aaf4ee0dbdc189a56559165a
ef36e0c566d41c7e6abbd176fa654050190985d621875b31bd7ac9d76d771a16

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/506884785:1714051705:4uBrbixmCc3EqL8VGaqd6L_1nppTBX37YLPxnpVbdsU/879ed163fb85b515/dcbbe4938e417e3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/caal1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: dcbbe4938e417e3
Content-Length: 25751
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:14 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: /Ip7rSrBAf7EMvGv1Idiz13UGmobeHouMBH31/ZTJCJDZDmIUTv7TdqMUkW2i/M4$5EVsmak0JqjlPD9ZkajZHg==
vary: accept-encoding
server: cloudflare
cf-ray: 879ed17198ecb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/506884785:1714051705:4uBrbixmCc3EqL8VGaqd6L_1nppTBX37YLPxnpVbdsU/879ed163fb85b515/dcbbe4938e417e3

104.17.3.184

120 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/506884785:1714051705:4uBrbixmCc3EqL8VGaqd6L_1nppTBX37YLPxnpVbdsU/879ed163fb85b515/dcbbe4938e417e3
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
120 kB (120471 bytes)
Hash
2b02e1224bec7a93b1b2ff9c8c10dfe5
fdb8a766cef989544688e56a9416df6941544b7c
f16ed395a61dc833d3d3ede85bf551828dbafe906a81e0af32824029543b11e4

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/506884785:1714051705:4uBrbixmCc3EqL8VGaqd6L_1nppTBX37YLPxnpVbdsU/879ed163fb85b515/dcbbe4938e417e3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/caal1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: dcbbe4938e417e3
Content-Length: 3323
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:12 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: taU3ab3FTq/y6nQC3eaL8ynOuDVFTJi18zp5TzEVGScpz+Lo/Nua0GGhl4EsrkF2RMfwPbNRaZ5r92sUPTQfrp1f+xP5I+ctYNcwTAPwl23gLKM7Om+EoUGjW1P5wo/ExGeOhYoZUEhZrX2MN0qhkZAM5HATMSMxcarb0uDrxekggpSKeFq+VezEoRevxkgQigyeYmm+nz+9yIfV7NltofiMDQzDhJOgCjPyDJ4+kRTM1w+DvTuqZWgWa7QcYbH2kh/MRTRtYEBBhh6edA/JjIMBOVwbtPQrCXuVo3E9WM7cNJ+5Z++YqKowuC/MfQ7UjVyMXcoLRhiD27nseHTUO//lsQGT12/KOfc1hRe4vEvSoQCBMJB8L8yKaic5jN++0irQW5FF8GTg6WGGg3bVQHBX7hD7Rkq4EHjdOWPlfzzjAZmNzgVRC5U/N0vFAXDy3A+5h5mwUBHNWF9riMhaiA==$URjoRHgHzSChVI6naVeoEw==
vary: accept-encoding
server: cloudflare
cf-ray: 879ed1663d64b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed19aee7856b4

104.21.16.225

115 kB

URL
shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed19aee7856b4
IP
104.21.16.225:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
115 kB (114994 bytes)
Hash
f6179b9aae26a55b44817a3c8d1c0b52
c0a2270ffc8edc28175b992e716f7391cc6904fd
c4640ba15a07fb5fd0b28ecf6067f8539adca7957e12758b570b17081062f654

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed19aee7856b4 HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L?__cf_chl_rt_tk=rL5J6ogPYCwN01.gfMBaXdt8_3qSbTfaB6wRwUg66bY-1714053201-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 13:53:21 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4Jje6NmREjOAim%2FL0xDQ%2FihcdpiX1VdtUFgbjoPAaMqpRxgtX6JLXvhWX0SuREX6XHnrUVakCF8fOmJeHgej5l1IE0Ei8xar5JewVjuImy1THxZGDMZREAvBihlOW5UvDgY3NMWRfbS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879ed19b4901b515-OSL
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/favicon.ico

104.21.16.225

403 Forbidden

5.9 kB

URL GET HTTP/1.1
shortsvelventysjo.shop/favicon.ico
IP
104.21.16.225:80
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L

File type
HTML document, ASCII text, with very long lines (14504), with no line terminators
Size
5.9 kB (5943 bytes)
Hash
4d7dec222b8bb1d588953438705c11af
03649f59661f586bcf59cc61f95677f1af285aa7
5ff38fdd805c9e7a5f855da8cf1f564d34d64b613eae8ec6bf19318c2c7a6c2e

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L?__cf_chl_rt_tk=rL5J6ogPYCwN01.gfMBaXdt8_3qSbTfaB6wRwUg66bY-1714053201-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 13:53:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: bovS1S2QaCzCZWHYDGgHGKEX5HHeQOk1tXXd57htHstVDKS1myweBCo5TEPoT8BO7ZHQ2V6Ri7LOQG5rozbtZyO79sB+/reuS4DUzlvZCrxzNCkJZugE2NF8z3FX+pGZgd6Gv+sLo7YiLMcgD0y03g==$3yq/ppOSAbHbmJ+SPOQAsQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvitMsWDPLoCGzo0uMhNZMKMnaiYuDd%2BxK4YI7KbrJwQhzJKAzV%2FoBEcBPamNWprv4J2qcnVF9owuxAQd8dqBIJoZaKglkMF%2BAwxHD0f04ySm%2FwFZU4YxpB460OGRMM0X0leHyA65wZ0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879ed19b8936b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/favicon.ico

104.21.16.225

403 Forbidden

5.9 kB

URL GET HTTP/1.1
shortsvelventysjo.shop/favicon.ico
IP
104.21.16.225:80
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L

File type
HTML document, ASCII text, with very long lines (14420), with no line terminators
Size
5.9 kB (5862 bytes)
Hash
17e887420341beb2415cf82d942fbccb
722e1bbdc9883b3a55a70e01acaa9940cd5e0552
6060a6d92aa8cfb2e15a735ed6ba026d5800054dd43fbd6070bee49acc108029

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 13:53:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 1dyyHZ71+1gbiubQOGGBzvIZixwx4WlrlE67JEhuiUDTq2leBTgJeXOSH4yZu8qpA+69ORhIeq8eg/Fc6Xkqro8U8vY5FlXHUmZXNGnh2oA9VeIBPr7FQAtOb7MPKxbp4AXmpE4jlh2YcY4/0mQW+w==$UkcYdEMlvd00z//ljp3rSQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tzlJIJEhTgD4SlgUBQrkPDQvSrIl%2B60h%2Fm2zgZXgDtM%2BZZaEPnah2XMTUx53T2C%2FTrY1jIYmN3z80JLxml0FEn%2FuN%2BvyTsRA8X4xOZF5vnVN5sRBIO4x9JB4YBsDlWeJ6c%2BaEZ0vMQng"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879ed19bd8a1569f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1723157285:1714051588:6reJTY_nR9DF9gySoX9fbu1iFIhV-uuJJQLBUSu9cqE/879ed19aee7856b4/771ba8e9deebcb0

104.21.16.225

12 kB

URL
shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1723157285:1714051588:6reJTY_nR9DF9gySoX9fbu1iFIhV-uuJJQLBUSu9cqE/879ed19aee7856b4/771ba8e9deebcb0
IP
104.21.16.225:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15980), with no line terminators
Size
12 kB (12153 bytes)
Hash
76b19b663e5a7c3068dd484f8ff90b8a
4c07c3f97bfbf2db4a60f6d13862f80d54d976b3
f41e161849516f3174d3df8da7da42c8318bcebbcc4b3f13a8675c9334c50495

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1723157285:1714051588:6reJTY_nR9DF9gySoX9fbu1iFIhV-uuJJQLBUSu9cqE/879ed19aee7856b4/771ba8e9deebcb0 HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L
Content-type: application/x-www-form-urlencoded
CF-Challenge: 771ba8e9deebcb0
Content-Length: 1859
Origin: http://shortsvelventysjo.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 13:53:21 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 2Z5MfyOh0DCvtwrFgzeIVrwR9sn3HeGnAi+MrNub8cB5356J6vai1IgCjdoPRNMD$o51+5BS3BrI6wZVLKTbiXg==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MgOWQe8RiWvpfsw8JSZHK%2FMCM2PFLfDaPzd9gXCtrbWDyGm1f%2Bnn9Y%2FgUDqjSbuKq7TRkk%2F9zFXGBKHdFUmxHLb1hjKQYxGvpH4EtIC4uFbV%2FQsfUr8ois8TtYPVPsdcc9vHI8Xxht8S"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879ed19c982a56b4-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit

104.17.3.184

200 OK

14 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
14 kB (14326 bytes)
Hash
f94a2211ce789a95a7c67e8c660d63e8
f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b

HTTP Headers

GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://shortsvelventysjo.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ed19be991b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879ed19d7b4eb515/1714053201888/HfqzGgrk9eCtMkg

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879ed19d7b4eb515/1714053201888/HfqzGgrk9eCtMkg
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 16 x 55, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
173dd44d346af197b0c0d5aa9dfb2404
f8f2ff7ad5f082f063cdfe78c38361f1f721c4e7
1776e3c47ca56f5339e8a017514936961a20739bac641b1621075c1f7d81bc78

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/879ed19d7b4eb515/1714053201888/HfqzGgrk9eCtMkg HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/h4iwt/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:22 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879ed1a4aa23b515-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/h4iwt/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.3.184

27 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/h4iwt/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
27 kB (27373 bytes)
Hash
9cf62d49342e97c9a54650aaf7415469
94ecb44aeb9cded83032944e7d54711e09576e5a
f4e5e570a74425b6ff4a9d072cc9ebcac652e7705ab51393942dcb8e7e45160c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/h4iwt/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:21 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
document-policy: js-profiling
cross-origin-embedder-policy: require-corp
referrer-policy: same-origin
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
vary: accept-encoding
server: cloudflare
cf-ray: 879ed19d7b4eb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

shortsvelventysjo.shop/C0L

104.21.16.225

403 Forbidden

5.9 kB

URL User Request GET HTTP/1.1
shortsvelventysjo.shop/C0L
IP
104.21.16.225:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14383), with no line terminators
Size
5.9 kB (5852 bytes)
Hash
248a7e01c310d650f7249c74e8f0304c
55c538b18d4c74667cdc146b30409d7707632965
ecb34a3333272531c759ff3cac89e934f3d1b261d8570cc62b768b878ef60305

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /C0L HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 13:53:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: U4gXBYhOQ/uRCVjZjyx0MvQiZwipJM0yhL4beO7yWYbTnChCpTCVticwTZBb17Gk/lJsYvWbFB9jXp/GAtHQIT+nt6li4J+n6dMu3wuC1TUkyVmugoBE2oQekIiYGVwNy2stbKT9XrZ/aZ0QAN8Qsw==$camYNz+CGgp5U+1PVbYJVA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AvrpDiwYyfYLHc0HwC%2FYJq3LrFo58JaflcT2bpt3F5o7HIBYr0FyZk87f0r89pVPMKUIenF5dpf2XeypmUgntpVEIYZWWtLRLqnKK9eK0hIwLMCAxYFwJeUjpyl5l3wHFg5%2B8eizEOne"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879ed1d868b656b4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed1d868b656b4

104.21.16.225

200 OK

113 kB

URL GET HTTP/1.1
shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed1d868b656b4
IP
104.21.16.225:80
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
113 kB (113341 bytes)
Hash
b34ec93f2d6448d663e0556acedb7745
6f83abd4e376fc08b2952039481a6e3639f68bb4
92abb9528436182d549e2ea963d79604b9a5c8b642821a188bc4d86705d610dd

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879ed1d868b656b4 HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L?__cf_chl_rt_tk=KylSBZLIreS8EOZRvwMKcBaGwXle4ejMIG.VHPYnQpI-1714053210-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 13:53:31 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q7EeH3gk2oNbbXnOiD1IA7xZHYBjqCE5n9dvSPbOe%2FH8BpCmdXxic2KYyMKbI6bqrR4d0NwieMrs4LSu3r7Wdx2mhGcf%2BbzcDmltNDk7dcNU8fyViLlfTh8oxOOBpa%2BDjpMEWJoMGjoM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879ed1d8de560b45-OSL
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/favicon.ico

104.21.16.225

403 Forbidden

5.9 kB

URL GET HTTP/1.1
shortsvelventysjo.shop/favicon.ico
IP
104.21.16.225:80
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L

File type
HTML document, ASCII text, with very long lines (14505), with no line terminators
Size
5.9 kB (5936 bytes)
Hash
0aa319a3ee68978b82d4db2db43a7e80
b5d8c419f8bbf0bbc34c095de3dca96296eb3a2f
074ebc973672b6fbc5de2f97270bad5588f1635b3acd2054300084c4fb3e8244

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L?__cf_chl_rt_tk=KylSBZLIreS8EOZRvwMKcBaGwXle4ejMIG.VHPYnQpI-1714053210-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 13:53:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: nQEoQ3mG06XG4dSJtm0gnAVTzKwsLczfRxoljzQ37G+1C4Ks7DQDQBqjLZIOcGCEBhRitURHBYx+pSdC7uoqH1xpnieRYTSk6Ad/mF04W1lMgBnsH6+lLJ8HA+0HjDX0mlz8yFhUqB44I7L4T8SQFQ==$npqS4aut44WvNQXGRhuOPA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YpnQXDXq7RMc63DSKowJqVAmml%2B3dDOyYU9Bh4cz4NAXj8R1HL9z9Y6ezswXYP%2Fz05gVWgJAi%2Bh5ZI7JugLGNRsRj885cxEpTVQvVdrt8SnBBTIkR2gmw%2BMSHk0EwL%2F5Tqnt4NLjZMCD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879ed1d92ea10b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/favicon.ico

104.21.16.225

403 Forbidden

5.9 kB

URL GET HTTP/1.1
shortsvelventysjo.shop/favicon.ico
IP
104.21.16.225:80
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L

File type
HTML document, ASCII text, with very long lines (14420), with no line terminators
Size
5.9 kB (5868 bytes)
Hash
4eeb67b2d923066c887d16c1ad1d15d2
1640628fa9a55d7b53e9a7feed0da5346a77ab15
b18429631bbad7d3dd9b7c03868fdd03f2adc0cdfd5411de105717f476849c77

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 25 Apr 2024 13:53:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: PuYoc7zRTnPMPFKBJmd1KIpi+vJSHQmgqX6Q/HhJUovR+V0y5GxBnkycxMHNnq/Kd50kpWRkX/IeOzsxMvUPSNsi8YMQpdR/H1hREf5RNRShzm8ybvZ6NWWLnNqdIfhwpr+Mk7AxaiAcP7phxuP5iw==$LjdoADaUy9yX0IeEuN1v8g==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FL%2B8WZ0o5QGAHH5hb5GradqI8D5RFTWGMGMihcaF1xcuNs7f037%2Bn5J3IcGPuNaEgtYFyOtPfJMFSrDQJeKhILUNY2A5%2BZP0v3ExWU8F6NmvYN%2FYgKsG%2BI3Y925Nvf%2BCJoeasycRJTii"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879ed1d98b7db517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/6821686:1714051537:lrg5UDYgcRlMqrXdG2E4WjpMC_0QSU6VeJ5Z8OdtXhQ/879ed1d868b656b4/373a8c7344593f3

104.21.16.225

200 OK

12 kB

URL POST HTTP/1.1
shortsvelventysjo.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/6821686:1714051537:lrg5UDYgcRlMqrXdG2E4WjpMC_0QSU6VeJ5Z8OdtXhQ/879ed1d868b656b4/373a8c7344593f3
IP
104.21.16.225:80
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L

File type
ASCII text, with very long lines (15996), with no line terminators
Size
12 kB (12171 bytes)
Hash
202ba0d9511ed4b2d75f6ff0c0cc2e8c
4a27b0705b903180c07d7457170bd7c77c26c009
83d339ef33cbf9aaba3105bc78b7013bb3f14b33719b6c0014b2f67093cfca97

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/6821686:1714051537:lrg5UDYgcRlMqrXdG2E4WjpMC_0QSU6VeJ5Z8OdtXhQ/879ed1d868b656b4/373a8c7344593f3 HTTP/1.1
Host: shortsvelventysjo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shortsvelventysjo.shop/C0L
Content-type: application/x-www-form-urlencoded
CF-Challenge: 373a8c7344593f3
Content-Length: 1842
Origin: http://shortsvelventysjo.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 13:53:31 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: FUPqLMAkolX2ZWUcbUIo4pUguETGyYNOkFbqKswL4N1kX5pVbqhWNvC77Btgfixq$WGeBxerc/EhQB8gQxCVecA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z3HyNsPhDEDLsZjkQs4Gq%2FuM%2Fhq5TRhP%2Fzb1ALozlLZl%2FsLOE4E7ZJ8RdUmfH2HZv%2BehN2MIRzXfyoBC%2BHey5DESrts8jf%2BWZN%2F0rokXd7Q9%2BKbQwhh1DZMlr2neNIrA7%2FtNfs3ZNXB4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879ed1da4e8a568d-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed19d7b4eb515

104.17.3.184

171 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed19d7b4eb515
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
171 kB (170731 bytes)
Hash
4ef77921a04be1a7aee3d14ad8eb6c59
8b7da516c960e5126278092debe124c58796a8a3
a3e767481ff0c739edfc6c0518371aeb1b1774836c93f43443e2ddfe1ce1ea19

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed19d7b4eb515 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/h4iwt/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:21 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879ed19dfbb3b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879ed1db0c9cb515/1714053211767/DYdrd7HBwcTM9NQ

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879ed1db0c9cb515/1714053211767/DYdrd7HBwcTM9NQ
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 48 x 51, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
886d563959830d9b54e29f75452d268a
2beca2d61019a40fc5104a796a1b38852c2e4b89
53972cdeb27f421b92aa87d8fab42fb48544e342012aced2c552c22926ce87a2

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/879ed1db0c9cb515/1714053211767/DYdrd7HBwcTM9NQ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:32 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879ed1e049c0b515-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1756319924:1714051777:2UrIHZV4MbBaFpNdOTREeKTKYEa2b1kx4bSYGvdfJtY/879ed1db0c9cb515/73c1789a7db8966

104.17.3.184

200 OK

120 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1756319924:1714051777:2UrIHZV4MbBaFpNdOTREeKTKYEa2b1kx4bSYGvdfJtY/879ed1db0c9cb515/73c1789a7db8966
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
120 kB (120160 bytes)
Hash
3262c679cf89c4bdb1fc4dcb6efecad0
137993fce9350cb3224263ae1489dae75ff80f7b
912c187efa88d9655b8e1faf9c9b7fd0ec7fc99547c7c478c795823fdb4c46e8

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1756319924:1714051777:2UrIHZV4MbBaFpNdOTREeKTKYEa2b1kx4bSYGvdfJtY/879ed1db0c9cb515/73c1789a7db8966 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 73c1789a7db8966
Content-Length: 3325
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:31 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: a5lCQqAVTZoLGbD3kZf6ga250YhtoCvPI7ptv4xY4IO7lO0wfac7nUCyaSI2zxTBektlMOHDuBsfD2K0W6+ypVfRjVoqee0t5p4ZOkTuXMpr+5Prs3xpd2t7o4Y7WxhJgRfWl9wZKp2Ms/21I/3Vbb/YFy4/KYfF6wZht80AGDPzq1l5WSipRPDX7jcZG/J3IZY3Gfu9kWFXY8OpTxE7prztyKyCLff66+vO00c7iu9RQ23jOI+jd+PxbV2lUtGWxwukBYhUq/9skv4xYTRwJERVlv4LR4OGsZpSPY6EkIPe0h6JOZ3SIW7D/H9ToFjcc3GAsa6tc9/AZuA8NYmMhZa2fDt2Qq9u+dANJWDrKXoPdM2s0kBwotdIPtFuVgg0oXO25huKcEAnStXSgYYB0xVSciRjf7hKwZiH3cACTGoFLatjipzEYR/+s8bTYSXDhyRn6Vvru3tiTCtPKj4oS5IVDrI1YdvUYKl1qnUgOHPnk9yX2Rf3TM8W/1AMZ8F+mesEiis8UJMZtGaFVVfyaw==$n7kLxOkhGke+0rrnZEdGCQ==
vary: accept-encoding
server: cloudflare
cf-ray: 879ed1dd7f36b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.3.184

200 OK

80 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://shortsvelventysjo.shop/C0L
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
80 kB (79950 bytes)
Hash
f2824eb4ae0a22db5a8dae793d2ac45a
89ef97c8e65d43984a7b967dbbf5dcae8c54ff8b
d4ca6a18bfa2641fe91b84e793eca22ec46e7ca4960dcf1e01304c92c034e6f2

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:31 GMT
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 879ed1db0c9cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed1db0c9cb515

104.17.3.184

200 OK

428 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed1db0c9cb515
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
428 kB (428326 bytes)
Hash
21dd54cb199f1ec142655d7c64ba361a
04a1f17cd0cad44bd52c2a2cb3a00312ff179dee
251152b571947af5a26cf0777305a9781aef1400b1e5cc2003c4930ae2bc655f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879ed1db0c9cb515 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bj2fd/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:53:31 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879ed1dbad5eb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (77)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations