Report - demonstationfukewko.shop/api%25

Report Overview

Submitted URL
demonstationfukewko.shop/api%25
IP
104.21.33.174
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 23:35:05
Access
public
Website Title
Ошибка
Final URL
demonstationfukewko.shop/api%25
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
72

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
demonstationfukewko.shop	unknown	2024-04-12	2024-04-13	2024-04-14	5.7 kB	193 kB	104.21.33.174
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-26	3.3 kB	162 kB	104.17.3.184
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-26	455 B	32 kB	151.101.2.137
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-26	911 B	23 kB	151.101.1.229
unpkg.com	11693	2016-01-06	2016-01-08	2024-04-26	2.3 kB	400 kB	104.17.248.203

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed
2024-04-26	medium	demonstationfukewko.shop	Sinkholed

ThreatFox

Scan Date	Severity	Indicator	Alert
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer
2024-04-20	medium	demonstationfukewko.shop	Lumma Stealer

JavaScript (34)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-07
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-07 18:35:19 Times Seen267450 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/js/tom-select.complete.min.js	51 kB	2024-03-03	2024-05-05
Pretty URL cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/js/tom-select.complete.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-03 17:02:32 Last Seen2024-05-05 15:17:47 Times Seen32 Hash cb0a959ac3d7a23dd8271f8438671211 8bc8a58a48d6f529e6b58e235b47d92dc61a0e2d 28d785eb15b9a3fb56d6869ee57952e0908d003a0cf911eaae7a14a8bea9bc76 Loading...

	unpkg.com/@tabler/core@1.0.0-beta10/dist/js/tabler.min.js	143 kB	2023-04-05	2024-05-05
Pretty URL unpkg.com/@tabler/core@1.0.0-beta10/dist/js/tabler.min.js IP 104.17.248.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 11:01:39 Last Seen2024-05-05 15:17:46 Times Seen101 Hash 6b8c7ed1789f82fae27c6d0ea68eb5a9 2c7919d960617e0afe6cf9611e26fec4303d85fa 71f241ae336a94269629238402a78d26fdf16cb78911f9dab2e43753f94bdca8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6e11561bcd001fdc13d96db5fc465c50	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 6e11561bcd001fdc13d96db5fc465c50 0d7c2a94d4bce264f28756e2dc56ef28debf34fe 19e49757667c1e0d7da4cd95859def27bf7641fe83ce7ad135bdda8c73939df5 Loading...

	#2 Eval - da287d6d7a1e0fe91c87341aa27ea018	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash da287d6d7a1e0fe91c87341aa27ea018 78bfa9dac7f37ea454fa26c53e4cfb5a1f91e527 3bf9aa87ad4e1850bcf7568e3bd9610b78b57c5502b1d9c54f24057479fe34b6 Loading...

	#3 Eval - 1e523c1459bba1c0fb73ec7c11de780b	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 1e523c1459bba1c0fb73ec7c11de780b 5a2cac0f6c26bb92cc71bf79b9b40e4da3eb084c 89aeb04beaf92d7bf2ce7622fc57914643bc89913cb1721f9fc395f85351d7bb Loading...

	#4 Eval - 424036291e820ce9eebd23bfcea3fb4d	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 424036291e820ce9eebd23bfcea3fb4d 4d62cbda17eaf7d9c7cfdab13a9ed525e3e30fdc fac7f171f03fff3ad6fc4fd805cee03265e273a426c15f05a3a52dcc689d9b77 Loading...

	#5 Eval - 43c81e43a6e7d9140033055ff3e04983	62 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:51 Last Seen2024-04-29 16:17:50 Times Seen2736 Hash 43c81e43a6e7d9140033055ff3e04983 b0eca03913678cb38c488c7c79cc4f9d2755ea17 3f7ef931c657c4333a401c40e8b0b8d1ff3b164542af45e14242314c0ec39f34 Loading...

	#6 Eval - ba98feb4252f66c8533a9a4050732cc1	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash ba98feb4252f66c8533a9a4050732cc1 fb0d32791889a66628ef4cfc2012f3d3de7cd5f4 a9a7f76d499b2bba5cf3b5d8718e52f781c7c42a1f842935c330423d983aca38 Loading...

	#7 Eval - 90412fa442192b4a4008c4046658181f	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 90412fa442192b4a4008c4046658181f dccd370ee4ea964f7591e49c4504771fe14672e9 98e8473f4f3ec178233223ab3531f518741484ad8cd65a904511bbe82371f6b0 Loading...

	#8 Eval - b23157d45bb6d76b8d385ad813694d27	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash b23157d45bb6d76b8d385ad813694d27 461f44200e9b0144e8b587aa0893c7956b48f25d 7d377c235280406fdb98eead262b993b91f1b8df5418d54ad25fb0d453f5425a Loading...

	#9 Eval - c94e29526ce56cbcf1676dd6a397c136	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash c94e29526ce56cbcf1676dd6a397c136 b30480c05d78492a0fa96d48457c032d6c140c37 1e3324de9eb37e9dc4c8347adc72358dd0bf3e43eddffd9f0fa1feb7f2cadfb0 Loading...

	#10 Eval - 763e0952b55468904b0baa53a34bf071	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 763e0952b55468904b0baa53a34bf071 f98ffbc71e24eb849401b1023fc7322bd998eea4 928c91f37c69df240051e9a5633c1fbfa604fe308071481a045b139a5ff5bd10 Loading...

	#11 Eval - aece84dab0d358cd9d56b2459d20e247	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash aece84dab0d358cd9d56b2459d20e247 e1c886cba15469acd350154aaa7df857a5bb6b35 a495fe523a3d761dda6064ddaa656fd260cefce3e1399349a52172ae0bd5f960 Loading...

	#12 Eval - 47b5170e8a048d3ce9bacbb14c3dd377	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 47b5170e8a048d3ce9bacbb14c3dd377 20648b76f493d9640c4d552a73088064c8d84419 7c14ba78766c019ba74263abe5bdea1cd0511492207ef7ba646c990ad3b53efb Loading...

	#13 Eval - 2f6cc3d2a2bf9557c7719a5cbb19f71c	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 2f6cc3d2a2bf9557c7719a5cbb19f71c f174186d852824cde75df952ba21815d055ad5bf af871b2c9a16a57d919091a8a6b3322a0f0f249b9b116ce10af111a4ab869397 Loading...

	#14 Eval - bc5ec4f254b1c334d9caf9e0c29eb4a8	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash bc5ec4f254b1c334d9caf9e0c29eb4a8 5989b49af9a3f42bcc34759ed845149ef5a5a5c4 4258abcdc90af090d9f01afc30f6a0afb8f590249584fcb501a18fcfacc3a52d Loading...

	#15 Eval - cc61d8c56a002bfe172840e215b6472b	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash cc61d8c56a002bfe172840e215b6472b 800414e4b02e7f2bfd2afc07fb4d07f038106f9e 74853e8b6ef6da733ba7365c45aeabd410ea1e692f71197c025de31db742a279 Loading...

	#16 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-07
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-07 18:10:43 Times Seen351664 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#17 Eval - 4ec368ecd0560e703a39ec1a4406d016	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 4ec368ecd0560e703a39ec1a4406d016 2fb974489a2275588bca58f0a3d26ce476a32f34 86a5bdcc73aad318cb62efe585e6469004e9ab485c23d57d779e9446dc51cd47 Loading...

	#18 Eval - 0669cc9f731a7a547b98b366cb93ee90	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 0669cc9f731a7a547b98b366cb93ee90 ffcd60c92b9c5577bf96f2be80256b89f538b14b 437a929d4f9373b04a93136b14d783a2e1166444577beadadc3be88e96d16ff5 Loading...

	#19 Eval - 887adb1b8c6e265e383a1cfec47c8456	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 887adb1b8c6e265e383a1cfec47c8456 c51570cf361cb5379adbc2243c882f6ba2c63c75 9ce587457852b6bc24cb7fc83feac32dd9ec65e28a1620aeb4ecd31f48f29d79 Loading...

	#20 Eval - f0a15a5fe85f0009c2a58b23e7eba2ff	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash f0a15a5fe85f0009c2a58b23e7eba2ff ba4ead1812637b65277110f19f456c56cdb1c6e4 5991885ea23f4b4227151c8adb79c20604acb6b59bc48ad069fb5dbc5160b782 Loading...

	#21 Eval - 0feaf4e7e44a998d7a6a768ec523a2b7	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 0feaf4e7e44a998d7a6a768ec523a2b7 e1b4b4f732bc3983ba409f722392fcb5d9eed4f9 7203ffaa85e04a063aac8e9ef7aa6a41147a801300fab94ca277831a1f44897b Loading...

	#22 Eval - 0d97cc646634c4c9c8b095fcd2f81683	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 0d97cc646634c4c9c8b095fcd2f81683 01748b4fe2390c8591455b49d58b6dcb0fe1c07e 6f25af49b5c1fb65f3058421a542341455a047ddae234e6ebcdf8cdda7eaa5eb Loading...

	#23 Eval - f102b47896b742c9c1364777d5f7d864	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash f102b47896b742c9c1364777d5f7d864 5ab8acce91e1e8e66a162c1435b9df05b40f8ed5 742c28fce0189d018adeeb795911fe064ef9824a5345035668a5f40d45d5a806 Loading...

	#24 Eval - b68561ac8ee4132a932506bf4f21dfcb	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash b68561ac8ee4132a932506bf4f21dfcb e17c3539b87ce6342fee7647f9b0a09210ad29c5 a4dcbc838de124b04cdc46141ad169c26a0c912beefa64c09cdf8b38e8d6bc32 Loading...

	#25 Eval - 2c7982ff00cd6e404468f8b07b271859	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 2c7982ff00cd6e404468f8b07b271859 2c4a2126315111e82908e28654b605ca34c07d57 5fc7ffdc6e66151cf3c26f6074d36bb5bf1b30a727559d06d5716563fb0459dd Loading...

	#26 Eval - f9caf0b7ab1b11c0e5a10c58fb2e6529	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash f9caf0b7ab1b11c0e5a10c58fb2e6529 d38364f0c18c737895a88a0e2a1dc0572d56253e 787d78d2ca11d92f3ac941d6f16874a1077718b4244c71779bc198ac8406166b Loading...

	#27 Eval - d6540536c355b8b993b46d5a66087bf9	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash d6540536c355b8b993b46d5a66087bf9 1383637c516ce4f7812dbea52799ceeb6ff57566 435bcb4e3d64554d80ba6cb555c75ea704bf4982689a69f11497ab0b440cf39a Loading...

	#28 Eval - 74cc6871a36ffd010d9aa4e7004a2d55	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:06 Last Seen2024-04-27 01:35:06 Times Seen1 Hash 74cc6871a36ffd010d9aa4e7004a2d55 d381624593058dd218763c90549d490ddba22f8a 513b3c2f0d0f3f6330f4255f8cab2587303ea1c5de4aa1105d19f3bec97c9275 Loading...

	#29 Eval - 2331773ba9a3732e21238ee3e409ee89	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:07 Last Seen2024-04-27 01:35:07 Times Seen1 Hash 2331773ba9a3732e21238ee3e409ee89 e3454d409a2978a86cf2884e6b2f0a15efcdb420 354520925dd7cf48b6f7acf5a2b40839d66ecd3fb1da7596c93d7664c65f336a Loading...

	#30 Eval - a19ded40d0ac36167f0eb573011a6db9	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:07 Last Seen2024-04-27 01:35:07 Times Seen1 Hash a19ded40d0ac36167f0eb573011a6db9 9bbae06e885908748039f35acd5af1d6427629d1 4d178f2dd85c1523ee88104be9e15d9aa3f5df183ade4ba2abf21d10f3f21fc8 Loading...

	#31 Eval - 9d2ed10edc193db8c4ec7eedbc9ead69	28 B	2024-04-27	2024-04-27
Pretty Observations First Seen2024-04-27 01:35:07 Last Seen2024-04-27 01:35:07 Times Seen1 Hash 9d2ed10edc193db8c4ec7eedbc9ead69 9f41d36ebf9c27cebe4a5e89da38a32c62df0290 780373fa71f34852c26ff913d8ca3e14b19bdc7db76eb5c7f1f88349c914edcf Loading...

HTTP Transactions (25)

URL IP Response Size

demonstationfukewko.shop/api%25

104.21.33.174

200 OK

5.9 kB

URL User Request POST HTTP/1.1
demonstationfukewko.shop/api%25
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14403), with no line terminators
Size
5.9 kB (5870 bytes)
Hash
a818b8f03661f6f36d96678ced76fe7b
497d07881fc36152e7c81a7a500e5e266d4178be
bce2f55954d0c0e386a4ea261064745dfe45a92e3ef04e2fbcd3420f5796fe23

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api%25 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: CopMYg5II3DIYvVADiMkcHgectMvLuS8TZg6gQOEH/gxuqO9YUiJXaboFpk5rO1uKrEPwB9zdEhCl34v+VUggeCBJeBrtlsMjWSAmymkqS8NQVg/KZvnOBYaitBnWUa8Mh3XxPNUxnEWkgJZqlBDRA==$jEgq0tvS26kYMFXQyWG/0Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itizyvRpQpgUXmd9nGlrisVcJfpsxMEy889tkxjJOvSk6EnixMwDtU1yZfU5%2B3s2tENsoyo3bkECasFTkRsPd%2Bo9jIchQ6%2F5NKdrEL835f6VvDuYlR06G%2B4V9MsqvwUqS9y4Ku1XDzi8eIM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa6282dc971bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87aa6282dc971bfa

104.21.33.174

112 kB

URL
demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87aa6282dc971bfa
IP
104.21.33.174:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
112 kB (111627 bytes)
Hash
d0d57d7ca3491499e1f14f637d4e6283
bcb0d2f1b3649560e6af022edb423d5264037b5d
58dc91c85b200e771b384fad00e936cfcbfc8a210887d99920ce74e57532b576

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87aa6282dc971bfa HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25?__cf_chl_rt_tk=muHkKYfZ6dB5PfG2RlWd.VaY2__1D.1fvxtnYZ2.T2M-1714174479-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:34:40 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgqDE34PcpBZ8KSf%2BHgpsbOQopx32djBjC%2FArg4ixP2BA4cJOPx3Tslg3G%2FbGvMlJVWnyuaV50jHiPBKcpHg%2F8m8qw27ejPPPlcpP81FRFDJyyvSNxHDZUO1a8NrpW9FufhFLDZuVy9Mfe8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa62844c5e569c-OSL
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/favicon.ico

104.21.33.174

403 Forbidden

5.9 kB

URL GET HTTP/1.1
demonstationfukewko.shop/favicon.ico
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25

File type
HTML document, ASCII text, with very long lines (14511), with no line terminators
Size
5.9 kB (5943 bytes)
Hash
26102aef4d8e4cf0907d642003ef30a9
891de8e75931cdf041983ed48d2113d4b59b672e
0e1cd69ea58e327652d37f5824eba837b1d1c4177ab235fc1911c92c5c319b1a

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25?__cf_chl_rt_tk=muHkKYfZ6dB5PfG2RlWd.VaY2__1D.1fvxtnYZ2.T2M-1714174479-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: VS6SREE3BT+Zw1sQJSrXHEC/ZY2f3JaRbjGTpe4zznaU+vyZmIaYjAFDC16ohTP8RbhW3XNIIzB/A4LrSz+93n4jRvEzVTxbqC/MEgPnQYhCxAZdzdT2AfGlWmGkWCHKm7rcWOZIaAjT07SPshdViw==$cl/Li4JL+wES5bHOijR5xA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxME5i%2FdV3QG%2F2BRWPuAodUpgNV7%2FU1gh2%2Fntpw%2FCfNBmIau39rXrgp8amBvt4QnwYL8j7JFeb4qVjJToOCRuWh%2FvU8daF6ANPkbvt8YijKilU70Om09MHPkjYIBxPawzK0NU9ax8c3qvgg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa6284bc83569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/favicon.ico

104.21.33.174

403 Forbidden

5.9 kB

URL GET HTTP/1.1
demonstationfukewko.shop/favicon.ico
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25

File type
HTML document, ASCII text, with very long lines (14425), with no line terminators
Size
5.9 kB (5871 bytes)
Hash
c97da0237052fed5fb84a78391d6be73
dde6cd06168f45cf3a7d9ac1d5cb817c9f0599ee
5777a131bce29196616871869c05467685298bb0a2517b31f4f513a05726f714

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Sgzg282z6xz+cwaCRH0Kye3gPztTENV4xzyjE2AeCNteFKHfflcoF0rq82uwohruV7vdy9gnha+puxfs7ehN8CIgQdFX34km2kt1ccSKiGramZax5RLycNWdtrNM1RuLrBY5ddPOUpIeTFfmM9Rpdg==$iSB6KmFk4ya90uUN6JEm4Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zeQUrQDFIJ3iRliaP5qH0jukczFWlSTyTKqqNHVNR07fkzsD8l3DRx7yfDivgBWTKmnHDDD95oCVmFNJDcgx7Yh9nMd1Tal780NkR%2BfThgdTOaYI5bjhGWSbHSrpjgdlZZKOxS9%2F3ZqS6GE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62852e51b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73

104.21.33.174

12 kB

URL
demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73
IP
104.21.33.174:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15980), with no line terminators
Size
12 kB (12161 bytes)
Hash
19efb9975ff52a08b779d8104ed2cdde
8d444765fc2946d47d1b51cc464307c97c316920
767738d690f42116b6d6ce60b960e7cdf61b84be996ecfde93c80ccefac60b65

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25
Content-type: application/x-www-form-urlencoded
CF-Challenge: 11ad4cf04fd8b73
Content-Length: 1874
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:34:40 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: RoBNS3ja7086JbQWGuRvnqxCQPwYB4GvadwIP+iMeHBv1hAsSgVKYGz+L6330/C+$ZHgfmTrNfbtMc7Jy/hidBA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWrd%2BSopS62oJ1bZIP8HiOcDM3iblP5R07nlvHjo2I46yPMf1o7wKE5EhTMj9JQMVWSFnK59qBRrGzDJf4v0DEGKrEDqx0269rtNVS6wFWG67%2FGL1aEmkkFmCOLhdsxepAHm2nNe3yn6sQ8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa6285df4156cc-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x9eeh/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:34:40 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87aa62876bc5568f-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit

104.17.3.184

15 kB

URL
challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
15 kB (14771 bytes)
Hash
f94a2211ce789a95a7c67e8c660d63e8
f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b

HTTP Headers

GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:40 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa62854eb8568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367

104.17.3.184

133 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
133 kB (133174 bytes)
Hash
4eca7d611cec7f9588cef329ac632c2e
b50b879c240bcb8c8a71f7c58af3c333d92fe509
5101aaad1e1594a6c75ceb620460bc91a282d582f42fda3ac01fbba9c7202ef6

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x9eeh/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: da1950f45bba367
Content-Length: 3295
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:34:40 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: n6zVtK4G8fYKx8v6+9KQTj+v59zjQWN3gqIdey1la5z2pGBBSMEQ/t6JFHg2Wl4JGlwiqkwknoZDP4UaExFUXCb5SDK39wRDy50Nth2VKCSRG0imnDrXsar4WPuwoNWwdexGgh9ADkbLPW1Pu4CehTEAFOS/j4saCayxFppy9kQIgaEcm2G/KaNuTnN2+pCJzsLIvRlXL3H5ZQPy2dPDjsAEueT18cTFPWh+UKxG/KAg4h078o6z2FtYaj97JQt32GxLaKUcHAK5UsOBj2qrXC0pzGzMjx3cSKW42y0nhO1xv1UEHuICxfUq+jGrti5P4EuuPwuLpzqiSlVt735j1os8m97CioX3eiEXsbhigVbTf6d5rIx6ofTu3Bomic6AzcVJ7l+dqSm25G26iDXBhL1OtHFB5YunVa2NdTOp996Z+bOYkB8V1VFUgHCDYPg48BPf53o/641W5mzHZNJa6fBQd7gC8gm2P09421n66iv1irhkm3yHp5fOiBgE8SVD$l4F53qS8yxoYldOAP5ZD+A==
vary: accept-encoding
server: cloudflare
cf-ray: 87aa62895cf1568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87aa62868b3b568f/1714174480868/CZD9KAltfpGsyuZ

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87aa62868b3b568f/1714174480868/CZD9KAltfpGsyuZ
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 75 x 22, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
f847fa7193d2660c9744ef7e2668c841
609217fcca0682d09339b3b245ff5fe7c2d0db6f
283fc2bf8396237a013ad78641ae0dcab08b661edde470f5c6a52b5eff7baea1

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/87aa62868b3b568f/1714174480868/CZD9KAltfpGsyuZ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x9eeh/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:34:43 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87aa629ac84b568f-OSL
alt-svc: h3=":443"; ma=86400

demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73

104.21.33.174

2.5 kB

URL
demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73
IP
104.21.33.174:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3244), with no line terminators
Size
2.5 kB (2494 bytes)
Hash
34882e747f0adaaf06b049278d852b2a
7f4b736d826cdac476983ab7e9f85a0c28bc8087
0d8c0e063376078a96af2535e92035c34d45efea3ea9f5e855073d5cc2784b51

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25
Content-type: application/x-www-form-urlencoded
CF-Challenge: 11ad4cf04fd8b73
Content-Length: 3348
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: pI7LKfv/SrcukUIWb1zw6R1lOx8v7935iu5Q/1+V0FXVu7vKy+iV9Qw3xNKt4QYZyrvr8rxeMae425vGkggzF9QrXuDXWFz5wndmdJ8wQfgcOYi+qsZThTlRrQ3v/g5y$Bc5NQZcmycnoiHePa7++9w==
set-cookie: cf_chl_rc_i=;Expires=Thu, 25 Apr 2024 23:34:49 GMT;SameSite=Strict
cf-chl-out-s: Jpy5K/I4aa8kOmIvW1El0z+9jDyqR+BZ2lF4pnKtqfR9MciT3ipjbxq9JFotmLMG/QyeagaxIAIWWTDP9DbRYhAiW+xc/6mbwdp1qDFt4rhbgtr+HBeOrmph2cyLlbJLMFlSZ7V2KEzkuADOQhGB/QH4kz3bBrHRvsUei4lmAaFCd9JkOjcU7GIN8uX8w1hKLSDcVZUKKjsyKyKv8PrA6uGoA3GuYa949nyybmrlaCO8ccmGekGuaS24OzV5KMP2rAaEj7NgWNzX7YZZf9OeHmpbH43b/yKZFv2bneSbvRYTLv/qvbmCzvmeUs0LAKbgQGJv6yi5X275lyBTfTtAtPlvcjGUAolSdg+SNd43coGj7AMa4FkeJ9ujD3JSeSTLedbxxeTv7lbgzAkXZgF3zkdZNXctR9n4YPaPpNDQpuxN4xmywgR4jehuLls5+wsSw42FRKxsT45f0haJ+zfo7g==$UwNOgF26WCgGMUkbcmmq+w==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nyAlW0cEjEsd6S36rjl%2BFEzud%2FmR9OdnXdl5E%2BmwGlFny1qm7NCozQHxztid4QZsAcYaaEl3vOb3crOhn1ksN3XQaw5O8k52tx3zFccPmKZpFmzz%2BqZLoVhkX51ZVCShMYTwnJ5veHpteIs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa62bd2efa56cc-OSL
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/api%25

104.21.33.174

200 OK

1.0 kB

URL User Request POST HTTP/1.1
demonstationfukewko.shop/api%25
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (416), with CRLF, LF line terminators
Size
1.0 kB (1018 bytes)
Hash
7918a2bcb5972fb9180547ebfa69bdf0
e903f27fd09e492fd214f1cfc73bea1f6a262c90
797e5cddce578311bdfbc496be17620fb8630210396c8839a3385c8512194450

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api%25 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25?__cf_chl_tk=muHkKYfZ6dB5PfG2RlWd.VaY2__1D.1fvxtnYZ2.T2M-1714174479-0.0.1.1-1301
Content-Type: application/x-www-form-urlencoded
Content-Length: 2480
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=FbCYRjm90yfNoHH2b6Zv0qrFLNO0wdjk0vdteKmrR4s-1714174479-1.0.1.1-jcNlcwYBGpN8xhixJoEOLROBptvrFvvssBr5SuHUYm_x3XwYnu9cJNBne0RBbdH.S2LmuN2lsRngBct0PNlsng; path=/; expires=Sat, 26-Apr-25 23:34:49 GMT; domain=.demonstationfukewko.shop; HttpOnly; SameSite=None
PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg; expires=Tue, 20-Aug-2024 17:21:28 GMT; Max-Age=9999999; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FsL182pXjKwHojUnVzwSCkJacbRDMW%2By8d32gBJVpaI%2B8Q80CMP7sIga54nXw06ylEFCw3f0lAa0W7Tr1Tmuk49JjlKcqVefw3JcUSKbGklGtEQQiaJCDv9ZagXgR6DrkIrrpsZ4%2FuKuJk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa62be1f6556cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/core/panel/icons/tabler-icons.min.css

104.21.33.174

403 Forbidden

6.0 kB

URL GET HTTP/1.1
demonstationfukewko.shop/core/panel/icons/tabler-icons.min.css
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25

File type
HTML document, ASCII text, with very long lines (14651), with no line terminators
Size
6.0 kB (6008 bytes)
Hash
49120baac906288d6f3d8c21a85fb2e5
d37c1a8b5260bde37531a7b0081ed4fc7cd6c9eb
a4fd695a872bd58b2dd44ef3bc0509e86f6c8a7bbbfb5e8570a26c43a43064de

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /core/panel/icons/tabler-icons.min.css HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: je+97gVkWjg1KAx6vcXv/+OZfdy73DvXqY8NxfEy0KremSOwoscHNqgJ2/TvIXCP+vP3Rw/0z67D3GQ/TRBvSho0tBqAJbodQojoN7FEYUZ/ek3peL6VyDAnt/wsr0cXLVaZMyCnaE2/bOqxLqOa3Q==$SpQVYacsWL+emGAgAQ6dFg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aax5juDkJTje1WEMbsZ8W1oy%2FR5FQP0LpFKoG53lonwW2hwlUnvN0biyxrmoGyPxcEtHDUTaTyw85qbE7rNxPI6ldugeuZIxALSYWoZAq82ahGm%2Fe5uzzofziIHdIJJ%2FMAT9K7SwwiAMkuY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62bf280656cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/core/panel/css/dober.css

104.21.33.174

403 Forbidden

6.0 kB

URL GET HTTP/1.1
demonstationfukewko.shop/core/panel/css/dober.css
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25

File type
HTML document, ASCII text, with very long lines (14553), with no line terminators
Size
6.0 kB (5960 bytes)
Hash
3baaebab22b4dad0474c34487a195933
4eee9a5a2f398120b2d11782801063656618ec5c
4bdc0a320b504da500935eec2e52af6155b07d541b649364988663d259c50837

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /core/panel/css/dober.css HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: fN9v4Kzb6qYvC2QAIxq5O0lGIpH2XelFQjxVEl0BH9QmUTIdQsqK4WmCXH6fGQEkb9qGOKjXhR5FlVAoYyNmu8Eqb5r0gLwHsghhq5IY0jl6pf4oaVC3/QbHREm/4psMLIYjv75RA5T9N29YuBaKhg==$I383tbyXXSRmkWiWb0/wPw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7TOlJ%2FuKryyHPqIc7ZmHLeflhittlVFdAE%2BuUTJYbeEwWDBcw2z0WZbZck%2FaXsaWMXxJbfz8%2Bfo7rPE5E7H0GLRO%2FGY9W%2BXHdmTeMCTqV%2B08VxXJwSpOmZCNe%2FW42ktvOM54Z%2BLJbx%2FTvnQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62bf396d5688-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/core/panel/js/doberman.min.js?2

104.21.33.174

403 Forbidden

6.0 kB

URL GET HTTP/1.1
demonstationfukewko.shop/core/panel/js/doberman.min.js?2
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25

File type
HTML document, ASCII text, with very long lines (14604), with no line terminators
Size
6.0 kB (5986 bytes)
Hash
c0496175f79fac3b522edf6f8ce4c5f4
2a8ba01005e54d5103022d2b413cf9e984a935b4
caef7996fe5ff445af29aa9ed00961e4ebf201f9d2adf3407b2f0c57a1463544

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /core/panel/js/doberman.min.js?2 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: pDRZHfZv8lbFLjb7sQH8lFcxY6ex5lRz8+hWFZVk932Kl+8nAqv6AI+GOynIZESrdFY2BRfq4B4puWRK7XPUkvqAFai+wDH31dLDT9TEs2i0OXy9enxyFvMBPYdTmMEvJulghc9mTRjjB1yJwdFjzw==$k5a2tLgVpHk42VWkvKufRw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QpO9YVhhYHcUkJ%2Fa9kC7HSdC2GfS%2Fz0YSE5G4hDh509NaGttgecuD5Pg5fTz9OM7UgK%2B9YyFhUoWnJygHt3Ut8kjYHit6ypLxAxBaJcktLYgIr6VLp3rI5N0LUJLjWT%2B136qlllu5rUTIqE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62bf4ec656c3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

code.jquery.com/jquery-3.6.0.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
http://demonstationfukewko.shop/api%25
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:34:49 GMT
age: 30670
x-served-by: cache-lga21931-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 18119
x-timer: S1714174490.529743,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/js/tom-select.complete.min.js

151.101.1.229

200 OK

18 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/js/tom-select.complete.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
http://demonstationfukewko.shop/api%25
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1002)
Size
18 kB (18451 bytes)
Hash
cb0a959ac3d7a23dd8271f8438671211
8bc8a58a48d6f529e6b58e235b47d92dc61a0e2d
28d785eb15b9a3fb56d6869ee57952e0908d003a0cf911eaae7a14a8bea9bc76

HTTP Headers

GET /npm/tom-select@2.3.1/dist/js/tom-select.complete.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.3.1
x-jsd-version-type: version
etag: W/"c620-i8ilikjW9SnmtY4jW0fZLcYaDi0"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:34:49 GMT
age: 3870740
x-served-by: cache-fra-etou8220055-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18451
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/css/tom-select.css

151.101.1.229

200 OK

2.7 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/css/tom-select.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
http://demonstationfukewko.shop/api%25
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text
Size
2.7 kB (2714 bytes)
Hash
c95b0bc73baee2d4aa8a5d31819916c7
5c6101d999331d9dd4f6902ec76fa484cc0e6150
c8168f6b45f8cf03ee444c7a0d2d61850899fd10dd13e2e523ca15e24fb1340c

HTTP Headers

GET /npm/tom-select@2.3.1/dist/css/tom-select.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 2.3.1
x-jsd-version-type: version
etag: W/"2618-XGEB2ZkzHZ3U9pAux2+khMwOYVA"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:34:49 GMT
age: 2051429
x-served-by: cache-fra-eddf8230097-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2714
X-Firefox-Spdy: h2

unpkg.com/@tabler/core@1.0.0-beta10/dist/js/tabler.min.js

104.17.248.203

200 OK

58 kB

URL GET HTTP/2
unpkg.com/@tabler/core@1.0.0-beta10/dist/js/tabler.min.js
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65272)
Size
58 kB (57909 bytes)
Hash
aa14c90bcf88e4bb677a6652c703d371
9f7f1217b1bc208033a41fe844c7a3be8363593d
e69349eaa159cd847e1a3f551d69ca3dc4a291eba2428b38371c68dbe78d5620

HTTP Headers

GET /@tabler/core@1.0.0-beta10/dist/js/tabler.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "22f35-n38SF7G8IIAzpB/oRMejvoNjWT0"
via: 1.1 fly.io
fly-request-id: 01HTZRWFWYCSY1GTYPYYR77RS1-arn
cf-cache-status: HIT
age: 1563734
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf5d9656c5-OSL
X-Firefox-Spdy: h2

unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-vendors.min.css

104.17.248.203

200 OK

13 kB

URL GET HTTP/2
unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-vendors.min.css
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
Unicode text, UTF-8 text, with very long lines (20245)
Size
13 kB (12784 bytes)
Hash
c1a9cc6daaac26e4e383a6ff04a9673b
2b3465834913aeac5b3ed3df89ec4bece401a7b5
cf7d804c1592a2a84f897ade4ad534148e25d3563c916fdb7a112691783e5c21

HTTP Headers

GET /@tabler/core@1.0.0-beta10/dist/css/tabler-vendors.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "501d-KzRlg0kTrqxbPtPfiexL7OQBp7U"
via: 1.1 fly.io
fly-request-id: 01HTZRWFX86R9GKP834HBYFXMJ-arn
cf-cache-status: HIT
age: 1563734
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf7da756c5-OSL
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367

104.17.3.184

12 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3580), with no line terminators
Size
12 kB (11555 bytes)
Hash
78a63d4cbda7ccca370ed68cea17c669
3835953f5a8342b966d3ed4c71715834a854dd9e
c9da4284f43adecd81024a2f86c4458ece7294c345a5f3499253e427e4a82a32

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x9eeh/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: da1950f45bba367
Content-Length: 36256
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: PI/f6Otgi2qGIna1Nuex0uguVbqgO1d0rVb2ynkMgHFXHQpV/watUEZ2AjSZKm9CGrzNsvUr3RAAYqrYZA4f3+LiCuNsqHYYafXqpDh1zvAn73FspnJoo4QVV0dT3s9Z$dHKKC080rsFA5Q99EwEZng==
cf-chl-out-s: MFPoYfvfTNB5cGQTbdRLe5qbAlZuwDmVRhP/xvX1JGMlVCGUPdisGgC6Canapm4iJ1PBhfcPrEQWreCbx5v2C84NqFGDNzO/xTuoyF6VHy1cw+Sfohu7l/8KbzM22+jD7iNhsQ+673F9W/vo9JAzfhmVjEdrc+0H+Gt5dY+0YS4P6/OyEFhrRABpMxz/1SJ+RlcnPxmogPJXGJ40BYOvfsMx68OhPm+7itqnXGb7cqNEsAFWDhEJgqmFVwEMp/qXCXogkZsuOzQ7XUGT7ccbkXEree0zu9SM3m7BW0AKrrEbbXxfdegPSMTSkrnDQMQLNSpSbGjEMPRb8JZDFeKaLtMOkDKIF6do+Oz/hIhC7CLie3eTGBkqHUVnkCTL4P6aOd21ziq9ymJjU0QTbax4wIdI2+5+K4HReu8PNohu1KQKA9XudpFwKme5ywCnwzKDTnLjWbeCHoFDgkgNWoc5TykiDRx237QakBjZKWPtz+RKD+0aeyKd2P/Lx6Ig4H/+5L03sJSZ7usliLKsRVWW+NMZBNlykDA3cQGhw2tOZRhIAx58ZjF6aGA5EJB6Hk1aiTnY+yhO8XTi289BcQoS2ThMUB7MZV6cBT+qV563jt5362fp13uKzFc/sOFxPLuN$40C5EBoEAByevgp/d/GS5A==
vary: accept-encoding
server: cloudflare
cf-ray: 87aa62bc79df568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

demonstationfukewko.shop/core/panel/js/doberman.min.js?2

104.21.33.174

403 Forbidden

6.0 kB

URL GET HTTP/1.1
demonstationfukewko.shop/core/panel/js/doberman.min.js?2
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25

File type
HTML document, ASCII text, with very long lines (14604), with no line terminators
Size
6.0 kB (5988 bytes)
Hash
74c838377e540ff0a1dc0fab159699a1
812d40125334a2327d21d5ba48b1e7b472290032
60afe69fe8785e3c6d219cc76fff6c85ee1a66d99248e0faa3db4a4229069a96

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /core/panel/js/doberman.min.js?2 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: cQAjDLiPZyRuvlfkUs18b3cnMvF5TUQTShya2BPGvIgL3EfDp6PVH9TrJGHvD1BBwyZy+yN94QN4iACdiFRjBdnTfHbBubQ0sdhQayEi8DPa57onPerquAFPi7eqayoup2otZrdh+MseSLGVfUHZ+A==$zEKM4C5v/sxB2ZI6mpNJaw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8y3xZsc6OWsVKtW6a9v4R6EvM9eBTfgnLEh%2BlX86DGmgMD22YlONBln6tDvKxE0%2FNE8iGsXO%2FXwbvLZDDB0pTdz2oYMClPjPg8522P4363h36npQ8RuPCk6puO3qyaVL5AZYX7Su4FBxBwo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62c53af856bd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/favicon.ico

104.21.33.174

403 Forbidden

5.9 kB

URL GET HTTP/1.1
demonstationfukewko.shop/favicon.ico
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25

File type
HTML document, ASCII text, with very long lines (14489), with no line terminators
Size
5.9 kB (5923 bytes)
Hash
d18f914d4a5a97cc1509c3425921b49d
5e1248359cd4b9d9d08db5772b837d596072b2ad
8429d793b404b43f60eee824b5642ecb4bd5bfdec5d1db2cc263e409cec99190

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: lBeb8GEJtLaXdWBg+sIkehifSVHgPTMToRStegifg18EiXTyQLbWm8DAlj+h/3gGMXRfM540ZZMhvnDPHK0grHqJKtEUKfoGETPYeIPo5xLk7XsVNkXFpBmmJopoz7P6EE3Z7EgOtyQHMmG6tDhkXw==$Cq2OEhA/Ewq73TmZPH3/zA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcdvpczTM9XfFZ7rcBNDYITOHVHSCZkymYktnes1HeowlYStnlsP0R5MRgPRvLIqdAGACtV3WZIedsVA3L4caosaIHR8d4YDi%2FxOLb20n%2BZcRyXnw6IrwCGKd5hYRreQ2Z6k56%2BvJYPR6Hk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62c55f421c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-payments.min.css

104.17.248.203

200 OK

10 kB

URL GET HTTP/2
unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-payments.min.css
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
10 kB (10246 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@tabler/core@1.0.0-beta10/dist/css/tabler-payments.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:50 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "2806-kjKGJgq4giZtHvKvnmBtsP+a/jU"
via: 1.1 fly.io
fly-request-id: 01HWEC5WXQGQ2T9ACF8BPVNF84-arn
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf6d9f56c5-OSL
X-Firefox-Spdy: h2

unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler.min.css

104.17.248.203

200 OK

300 kB

URL GET HTTP/2
unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler.min.css
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
300 kB (300441 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@tabler/core@1.0.0-beta10/dist/css/tabler.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "49599-nWlRizNidNMAgcjSv4f3utVNqHY"
via: 1.1 fly.io
fly-request-id: 01HTZRWFWVX5PFVQX8X8E63WZY-arn
cf-cache-status: HIT
age: 1563735
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf6da056c5-OSL
X-Firefox-Spdy: h2

unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-flags.min.css

104.17.248.203

200 OK

16 kB

URL GET HTTP/2
unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-flags.min.css
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api%25
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
16 kB (15854 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@tabler/core@1.0.0-beta10/dist/css/tabler-flags.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "3dee-nKAPWTieQ/tpCdi7lKfJqVdDhu8"
via: 1.1 fly.io
fly-request-id: 01HTZRWFX8EDWD4PRNMVPS590C-arn
cf-cache-status: HIT
age: 1563734
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf6d9b56c5-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (34)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations