{"report_id":"171599d8-a451-4251-81d0-351f0a808cab","version":6,"status":"done","tags":[],"date":"2025-05-09T23:44:07Z","url":{"schema":"http","addr":"schyebflzk.shop/","fqdn":"schyebflzk.shop","domain":"schyebflzk.shop","tld":"shop"},"ip":{"addr":"104.21.3.61","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"schyebflzk.shop/","fqdn":"schyebflzk.shop","domain":"schyebflzk.shop","tld":"shop"},"title":"continue"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-18T23:44:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"schyebflzk.shop","ip":{"addr":"104.21.3.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-05-09T23:44:07.365041Z","last_seen":"2025-05-09T23:44:07.365041Z","alert_count":2,"request_count":2,"received_data":9027,"sent_data":921,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-09","alert":"Sinkholed","trigger":"schyebflzk.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-09","alert":"Sinkholed","trigger":"schyebflzk.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"schyebflzk.shop/","fqdn":"schyebflzk.shop","domain":"schyebflzk.shop","tld":"shop"},"ip":{"addr":"104.21.3.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"51d5ce4e7b0db5cb286d758129e35c5b","sha1":"040e56d009cee0a73a94b202a64890dd6bb43797","sha256":"84ec2d32c7581221a57df3d23331b7f8731cf86ae3aa43809ab5be99a7e347ab","sha512":"efbb5dd33a48caee3b5bda411d5470ae2953f64220d4fbfb93f5878e26f8adbb905ea0b9ef47658329fdfac3d34658714529040ab5964a6facab56d2d67f0c6c","ssdeep":"","tlshash":"eb51c1bb36e708210e9f777b57529305b430e003b909da497a2c4570df91e09d6fabe9","size":3047,"data":"","first_seen":"2025-04-16T11:02:38.507496Z","last_seen":"2025-08-06T22:21:06.960646Z","times_seen":208,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"schyebflzk.shop/","fqdn":"schyebflzk.shop","domain":"schyebflzk.shop","tld":"shop"},"ip":{"addr":"104.21.3.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-09T23:43:44.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"schyebflzk.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Apr 2025 07:59:10 GMT","end":"Fri, 11 Jul 2025 08:57:48 GMT"},"fingerprint":{"sha1":"31:91:60:34:9A:F4:E6:37:26:38:DB:9F:B2:88:34:A4:3E:9F:39:24","sha256":"30:4E:87:92:E5:D1:6E:29:D3:9E:43:B3:2C:17:5E:7C:21:BC:9F:5D:E0:78:05:E1:70:87:47:DF:47:90:0E:81"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: schyebflzk.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":807,"data":"{\"csp-report\":{\"blocked-uri\":\"https://iwaponline.com/cdn-cgi/challenge-platform/h/b/jsd/r/0.31120009380213876:1746832216:dCoybb-fMaNCVdc5jXrjVyxJENVYzRagKWkkKoa5T_0/93d50f3f5f0fb4ff\",\"column-number\":5981,\"disposition\":\"report\",\"document-uri\":\"about\",\"effective-directive\":\"connect-src\",\"line-number\":1,\"original-policy\":\"script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=uMgveq__IlWrErwpxA97vDfIO.S4RpYNGelbKwCDcoM-1746834212-1.0.1.1-AcGTT6xhVnpUHvSdGVy8QHV5colVqQjy2lJ7DAHpp9Ta.d2j2oG4YsnDvN7SFfOdceS46_o7ph_2.uToHoPwLzE0tv2sAWWAnJYoR62VlSvWAFYA0zryV18dkADN85cRcpVt.bc1pLll.9qvLBtVtg\",\"referrer\":\"\",\"source-file\":\"https://iwaponline.com/cdn-cgi/challenge-platform/scripts/jsd/main.js\",\"status-code\":0,\"violated-directive\":\"connect-src\"}}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 May 2025 23:43:45 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 93d50f9279be5696-OSL\r\ncf-cache-status: DYNAMIC\r\naccess-control-allow-origin: *\r\nvary: accept-encoding\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=RFij588r%2BPKFBdGVCNBWenOrAr2%2F3QQW07TRuDpIYTf1lYXjvApuul%2FuxSzan5H%2BdOY4B0ibR9IWffUjrvX%2BTiuB6gcIvbR85wnGJUtzhreSnoeiDvBQfJJNIJcbi%2BFH27s%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=5875\u0026min_rtt=440\u0026rtt_var=10849\u0026sent=7\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3213\u0026recv_bytes=1125\u0026delivery_rate=6652373\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=5e94d20a5b7dc4f8\u0026ts=383\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7372,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"a9c985fdda843e0491cafb5f6563a640","sha1":"a768219b224cd3ccf9b776ad85b5b890599789ad","sha256":"4c2647aa9e1d39e5211b174c3bd702579bc6b0bafaf0bbf3d732ecd6197b3fdd","sha512":"908bd921f7ab09779b8d223bfea478d097903306ca425161a452ec33a71bb46a869eb251c7648163a0dff225eb39332067e133fe44f4ca3199ae6e2f0511204d","ssdeep":"192:PIZNZdIFXFGDsHxJur6QCaypWPGEIjw0JTCIM:PkNTIFXFsGQCXpWnIU0JZM","tlshash":"89e131b656e304113d5bb76e2ff353426561e003f209c9183b5ca260df8ae9ca5a7bdc","first_seen":"2025-04-16T11:02:38.506218Z","last_seen":"2025-06-05T23:03:56.887763Z","times_seen":65,"resource_available":false,"data":null}},"time_used":448,"timings":{"blocked":41,"dns":16,"connect":1,"send":0,"wait":365,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-09","alert":"Sinkholed","trigger":"schyebflzk.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"schyebflzk.shop/favicon.ico","fqdn":"schyebflzk.shop","domain":"schyebflzk.shop","tld":"shop"},"ip":{"addr":"104.21.3.61","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://schyebflzk.shop/","date":"2025-05-09T23:43:45.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"schyebflzk.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Apr 2025 07:59:10 GMT","end":"Fri, 11 Jul 2025 08:57:48 GMT"},"fingerprint":{"sha1":"31:91:60:34:9A:F4:E6:37:26:38:DB:9F:B2:88:34:A4:3E:9F:39:24","sha256":"30:4E:87:92:E5:D1:6E:29:D3:9E:43:B3:2C:17:5E:7C:21:BC:9F:5D:E0:78:05:E1:70:87:47:DF:47:90:0E:81"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: schyebflzk.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://schyebflzk.shop/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":2059,"data":"{\"schemaId\":\"urn:shared:user:events:/v2\",\"data\":[{\"global\":{\"traceId\":\"861cd8ed63291b64e4b5d1a077517b13\",\"client\":{\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"sdk\":{\"name\":\"scc-gd-c1\",\"version\":\"1.2.1\"},\"device\":{\"viewportWidth\":1280,\"viewportHeight\":1024,\"screenResolutionWidth\":1280,\"screenResolutionHeight\":1024}},\"page\":{\"traceId\":\"861cd8ed63291b64e4b5d1a077517b13\",\"host\":\"www.godaddy.com\",\"path\":\"/forsale/artfriends.xyz\",\"location\":\"https://www.godaddy.com/forsale/artfriends.xyz?utm_source=TDFS_BINNS2\u0026utm_medium=parkedpages\u0026utm_campaign=x_corp_tdfs-binns2_base\u0026traffic_type=TDFS_BINNS2\u0026traffic_id=binns2\u0026=undefined\",\"referrer\":\"https://artfriends.xyz/\",\"sessionPageViewCount\":1},\"site\":{\"privateLabelId\":1,\"market\":\"nb-NO\"},\"context\":{\"visitorId\":\"3f9debd8-a4bf-4606-9d50-27da46bac66d\",\"sessionId\":\"3f9debd8-a4bf-4606-9d50-27da46bac66d\",\"isDelegated\":false},\"consent\":{\"analyticsFlag\":false,\"marketingFlag\":false,\"supportFlag\":false}},\"events\":[{\"schemaId\":\"urn:shared:user:event:/data-platform/signals/page-view/v1\",\"data\":{\"eventCreationTimestamp\":\"2025-05-09T23:43:41.053Z\",\"forensics\":{\"traceIdAdopted\":true},\"traffic\":{\"pageLevelProperties\":{\"loadSource\":\"gasket\",\"server\":\"ip-10-119-149-96.ap-south-1.compute.internal\"},\"customProperties\":{}},\"producerEventId\":\"3222bc46-d030-4309-b84a-2a05863897da\"}},{\"schemaId\":\"urn:shared:user:event:/cdep/app-evaluation/v1\",\"data\":{\"eventCreationTimestamp\":\"2025-05-09T23:43:41.951Z\",\"cdepAppId\":\"app_29092cf241324d7c8f335a8fa870c86f\",\"bucketingId\":\"3f9debd8-a4bf-4606-9d50-27da46bac66d\",\"bucketingIdType\":\"visitorId\",\"commitHash\":\"bbbabb663748ccf05f5170fb88c4d1c75c0d69f8\"}},{\"schemaId\":\"urn:shared:user:event:/data-platform/signals/impression/v1\",\"data\":{\"eventCreationTimestamp\":\"2025-05-09T23:43:42.080Z\",\"traffic\":{\"pageLevelProperties\":{\"loadSource\":\"gasket\",\"server\":\"ip-10-119-149-96.ap-south-1.compute.internal\"},\"eid\":\"gtp.consent_banners.express.impression\",\"customProperties\":{}},\"producerEventId\":\"be9ecce4-8d08-465e-a7a1-887d5202a5f1\"}}]}]}"}},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Fri, 09 May 2025 23:43:45 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 9\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncf-ray: 93d50f95dd2e5696-OSL\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=7jVvdl%2FynOurEckuPByWZJ%2ByoeF2L%2F4a4qQ9pHGqN6dq%2B1O1rHtdAtfw8%2BjekgxtjEyJhWmt5q4z3E98d%2FTmbLpGVU5ADP4CRQCJ3%2FYGoHG9rJEAb3FHn%2BKTwP4e1vkEGBs%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=4074\u0026min_rtt=396\u0026rtt_var=7287\u0026sent=11\u0026recv=15\u0026lost=0\u0026retrans=0\u0026sent_bytes=5584\u0026recv_bytes=1263\u0026delivery_rate=8740442\u0026cwnd=257\u0026unsent_bytes=0\u0026cid=5e94d20a5b7dc4f8\u0026ts=580\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"0d4ce72eb959c2ac2fe40a4a6229552f","sha1":"454d7b113fe5230b66ff35dcb56df2de7c7ce8c8","sha256":"c34404386193e324223930eb36cfbbacd56db4c2362302c52f3a50d50f3f8263","sha512":"e8ec19099a310f8dba696df360fc34158c9e246dcdde72b45896c3b90bf080bb456d3f0002ae574731cf8424b724df0d4b67706198299e971bfa4f6765d07592","ssdeep":"","tlshash":"23500000003c00000000303cc0000000c000c000000000c0fc0c000c0033000000c000","first_seen":"2025-02-07T16:17:48.547899Z","last_seen":"2026-04-25T05:26:57.837343Z","times_seen":350,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-09","alert":"Sinkholed","trigger":"schyebflzk.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}