Report - demonstationfukewko.shop/api

Report Overview

Submitted URL
demonstationfukewko.shop/api
IP
104.21.33.174
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-19 09:30:22
Access
public
Website Title
demonstationfukewko.shop/api
Final URL
demonstationfukewko.shop/api
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
demonstationfukewko.shop	unknown	2024-04-12	2024-04-13	2024-04-14	7.0 kB	312 kB	104.21.33.174
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-18	3.1 kB	192 kB	104.17.2.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed
2024-04-19	medium	demonstationfukewko.shop	Sinkholed

ThreatFox

No alerts detected

JavaScript (64)

		Size	First Seen	Last Seen
	#1 Eval - dea8d34458e56d0789503636090d5135	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash dea8d34458e56d0789503636090d5135 fb6c07a57baad022387a54e5f66d805e5c6df245 e6139d60016a0eeac320233d16acb43eacc87ca3f473ed08690290a88d6d447d Loading...

	#2 Eval - f4725eb0d9ce7a5bb194835a27e5e700	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash f4725eb0d9ce7a5bb194835a27e5e700 24cdc426f469971200d2d55105a4160a58e051f0 0a3cb469723a6328231e0b0e8d3aa4f9d7aee5d7f2fa82c4e1d4a4f66c038e3d Loading...

	#3 Eval - 0970d92d4d2e5dfe2ff92c269a3f1e44	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash 0970d92d4d2e5dfe2ff92c269a3f1e44 cf7bfd5e6c4803f4803ce545297552c4e91fdd37 1e5795f75b1b9a904b067b7c2b4e79971433c0447a639ab29ee24c44245f0049 Loading...

	#4 Eval - af10e3d11141b5e41ce8846af6a00e35	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash af10e3d11141b5e41ce8846af6a00e35 a7238d2f8f3250e5f10ab344509233422c35c2b5 af1965484552074c37161477df78ef0e82f612b2b7dc796ce35496d5d8b0b071 Loading...

	#5 Eval - 213c1f277e235574cef0205e79d0c7ce	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash 213c1f277e235574cef0205e79d0c7ce 92f1ba18a5f702999d105744dbd7cce77eaed338 a594f9d90701517c236a79544c753ef9157f1655b348bfba7de845567ce5e28c Loading...

	#6 Eval - dcefb5842378bbf5d15d7058c44762e4	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash dcefb5842378bbf5d15d7058c44762e4 a69b07d7e3dd7ed09fd88c0d0f590cc7e0adb1c0 ec4754a8e02e778edbf3180b2e7039c1f81ead8e9ef89f3eec58ff87d3130a03 Loading...

	#7 Eval - 703fe9af3b1a7a5ed1d7835981c5ee87	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash 703fe9af3b1a7a5ed1d7835981c5ee87 5796418470f6825d3edff3bac082b839a5e13a56 0bb53e0953f5fcf7e799bd766997e902f3b7ea8ce1ad489af50dcd8121280b74 Loading...

	#8 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-02
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-02 12:32:47 Times Seen351101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#9 Eval - 5655fa22b71fa44a07265cf11932d8b8	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash 5655fa22b71fa44a07265cf11932d8b8 1b3ddf7332f84d960b4791ea03bc63f7ffed2a4e 267934c25a600b14facce2c4dd199c234f3bfcd5267a6845c4747778328fccb4 Loading...

	#10 Eval - 1359ba7e98c2e5f34538a37f375951eb	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash 1359ba7e98c2e5f34538a37f375951eb 95b42cbbcc22a34d7062f8f46c06649487720f34 cd668f36b32a303447558d6f3c27429530d39919455b5798beb3625efe888a17 Loading...

	#11 Eval - 6319769c148742c7c1fcb9812bf523cc	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash 6319769c148742c7c1fcb9812bf523cc 39edb92c5759faef2d71628755e4b64fc1495bdd 6f7f777b3404e49f4073ba235fb33af75fea07c2e3b4cf38729e6f39d0092218 Loading...

	#12 Eval - 5dc1c3a5cdad0a7e5e763ec80f7b7187	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash 5dc1c3a5cdad0a7e5e763ec80f7b7187 7f1ead4eb6fe1d594100bc19ffba0478252dbef8 ed8115946a4fe1a770e513ee8aa70cb086ed8c54be635aa4b15e8e91f145d2a0 Loading...

	#13 Eval - bd5d4aea0158b1b78d1d4816f699240a	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash bd5d4aea0158b1b78d1d4816f699240a b40c9a735bf5c606994e592749f29a49f815f014 0958e47df7afed74708f8afff571524765e509e9ce25680076daa2cab40bf424 Loading...

	#14 Eval - bb583c79e4a43e201db456d1e487e75f	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash bb583c79e4a43e201db456d1e487e75f 6036afa4e68259715189437566ffeb1c545c20de 69a5f2634bcc24a98fb016c2cc1c6ff0855275f04ba5eaeba37323da30d29be4 Loading...

	#15 Eval - e4fe311577f0a520a4c1db7cfc06ae7b	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:24 Last Seen2024-04-19 11:30:24 Times Seen1 Hash e4fe311577f0a520a4c1db7cfc06ae7b 2dd744c7d2531892328036544f0fb742d80de548 0d81ed2238108735982f6386bdcfd924e7ae6acfe432c71f37dff5c61f8796e6 Loading...

	#16 Eval - 1ad214fdad769759384f6c32633afcaa	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 1ad214fdad769759384f6c32633afcaa 2a7d52688ee6de4f93e5140ef91a4a0093b814fd 8a8bada4cd6e178d2e8e6a0675eeb2612fc2a2df2acd9d0ccf6810af0200684e Loading...

	#17 Eval - ae51b816733cab7005d1c650a4bcfa5c	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash ae51b816733cab7005d1c650a4bcfa5c 200cdef3b7caed0faa6cdab7c12969a3c19a6d8a e7411766fd5bf37bf47ed0a1cdd90f5ba61beaa1fff822c5bf0b8546bdf56edb Loading...

	#18 Eval - db89cf228ed88c0a8740f91de9ab4596	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash db89cf228ed88c0a8740f91de9ab4596 a3b49b3ec5dade36cf0831abf2a885f894d9d13d d71fc6a00d8f9b0ce90657ae9f36d64d346c6a042d8540cc0729cf191b6918e1 Loading...

	#19 Eval - fe5da0edd11952200b5ce0b54951be66	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash fe5da0edd11952200b5ce0b54951be66 f3d1369517d6deb705f4587a913d2b870a2552ed 74298724414d542878ba066cb4be685b96ba60020855fa6ff434944dc4f30ebb Loading...

	#20 Eval - dd828526ce28d998a21772310e85760b	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash dd828526ce28d998a21772310e85760b 84ed373379a376e06902529b965790f496cf7df6 213173a744d22eda0a1484bf1a107fbb1312f75018aa68e6d00ac7d1ba8335d8 Loading...

	#21 Eval - 57135c4fd1994f6a19ea9bb07235b21f	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 57135c4fd1994f6a19ea9bb07235b21f 10d36dcae1c71bea18dfca19c208683f1f9b94c6 386ff8ada16170faa440b0678c1b399ffb4d940b59947def01e5c5fad079c464 Loading...

	#22 Eval - 9fba386b83419a08ff1faa8007dd23a1	60 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 14:11:25 Last Seen2024-04-19 12:29:21 Times Seen535 Hash 9fba386b83419a08ff1faa8007dd23a1 c6148c7d249ddcfe37f49e99ac7cb60fe3bd43f2 a197c137af56d7b49dd589ed67e397152047dea7b7a147b0403d07bd1c6d59ee Loading...

	#23 Eval - 825d7fc67ce946869dc0b89db6869a74	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 825d7fc67ce946869dc0b89db6869a74 d14aedcdd994e9d2e5abf879e45c2ffe9260c79b 86d153ad491a53e73c5342602048e39ca830c7166bba0863a013d0c20d78b2b3 Loading...

	#24 Eval - 84e630486c81562f2b0e957e314493a7	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 84e630486c81562f2b0e957e314493a7 953a7c7dfda31d9387be65bca0b88dfe45ca6c80 040f3594af5ce7a29853de6f96b33ef23159f24d7341b96046981cb2dde2f785 Loading...

	#25 Eval - e67818d43470046ba988cc0345bc47ce	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash e67818d43470046ba988cc0345bc47ce 598f6faf05c7bbecde33d360afdf7b62703d294b dc239977329de60d486d2a70383cf8f5634e6af628536fca903eb68ccb09160b Loading...

	#26 Eval - 20dcfddb1cede405a4c0802ca3cb0180	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 20dcfddb1cede405a4c0802ca3cb0180 e3d4906271ca52e71020218a5d15250222eeddd6 fec4b27618a50582947c9461038e3b376dcd9535fa73c89164cfe404d4fbc887 Loading...

	#27 Eval - eed08d15aa98984f7e95436785335cf0	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash eed08d15aa98984f7e95436785335cf0 79164385e5975bed99b9b7776c5b11d3c40df9e3 e527e39cf6d26ef8f2223ced3aff94c5f855a83059d37e7a49db80785dc9f736 Loading...

	#28 Eval - 2111bcb3e3a1f142c6d5086a4b0060cd	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 2111bcb3e3a1f142c6d5086a4b0060cd 06307973c5b6bab0e23f67e059225d994de405f6 d6d1330b07844a8e5a2e4ba6ebc91e565fe3a59c5b74631155a72f718f2c00cd Loading...

	#29 Eval - 4123be43a5debbf18727db84193a275b	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 4123be43a5debbf18727db84193a275b d00aeb77c218a128d9606cf1343fe41042f2e416 84e2f08c4a84eb653078a31fea5f61e6710897e0597500f6dc4171386d426d38 Loading...

	#30 Eval - a1eb0573d147b6ecee54bc0fd97d4481	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash a1eb0573d147b6ecee54bc0fd97d4481 03492ede113c2247d1923a94aaaa74030dc987de dccd3eb320c14c4e31884eb2989c4a03822693c1d3f89cf497cb36ebe50ddc35 Loading...

	#31 Eval - dc92b25ddf4edfa20da58180ecb41638	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash dc92b25ddf4edfa20da58180ecb41638 668c47af5e4bba98b40c375dcfea987e86d6f880 a1d307724cf1e3fcec0078553399e48085e9213088e23f55e329974f8ad34003 Loading...

	#32 Eval - a54bac30fbba05a766d47a3ee16b26aa	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash a54bac30fbba05a766d47a3ee16b26aa f2ee96ff348c31083499be484a48fb035c9689b4 7ab6b79143d607ddac03657f3a69456f44dc09ecf4b97b590b5f5733860ab38e Loading...

	#33 Eval - eea5ffabd0b55643a0904acb94f6c870	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash eea5ffabd0b55643a0904acb94f6c870 2e3e65eb1bba76e6ab8256b691c7f62cd1bbcdd5 77113ac4d276aeefa43cabd72007fa5cc2b8d1ed4fe08c36ef85a3e34fc6ac21 Loading...

	#34 Eval - 88e83ae9c56cef5a9376d2e91d2eddf0	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 88e83ae9c56cef5a9376d2e91d2eddf0 93270f67d8cd01fb1ceda13ac10ec22fa6cbae07 24450a11bba2a55236ffe26166cab64a9d48d29a568477e9bc0d6215423daba5 Loading...

	#35 Eval - 961b9178939596d07fce4aeb14ba64e6	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 961b9178939596d07fce4aeb14ba64e6 d0a4124f5406c28efcd3ba562bcb341d19672750 c6fa179f726465d9d77cce0313021984a079a54dced566ca29f38a8bb3018acf Loading...

	#36 Eval - 538a9b601f6586421c20db8e95666e06	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 538a9b601f6586421c20db8e95666e06 e1f15eaefac435ea08b36a2dd255935dc410a7d8 637742771389c2edf2f85fd7c1851d0d102a933fc4c32c1fa3cc07a2b6ddbc4f Loading...

	#37 Eval - eb8a3fec81dcc4b045dc9673dc6575dc	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash eb8a3fec81dcc4b045dc9673dc6575dc c00edaa84fe03fe3b9dfab27997fcb5af8429938 7c956d28d5aa10ba2fb0cc1f8e1462da1bd3a48ee5a805d07d416d5b08d496a0 Loading...

	#38 Eval - d23f862e97e12c681e7e1bbfc71355f3	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash d23f862e97e12c681e7e1bbfc71355f3 e9ed062e63d4f1a55f500c3ea91902287645094f e059e2c1555effd738ef16795595a7b40ce4d5a7336477407db4990eff94a6c9 Loading...

	#39 Eval - c85effbeb8f3ce93b4a9397d48fe7b15	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash c85effbeb8f3ce93b4a9397d48fe7b15 c351053fd7228b32313720bf79b50a69c8b50a35 f724e3919a6fd17289be28427cdbc70f870c5cc789693180fa5b1abce95960c8 Loading...

	#40 Eval - 106b740c2ea03ba609f07daa560fd647	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 106b740c2ea03ba609f07daa560fd647 50dc1e902eeb0e7045632da989975ac4c2e00d8f dd4a6a96c52597ea2d492ce30aed686ade398580639359c31fde2004d933349e Loading...

	#41 Eval - d1e3d66cec3280da85b8559c1736c81e	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash d1e3d66cec3280da85b8559c1736c81e da33ba5b9c1255a9b69847fd5168ac0d95a1d6ae c90efdb577147c172a96a20f226d39be6cc8d642e24e5c20ab64c101d145ff12 Loading...

	#42 Eval - 0fa291a3d18eeadbb51558cf5133c442	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash 0fa291a3d18eeadbb51558cf5133c442 605126ea20d4bf63f1654fa41cddb0603695e163 b302c73e1cda42b1f8ab8012661b7b1174d2a6ba9e59f8cca6ffe804b8d93a53 Loading...

	#43 Eval - b0dbbd9395a26f6ceb2f076c738d9e97	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:25 Times Seen1 Hash b0dbbd9395a26f6ceb2f076c738d9e97 f32fd37f90bb12577ed5fee4b7b24cfe0d994f1d c87ffb536b9580aac0a217be4eb20edf4b69c919c5011fcd748665522e36f0c3 Loading...

	#44 Eval - 9f71b74961b5d18ea76ac38b1ef917d3	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:25 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 9f71b74961b5d18ea76ac38b1ef917d3 a5277219b7378e6ff042c0d80b6184f1d519d75b d7e9601a4be15167e1c65c799ca95a7d5f290d0c3575edbdc3a4586c4bcb4feb Loading...

	#45 Eval - 94aab89dba50981c64c9872880291b64	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 94aab89dba50981c64c9872880291b64 1812ed701a880a0c4a852d392d4f374e6d3fafd7 c750f36649ae35c82bcc2609bd6c3ecffec4033efc466f077206c3ab52cf11ed Loading...

	#46 Eval - 0ad92593ef936a9584f7f14fd79eb784	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 0ad92593ef936a9584f7f14fd79eb784 3bfd9eaf9fadcb2b21740c8f0742f859276872b7 87ecbe550b6965a4691f5d6358450e8c97a9cd15a7c8e98208896521b2f725d4 Loading...

	#47 Eval - 9070e69f84aa5f44213ae7f01921152e	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 9070e69f84aa5f44213ae7f01921152e 92c1c5ce6e4d04443ea1244a1540bc555a9ee262 efedbbbfc64aca95e1f1d90bb4e2206cbd3a4119b936fb101a9c88ddcf21cc7c Loading...

	#48 Eval - bd563bb3dde825b55fca55cf8637d8f0	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash bd563bb3dde825b55fca55cf8637d8f0 a32d9600cfd9ada8f313f2970ea5a428e4e5eff7 421510a95b96b67daee9dac8afb75f597231b846926495fe05890dcc05657ac6 Loading...

	#49 Eval - 16549844058e030392449c307cd3b4a1	142 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 16:39:32 Last Seen2024-04-19 12:24:13 Times Seen96 Hash 16549844058e030392449c307cd3b4a1 b095927b508c4960362343d7c00da2b3beea83d9 3a2d31b38b0835d2942cfd57c46d82a3b2e02e84841819a3c01bec45d52de9ca Loading...

	#50 Eval - 61f52737ab136bdb0204bf31d452ba95	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 61f52737ab136bdb0204bf31d452ba95 4b75d6d3d5472823f37f5c42e3be11e45d31c226 c9f347ffe5651093b83d39704690179092bcae1b39344a5f2c7de98453cc3008 Loading...

	#51 Eval - 8189db10682f1efb450673f12d92888d	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 8189db10682f1efb450673f12d92888d 5b495c5c920455cf8cf04f46eb51c005c4bb3434 5778e126389a550f2f14779fc1647ce2543dda8bc47220a4e08b48bb586b8733 Loading...

	#52 Eval - be2342addf7338c0f0d8621e33d248ca	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash be2342addf7338c0f0d8621e33d248ca 488ce288d14f29cefc627c1c5392e7e20101ef83 b756c7e82d03ab47bef6ecd42eb83157bc56c68bda6f4da45593d634ab348e65 Loading...

	#53 Eval - fcc995ad0e21a4ee359898942803a24e	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash fcc995ad0e21a4ee359898942803a24e f15aad5c178f1f3516ff7592f489aa1adb573e2c 701f1cf4d544884742addb4544b1a0c766a05bf92c88e5cb6322116bba73195d Loading...

	#54 Eval - b2d641e49163c43e709090f9478c803d	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash b2d641e49163c43e709090f9478c803d 2361c21ac39075b393f47d3e1f34aa79c94f38dc 32a90510a65f599264f62ac2039d14d21fb9dccf5b29cb4b8456933232aaa249 Loading...

	#55 Eval - 3e6d242dfe70b3e244092f593f6c4bea	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 3e6d242dfe70b3e244092f593f6c4bea 2981a1c388c5eca4a60982f7f1c89ca36da6f0da 0af84c11a486b80e248e4a80d66e3de11e76372d4ba97abb7a400abb5f02e237 Loading...

	#56 Eval - 380df1905a3f6d52a51a2fd3be3d4916	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 380df1905a3f6d52a51a2fd3be3d4916 a81065335c13d898cdfae7c964c4b0f118e5042c ae8970bfc20eabaf3bdbbc44173aa25deca4fc1428060dc980185b5463f7d9d1 Loading...

	#57 Eval - 41b2936637c11530439f79dd08765723	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 41b2936637c11530439f79dd08765723 0cb3f8eea16d7ef8bd11a7b7add7efbd93ac431d 479d0c175ab421990d5380ec4e0aed4e4ba4e1d09e0b45b34765f965e06cda05 Loading...

	#58 Eval - 6fe38d190e486d108539c800562e9ae6	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 6fe38d190e486d108539c800562e9ae6 4928810452d419af24eacd1b6d2055905e6db3c6 82fe066e5d41ee254a48ce99e38f22c1d2213da4fa8b44d4a9d2e53f7676ad95 Loading...

	#59 Eval - b640543bd6d931198936904f6fa22c9b	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash b640543bd6d931198936904f6fa22c9b 6e5e98f23a995693a1b2a36da9c30be96a5781af 4ffd65bb62a398869a8db7b682527f12d29fa149408e05db201cf11d0dc1a006 Loading...

	#60 Eval - ba078deca324d11655d2f9ba0047157a	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash ba078deca324d11655d2f9ba0047157a 949ae38b2f85ce7c8777f4c93768824db4ac2cf1 57d09b36693512528e2eca18707c59148c6c8383352a5fcc52619ea294c4ffc2 Loading...

	#61 Eval - f7a1f0c5aaaccb58873ef72de26d1980	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash f7a1f0c5aaaccb58873ef72de26d1980 0e5c28b2b187e6fef3fde2c240940ea1860d532b 91d87c0344be67fa60ec58f2e3e05276b90c45b0bcf163a9b98bf8b7217e5856 Loading...

	#62 Eval - 936eea99d1bc98ee38e6207654b8f23c	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 936eea99d1bc98ee38e6207654b8f23c fbe2ddf970bc1b7e9d0e64517b93a3330cd7ca6a 8699c8dfbecdf155e221035ce2ee749d409b91b58f401de5c1ae4189ec514d44 Loading...

	#63 Eval - 8e81f352fd58a1a0347b428f894873fa	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 8e81f352fd58a1a0347b428f894873fa fd7bb91fe535e3b9d23c21292ef621625cfdd1c6 ed56c84b1738e9e4512afd132d952a4296b5a4fea92186c9ab1fc6875d9dbc34 Loading...

	#64 Eval - 8198198d136ede57cb04607eefd9c2e3	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 11:30:26 Last Seen2024-04-19 11:30:26 Times Seen1 Hash 8198198d136ede57cb04607eefd9c2e3 e9125adc95d14e8071a474fa0f1a5be01d4155ac 5230a2b93f4e9caa747af624cba2d435921e86b2fac13ffebd45a16f06a0e683 Loading...

HTTP Transactions (19)

URL IP Response Size

demonstationfukewko.shop/api

104.21.33.174

200 OK

5.9 kB

URL User Request POST HTTP/1.1
demonstationfukewko.shop/api
IP
104.21.33.174:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14390), with no line terminators
Size
5.9 kB (5852 bytes)
Hash
11193ffdd07fc437f52d0bae22942312
7f36dfd11b7bde758f3ffba497809da392a7e6d7
14bfd4e8a0bc1993127ec153bc15b1185f0ddb6e213a4338c2e9f855023a9e4b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 19 Apr 2024 09:29:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 7yryf4cToieYjrMJshWEprs/6Cd6D50vpWI0ZzHCTM2qdnRvbhesBvwwbp/A5M9c1/IIJX5Prd/HTZr/C+zwNwii7aH3BoeUM4waDHOfmDlv8m0AEFxwqF8hdOV75IT6qRXhfRWtyJofnDMY1VBh4w==$cSuyeqAYQE9mBjiqsGQjpA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1W3Dv6ALCrQBRgDA6IqXtLuY87gjjbvUJz3bzSbEB5qTCnNKCLp3V%2BAM5JcTPJVYgoYIQY8I8cd8SNws%2FXOphLdvB1LehQOq1Ii%2FRu%2FmVp3Tf8mJjrvsGbciQhbPlBH2AKQyEGNU0Ob9saE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876bdf818f53b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=876bdf818f53b4f7

172.67.147.169

112 kB

URL
demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=876bdf818f53b4f7
IP
172.67.147.169:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
112 kB (111780 bytes)
Hash
75d0c75d285e5658c59f9a4af2ea2799
36b0b0c8e81864d12a2484ff29c4f5ab9500d4b1
e4adf798116902a64802497dd883c9697cb3298725e9ba00db9d2acbb55ee1d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=876bdf818f53b4f7 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api?__cf_chl_rt_tk=UX4n5sb3MxP4nTNrQIz81d78xIZy.38DwyVbJw9hZBo-1713518996-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 09:29:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgP55H%2BB5z3gSoGCV3MczNZDRrKtTJ2J9jQ%2BpEiRvqWqGhDGWZYXm50r3NzBSlypYMBU2mdxoiB%2BUl1FawByhzJbGyj%2BZn0zs5IRkQ7epyiD9VHTOOpCu%2FTVMj3iBn28ncNgbkpPj5GN3O4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 876bdf82e9f0b523-OSL
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/favicon.ico

172.67.147.169

403 Forbidden

5.9 kB

URL GET HTTP/1.1
demonstationfukewko.shop/favicon.ico
IP
172.67.147.169:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api

File type
HTML document, ASCII text, with very long lines (14511), with no line terminators
Size
5.9 kB (5948 bytes)
Hash
cc3757ac3eb764ab8caf92427ecf6066
73e2652f2a0937d12864783f2c89d8a396b90ee0
f5d9ba3d8aa4b190dc0253bebdb5aaeb38512be0c0d1ea6d95dcaee7a561b7ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api?__cf_chl_rt_tk=UX4n5sb3MxP4nTNrQIz81d78xIZy.38DwyVbJw9hZBo-1713518996-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 19 Apr 2024 09:29:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: h2OOIwsb03VNIQQr302CQXQbKqvLVNkCu+zI9PhNAKkgDVtDRVaEeUYv7henAKv1tGWHwSx4EQxEelaxZx4Cpaio/7igHVUevEKhFiTY2MI51dvOa6xUFZNx9iPfdEXYJwQTVl8Jpk4YVauVdhkL1g==$KMpeYyUjERgYt6918RS21g==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ehd9Key%2Fa8OE%2FaTizVZpqNABGN%2B0Vvt7DBEaJPzdPiIeQBpgGzcMifQ6Fdkuo7yswDT0reT66mQq9ti2pnJx5O0F%2BveVphqx7Sq1U7MBnvP4ZrhUuLMkBYVcNalV%2BnoK6BRPC%2BDtluohOVw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876bdf833a34b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/favicon.ico

172.67.147.169

403 Forbidden

5.9 kB

URL GET HTTP/1.1
demonstationfukewko.shop/favicon.ico
IP
172.67.147.169:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api

File type
HTML document, ASCII text, with very long lines (14425), with no line terminators
Size
5.9 kB (5873 bytes)
Hash
552f54be652a7e1a6216d757d4574ebc
4d11d94d5d0817b5141ebf5bf32a0916139b542f
f8426d6c20302f78cf41780d646cffe674aad4d8cd533d936ed43172bdb6e5b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 19 Apr 2024 09:29:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ET5JWa3xapDo8hodRKDlVkBGXf+ydr9KxcglzHDTS1mmD9lXNHdQV8ffd/j/hlJ4WGm0ZmAITTznW0ZVhRlVPX6ht9PPJKnvBbCqELd5Qcg6zrtcgeATLOksp7osTmRoQlA7a7RgmQRQm/NeveuCfg==$2OUqRdjPZG+fcpKBGpTn7A==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7keR9CxBUKrzxJhgC1JfOJNpHHCpmDUbVwcU1m7Q6ViqziSwEHrm7BOhLq6UII%2BgFlAnfypiyokDQXluiKOb6uyHhg1UWcLAvk19mR5bSkwt050IScAwM7nm%2FgYKlrD2gAkaiNAoVWesEo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876bdf83a968b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1631043535:1713515315:PCbw7jaiDcQHqxvrxP8nFh5q-7IC4dPHv2jmu0cCZ2M/876bdf818f53b4f7/5852a93464d8958

172.67.147.169

12 kB

URL
demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1631043535:1713515315:PCbw7jaiDcQHqxvrxP8nFh5q-7IC4dPHv2jmu0cCZ2M/876bdf818f53b4f7/5852a93464d8958
IP
172.67.147.169:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16076), with no line terminators
Size
12 kB (12225 bytes)
Hash
0261c41a0c7aa6df478e40aa28732652
33dde965c8e83b0c7418748a71aacdb807340978
7b4ca5fc48d95dacdf02a72a361c17e5a4ad3582715821d07b6727e3d7aa1583

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1631043535:1713515315:PCbw7jaiDcQHqxvrxP8nFh5q-7IC4dPHv2jmu0cCZ2M/876bdf818f53b4f7/5852a93464d8958 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 5852a93464d8958
Content-Length: 1861
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 09:29:57 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: ql33knbyXV/a3ZGsLGe2lBq1yI7odLUQMxRSCE2+7E+34p3FpaL1XhNo34NhLMxM$ltCsfHIwCF9aVLpCR8sp5Q==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2Fn80kU%2BnCj5CWCgFWwSALLwSrCYyAfhFgPTR%2FhbV0AB2OFT00b%2BsuVdxR6hTHfZVWBFjeemq9cgGwXZwu6s6F7GKpYpgYfAg3x%2FlYhh8wz2crtMWz5mjNlgjtry%2FYmFsh56BVUgQFC1Wx4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 876bdf84886b1bfe-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5y47j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.2.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5y47j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25650 bytes)
Hash
06fc258d53a45efea6ca9dcc54487437
f68adaf4098490a4182b2d83d23ca8bfd7a7b343
43d99578661b3b28ebdf780cbcb828c4a426ce033729b9f92d0e37580d1b878f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5y47j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 09:29:57 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
origin-agent-cluster: ?1
vary: accept-encoding
server: cloudflare
cf-ray: 876bdf856a8e56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js?onload=lmgW1&render=explicit

104.17.2.184

162 kB

URL
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js?onload=lmgW1&render=explicit
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
162 kB (161997 bytes)
Hash
374fec8b5e50cd6ab980f3fef21a5aa0
7f474607991a19b6f1b78cc32e0f75b501b60774
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a

HTTP Headers

GET /turnstile/v0/g/54ea73d52131/api.js?onload=lmgW1&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:29:57 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bdf83fba1b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/876bdf856a8e56ca/1713518997771/MEp3goA0-Ta32tM

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/876bdf856a8e56ca/1713518997771/MEp3goA0-Ta32tM
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 71 x 38, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
0cabe43c1c4e126e885ffaeeb2ad52ce
21ee82dac9d40243a6790272b599d4f7ff88edff
b50cd6176f2cd1cd583016b1e8b71f7b9a8e510c4798a9835c687d384b722a16

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/876bdf856a8e56ca/1713518997771/MEp3goA0-Ta32tM HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5y47j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 09:29:59 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 876bdf918d5356ca-OSL
alt-svc: h3=":443"; ma=86400

demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1631043535:1713515315:PCbw7jaiDcQHqxvrxP8nFh5q-7IC4dPHv2jmu0cCZ2M/876bdf818f53b4f7/5852a93464d8958

172.67.147.169

1.8 kB

URL
demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1631043535:1713515315:PCbw7jaiDcQHqxvrxP8nFh5q-7IC4dPHv2jmu0cCZ2M/876bdf818f53b4f7/5852a93464d8958
IP
172.67.147.169:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2332), with no line terminators
Size
1.8 kB (1803 bytes)
Hash
2f007480adf9ac0ed7b2237db22378ea
2832d98ca50fe74f424889b5c243201b4ea000c3
7bc84d3ac926e26cb76752816459b223890f45d42795fe5b59d0735640393341

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1631043535:1713515315:PCbw7jaiDcQHqxvrxP8nFh5q-7IC4dPHv2jmu0cCZ2M/876bdf818f53b4f7/5852a93464d8958 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 5852a93464d8958
Content-Length: 2554
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 09:30:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: VVsi+yEV5iPUnhX12KbuWHplUsDFTQk6z5yzbA2uEoxbQQiiiAJCmrR1S7nptTVnfC0MlNHq+/V4YUDF9LH2t0VpaAMmqysejjYIL0i51Dc=$uuDZ+hgR4lVs67mTzaEvgQ==
cf-chl-out: oYbU+ExVybKjjh6vS34gO4UQI2XSifgbwQu1xfGl/GqkB2n3+OGPf5wgcqK5W4VEff7vLK0S31s5vGI+7rMYnVkuqjTCz9ltqa6LBE5AuAg=$S3uxlTEYKaz7yFwpQqLFjQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2B9tuuyK7TbGq6Gh8KIXlmLt7L9XjvQ6fU%2BkxAors0n1K7%2BdZDtDUNBH6%2F3I74xR5jSKW2rWkqW7rHQv3YTcxHuXzSiK4Sts4SbL6wJZ8UEjp2mToc4bzAN3%2Boc8UwX1uA0xFsaZu%2BK0IwA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 876bdfbc8e7b1bfe-OSL
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/api

172.67.147.169

200 OK

5.9 kB

URL User Request POST HTTP/1.1
demonstationfukewko.shop/api
IP
172.67.147.169:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14411), with no line terminators
Size
5.9 kB (5872 bytes)
Hash
f67e159fa41c4236e85ef52542379b3b
c63780d4059fd07ae256d184272b6653d9af98ee
6c08eea2b756393a1627ce526c7e002fda0409a6bc3e174f7bae381ca6643ba5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 19 Apr 2024 09:30:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: DwePXVgXA9ikjHl/eW4qcQYhm6nL0DYdgUr4DFSJaxnDZEbfrVw+mMMKCGUSVooilPlXAj4497Xx+IySMpE/2mf+rcKcVy+e3gq/r9YiPAGiUaXTTAX8j4Q0nPGEPZNpidAqsRnzIE+QoGb3wmpIIw==$tNl6D3z02Wzaar8Zx7cvTw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cEUGBRobaDmo8H18V3HmkSxc5AEFkElnbegJeZoIobltDhwVev56sx4x1NWQgu%2BBGZ3%2BCkrt00FLRU%2F6%2F1TRK3C4UCSUpDNfr2AlIles2i%2Fb7b1TWt3tHAtiWSy58MwdcKBIu4lEj76RI8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876bdfc95e3b1bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=876bdfc95e3b1bfe

172.67.147.169

112 kB

URL
demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=876bdfc95e3b1bfe
IP
172.67.147.169:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
112 kB (111769 bytes)
Hash
3b1bb32da27bb29a84c8e254598af8e6
43a7a4f284110d0de0e0aa7f3c2e72a02abab1d3
cdf692937f418b5aaac0d4e7c737eebfe91ac30e4233c353ed266d220ce0d0be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=876bdfc95e3b1bfe HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api?__cf_chl_rt_tk=_295KK7aQZlchvk7mbz3gzRzFDv6qAp5382D3WiL5eg-1713519008-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 09:30:08 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gvh%2Bvng%2B4MfRl5f%2B43Kvp%2Fn6OHChyRjaAnMbF9%2FI0CTX3F9Bcttch0emMmyxnO4QT753EBXx%2Fki1Ya90C%2BatOD2p90s2TgN7GKW%2FbBTraPLPnhEiZEgtRDNM47E17B8bF8cKmuaXLAhgBFg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 876bdfc9a84a1c06-OSL
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/favicon.ico

172.67.147.169

403 Forbidden

6.0 kB

URL GET HTTP/1.1
demonstationfukewko.shop/favicon.ico
IP
172.67.147.169:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api

File type
HTML document, ASCII text, with very long lines (14532), with no line terminators
Size
6.0 kB (5961 bytes)
Hash
8ffc4c4e3b67b2ac0ce9718c3b53a24e
8d6abf54d4d2dce14fe8f0c44ff1357782c98aa0
c176465924fe08ed255836b6898009580862f0acb656e5ecc1fe46ae624a69f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api?__cf_chl_rt_tk=_295KK7aQZlchvk7mbz3gzRzFDv6qAp5382D3WiL5eg-1713519008-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 19 Apr 2024 09:30:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: VsOFx7O5azfRzLYhVh/gVbeV7FkagpdMCfy8YQy7aSbe41a3hQ7rPY1zzUbqFD2mMV8gJL6w7cCJrE8GotNjBKkBD3pCeaIZACmycyhGq1eV2yVkzicAFaPUf8d3SOKf1into5rpNZlSSSJdIw/kgA==$ISese0ifohw0iGvvw7JdFg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RtZYejcQkwu%2FvBjawfQUlol7lrtRR0KdITj6JEWx8LzYmq%2FmT%2BUQ8IDpIvJq75drxn5nCeprn0C5sqm7E77bE6%2FFEa7Svl7JK7i4qDRvq7rpr%2FP7dYKBhZaVlJWr714E04%2FD4UYpKlo4Fnk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876bdfc9f88d1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/favicon.ico

172.67.147.169

403 Forbidden

5.9 kB

URL GET HTTP/1.1
demonstationfukewko.shop/favicon.ico
IP
172.67.147.169:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api

File type
HTML document, ASCII text, with very long lines (14447), with no line terminators
Size
5.9 kB (5898 bytes)
Hash
83f3153a65a57a634fdec51efe2f51fe
35795946b95827c3d63460fb42463e163971b39e
76df994ee3d5268d6f24ca68fe91862579b9e13c1c44cdf11dd251b8ef2f578a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 19 Apr 2024 09:30:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: NRRDND9tIau/wqMyIexDWjXosLpLTfrudzXmfS1Opq4njrQUbQNFQ1TC4HXKQ9AbihKPzVo+d06BCx903Jpd04nbEZkiiLxvnBBEDlEQEqmninVdT0D66iwVfFQspinCzZx3MgobNrQNWZcSS5iwzA==$JvCQhWNCSSaa7PRKwHf7uw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RGvlhIaesBA2nm%2BSERC%2FF3Q1nMpLmIK3Rfebq7Uz8dsksbz5Sg5ci7r4AOH%2FZk2WKMLyfSQEPaIpcM%2BN9GovJkpLLNQaLXOzppkfP9Ojz%2BafXTLe5%2F14Ym4Ia658U33JD0ROr%2B%2B9kibFVk8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876bdfca3beab4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/468843788:1713515214:UJw840tBFZYZhrHPTZ0dzLmPm2NYvurCWRNXlY28ebI/876bdfc95e3b1bfe/6d4fb7ce87e1605

172.67.147.169

12 kB

URL
demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/468843788:1713515214:UJw840tBFZYZhrHPTZ0dzLmPm2NYvurCWRNXlY28ebI/876bdfc95e3b1bfe/6d4fb7ce87e1605
IP
172.67.147.169:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16076), with no line terminators
Size
12 kB (12235 bytes)
Hash
117d411caafdbddb7c0431acbb119657
f30cff50345883d19de6f436e3e21d8afd16b5cd
d3801d81ef6579b6f6084799ed7b18bad3c676f1d9a0b023deb91b744eadb6dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/468843788:1713515214:UJw840tBFZYZhrHPTZ0dzLmPm2NYvurCWRNXlY28ebI/876bdfc95e3b1bfe/6d4fb7ce87e1605 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 6d4fb7ce87e1605
Content-Length: 1872
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 09:30:08 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: V4WIfAB1RgGhIzdFRpHcUxemr7sRA/UGtEcWGO6huuSNmbrChkZ071iuJlanhnq3$UTvfMyYO36HZDgT1UInWPg==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBbI2AthDf7Bc5fc7eBKU61cWpiMPIlpTjGlYEvaKCGZPxIKRnVIrs67WG4vlgNsadEjdcJGo1V2nYQz%2F6FXp3jK4dmPabQt6KgU7VbNgEU11PqjVqGfuubXERxTWffm0%2B8yxSh2NDvd6uk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 876bdfcb0a371c0e-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/39838982:1713515444:NJC4yEeJziOxiA3aMbO9iu0QhE7pV9kp6T_Lyn46PZ8/876bdf856a8e56ca/00148aa482154f7

104.17.2.184

982 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/39838982:1713515444:NJC4yEeJziOxiA3aMbO9iu0QhE7pV9kp6T_Lyn46PZ8/876bdf856a8e56ca/00148aa482154f7
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (960), with no line terminators
Size
982 B (982 bytes)
Hash
5b2da8131f2982a3d22bc56b6b378963
a7525b4d01a8831118a511a8bcce878eaa3e4075
6edb21eb5d5ebc508b5cd12d2d50aa19f83cfa452d2e67fd960e7bce72370f1a

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/39838982:1713515444:NJC4yEeJziOxiA3aMbO9iu0QhE7pV9kp6T_Lyn46PZ8/876bdf856a8e56ca/00148aa482154f7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5y47j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 00148aa482154f7
Content-Length: 38660
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 09:30:06 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: hMQ0dQM+H21aUH0301IJmzbUGlPzlvZY+MnSYjx3I3drry3a/5E3KNiRVsLWUW4Bc/cQSCStFmS9N74DpPsecloHNfBbXU8wLj62BljQFo/5OmVQZxk09p5gcNmJW/ZfqMVzPJ05MyoSKg2z9C7AYg==$WByrh2V+0cUqxe/hpcR5ng==
cf-chl-out: Syg1WOs+cYCGlbBivnlfjP1cfR7wh6k5waGRD2u1pODkEwDXNkwChwOP+FJJXHzdBggm40oRmDNXavGuSttLh2HMbsTZfIZazw/5vrG8F7I=$Eu9YaK6K/cSqjxUF8sEGlQ==
vary: accept-encoding
server: cloudflare
cf-ray: 876bdfbc0e9856ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/876bdfcbcce056ca/1713519009022/qnMsHZUrds_0ESu

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/876bdfcbcce056ca/1713519009022/qnMsHZUrds_0ESu
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 74 x 81, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
987a8fd1931865bc14e644c336547de5
31e4027bf8abdce7253ed14d078aef80ea3a793f
875d77afe218dd28e1de84baa23339742e82c0952581724c5cac5f343d9bd8c1

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/876bdfcbcce056ca/1713519009022/qnMsHZUrds_0ESu HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/skkt8/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 09:30:10 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 876bdfd56d7956ca-OSL
alt-svc: h3=":443"; ma=86400

demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/468843788:1713515214:UJw840tBFZYZhrHPTZ0dzLmPm2NYvurCWRNXlY28ebI/876bdfc95e3b1bfe/6d4fb7ce87e1605

172.67.147.169

2.5 kB

URL
demonstationfukewko.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/468843788:1713515214:UJw840tBFZYZhrHPTZ0dzLmPm2NYvurCWRNXlY28ebI/876bdfc95e3b1bfe/6d4fb7ce87e1605
IP
172.67.147.169:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3240), with no line terminators
Size
2.5 kB (2489 bytes)
Hash
c0e4c0cefa01f95e42f64ca5dd6f241f
e506fb94779132152b454a1fe7d24289d2016285
66a81072012740f75e0d1d0e499daa223d81b76cd2ded0cfd143fc563f621e54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/468843788:1713515214:UJw840tBFZYZhrHPTZ0dzLmPm2NYvurCWRNXlY28ebI/876bdfc95e3b1bfe/6d4fb7ce87e1605 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 6d4fb7ce87e1605
Content-Length: 3341
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 09:30:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: gxMzqneMtZbtdVRE04RThpgFKreVkHy2HpHyaHF0sgFHpW7GHb1PsQlk4EP0aNPpGn4VFnJGOhtYkkPkoPwaBgRqO2jSwQQXawToxv6y4to+MjN5OoXxGA9xVV2WaSll$AlV1kHDoY/tly9kKo8WlSg==
cf-chl-out-s: eOhiRZyq9O2oPX7CZBU5eUBT+twr0Jro8roXUrHLK214y94jI1sZnBvTJ3Ox++tTtPkI8jBYPChtwFuv6DrrxnQgiss54WbWxrbrB0tJ/PRGmk0jzRgOCJFV510zo34g8PtK84jmyFeNuXFrHcNHGPcMEFDFGIq2wGQ7GlAfPcXfmRa9BF6bg7W4fO1h2r0uoE3dm/jPGhOGXt8vaFW/U/rDDwoGPcw+iWa0sroX6ECMp5yT3sGTDk6Dw1SYUs/EPyK7td8yBoUXSk3LGjhHU+g3jqnsS+wcI4uSLTTQDWt+T0JwcEPrJG6CM5NVJbtDyjQr3VSrvGX1dAWE5NT21hsZ9KyQceNZT5CyOEW6hO7WZLYK+/4ZyPievAvVuO+bVD+wP6ibOd4O1VXkndvHsJZU7fZzMVS8nXmP2Mkyqe1ljdGqp58RYjmFaRgToKYjXKweN65H5z33fIqIfiHrmQ==$oZ4OS+4Cj6/7QAC8EELSKA==
set-cookie: cf_chl_rc_i=;Expires=Thu, 18 Apr 2024 09:30:16 GMT;SameSite=Strict
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BwcxRp0Q932yEpgSLLRURvBOFPLmUcL68curuA35GmuiIiC98POq9pHsY51b7f6LIgf1BOgEOb%2BUoyb7onB8ABGQxzeClp3C6oBYATw85eOLjbk4eJPuuhFIyeaTN0Oh1G%2FA2FEyJY6B%2BRA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 876bdffc0aa51c0e-OSL
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/api

172.67.147.169

200 OK

36 B

URL User Request POST HTTP/1.1
demonstationfukewko.shop/api
IP
172.67.147.169:80
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
f7f65f8e1e7aac5fea69b0a756f7a0a6
0fd6949c452076605ecdf4c4a04112c72e044b45
c4f5d9c48b173615278f74c308c7b569085d7a8e658d8eb4310286b8d32a6153

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api?__cf_chl_tk=_295KK7aQZlchvk7mbz3gzRzFDv6qAp5382D3WiL5eg-1713519008-0.0.1.1-1301
Content-Type: application/x-www-form-urlencoded
Content-Length: 2501
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 09:30:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=AH1R5aVW03c_1nm402YI_KU_5gP3K7F.dPAM_aBVNPc-1713519008-1.0.1.1-c38ggdDBOk_mjAj5fxmSLGOQd7e32QuulKTfb6CPw1osyHv8z8eJnPFi6WMYtVfBWxe8Ay5AzxTIdAMYlnwjQg; path=/; expires=Sat, 19-Apr-25 09:30:16 GMT; domain=.demonstationfukewko.shop; HttpOnly; SameSite=None
PHPSESSID=51clnugrmg8t21lg587vaigou5; expires=Tue, 13-Aug-2024 03:16:55 GMT; Max-Age=9999999; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ceG%2F6tSIRQVPT3SX72OcbzcZ4V3B0AbSAndhc%2BNNUsSH9CxN0fth03%2F%2Bo3%2FQYqBM%2BXZ%2F40lj%2FFe7Fgb7BBuQVqafK7e8VYE37M1nGW%2B1lLL1Ysfj3aQ0V4HS2BrRLCEQ%2Fo0JfKUaTtUn2k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 876bdffcdb471c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

demonstationfukewko.shop/favicon.ico

172.67.147.169

403 Forbidden

5.9 kB

URL GET HTTP/1.1
demonstationfukewko.shop/favicon.ico
IP
172.67.147.169:80
ASN
#13335 CLOUDFLARENET

Requested by
http://demonstationfukewko.shop/api

File type
HTML document, ASCII text, with very long lines (14468), with no line terminators
Size
5.9 kB (5907 bytes)
Hash
ad724c5526e34b5335f7da7e34d3c783
ae30ee912bc13490306ec4580be71cc2a8c0f2bc
a25b1f87014c2445050c1ab6750de75160bb2d12e563bda1d6689fc1b1c890cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api
Cookie: PHPSESSID=51clnugrmg8t21lg587vaigou5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 19 Apr 2024 09:30:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: OLv49kqgrI8C8TonVPMeX1lfXkIL5hGnUNBAJssWWaEp+sblFzOaHUuI1WGcSQbt8FJzLj8rBxXxc11NytaV2fdPiQaFI0kUk8MVDJIoAls8kDWY1aqLf7TegGdOz2KGZsclm4BRs214p4kaqAqwjA==$9DpwWu4Rpjjzz7THjMuf0A==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKseUtTEKKHqqVb6Sg5Gt9obUHjjQ5rhEQJqPoTJiyxq45mExEuc2246zVgqd6a3T3cKLELG2DOnI8EEuCwrWyyDqAAUqMH6fqVDmIWC5QeifUC3RrrH%2BPeIA0kO7TPxfFAJxyNrMtY3eTk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876bdffdfcc31c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (64)

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash