Report - productivelookewr.shop/apidJ

Report Overview

Submitted URL
productivelookewr.shop/apidJ
IP
172.67.150.207
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 16:21:22
Access
public
Website Title
Just a moment...
Final URL
productivelookewr.shop/apidJ
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
productivelookewr.shop	unknown	unknown	No data	No data	5.3 kB	588 kB	172.67.150.207
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-24	6.0 kB	375 kB	104.17.3.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed
2024-04-24	medium	productivelookewr.shop	Sinkholed

ThreatFox

Scan Date	Severity	Indicator	Alert
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer

JavaScript (69)

	URL	Size	First Seen	Last Seen
	productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87976cb1ee8bb4eb	398 kB	2024-04-24	2024-04-24
Pretty URL productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87976cb1ee8bb4eb IP 104.21.11.250 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:32 Times Seen2 Hash ff14aa9b0218ab41eaf280a47cafb11e 52aa0a8c3d467391dc850ecedfb861be14c56a8d 4ac330dcd281bce75ca65903c6dc28e4707e41f9a0a4658adf7fb7cee2082f22 Loading...

	challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit	42 kB	2024-04-18	2024-04-29
Pretty URL challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:08:49 Last Seen2024-04-29 16:17:51 Times Seen2594 Hash f94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b Loading...

	productivelookewr.shop/apidJ	4.6 kB	2024-04-24	2024-04-24
Pretty URL productivelookewr.shop/apidJ IP 172.67.150.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash 531c255b09f930ba57f8121a9c8e5ac1 940ce07582e7957c9700d3c103490f2ad9a9898f 4c08cf908ac5ddeb9b463e2464f25d9f4c588fe6471c4908af9bac1bec6d6e95 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2fb80cbad6ca1bcae41a89be035d8880	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash 2fb80cbad6ca1bcae41a89be035d8880 815e8fb3486efc8194edf2a5b6beecb7654e2705 cf036544e714ff8ce0e846534d8ed62f9b047c80ab0c87785101524072c6dc83 Loading...

	#2 Eval - f121cd77dede6ca481b820b4dece82dc	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash f121cd77dede6ca481b820b4dece82dc 76df9f9cc3e46fa61624ff4f06f32d491d81cc3a f7da5459485c689e408162b17332727d4924c16472de8f02f9975d56a674d217 Loading...

	#3 Eval - 4db6566715ec815fcfe60de3a13e6421	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash 4db6566715ec815fcfe60de3a13e6421 65629777d87320e3d0be1661a33a99747ce74972 3dd0349c0b9819ad00972884c099c14a7cff46c8824a2731efff3b2603a98d20 Loading...

	#4 Eval - ca52790782961294b58ae5fd5889b5c0	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash ca52790782961294b58ae5fd5889b5c0 afb7eab6eb83310d6eabd9b9c1224d4445eeb2cb 9d0011bfd08cd977c21d62ec79b0078a4d42ca194b1fbed922948bc09a014c8f Loading...

	#5 Eval - a2b8d4cd7f34d0d864277fab8971ad26	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash a2b8d4cd7f34d0d864277fab8971ad26 6bdd6da49f9e358b9bffc3c19d2f9edfcb928cb3 a566b6e91573711e54d88b43b42e57463cd2990172278e64fb50faa61525b171 Loading...

	#6 Eval - 7b57bc39a97ee1255d1f1b712031d6ab	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash 7b57bc39a97ee1255d1f1b712031d6ab f44c2d48f3820c595875a197cf1cbe6acec0bbc2 d457fc2ee27250cb64be1964eb9d59e65c981e2422f9f2c30382d62fc8854022 Loading...

	#7 Eval - 7e6961b2f8b0f6761eaacf02eb58eb2d	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash 7e6961b2f8b0f6761eaacf02eb58eb2d 70cbd0ccff8cfb866f3784d49417bf770e71518f 707e073acbdb0d3aeedf2ee3646f2ed720de3105e5b1760073c9d86916ee4b40 Loading...

	#8 Eval - be1a43a9bde0941732275e61b54b2287	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash be1a43a9bde0941732275e61b54b2287 a29381a4d010169fc395788073142607a16d57f1 255572f3ebfc72d2d41cef7a8a656d67cf6e20ba3c3986cc3160ceb0602ee0a9 Loading...

	#9 Eval - 9f08072479a4a9e40c17bdaa5550ac90	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:29 Last Seen2024-04-24 18:21:29 Times Seen1 Hash 9f08072479a4a9e40c17bdaa5550ac90 dbb28f2486d5ee75bd02d1df9f1562211e18db4e 320f9503d09a6d5051d6040f1d603151187b9d029597c73fddc9d75bdc5a77b8 Loading...

	#10 Eval - 8d54fd3f13698c27abffb63aff1dbb2b	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 8d54fd3f13698c27abffb63aff1dbb2b f3a68dd0a5ee228a86de5e05d7f2447d1ae0279f 377f82bdd0af68f7f9b355c66bd82a8082900585a3062a6aeb5f11b7bc4dde18 Loading...

	#11 Eval - 7f5e1d71c06e0e1d7b369cee2941a58e	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 7f5e1d71c06e0e1d7b369cee2941a58e 3fd8076ec329687824b6f8fc938164bcc0588eae 3d891120b18fa4f09ee8c8c4bcd80afcfbb6eb54735912c1e7e2d56e3e44985f Loading...

	#12 Eval - 27fa3b02894f9988908ac613d084dfd6	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 27fa3b02894f9988908ac613d084dfd6 0cd73ae0cb48e58b76dbdd723c06cbef1ca98c0f abb32da3fdf5d197e5d60ee48e20e3868db6fe7287c82a77ba06b083c8619953 Loading...

	#13 Eval - 43c81e43a6e7d9140033055ff3e04983	62 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:51 Last Seen2024-04-29 16:17:50 Times Seen2736 Hash 43c81e43a6e7d9140033055ff3e04983 b0eca03913678cb38c488c7c79cc4f9d2755ea17 3f7ef931c657c4333a401c40e8b0b8d1ff3b164542af45e14242314c0ec39f34 Loading...

	#14 Eval - 5146589b1ad4e7f69fab5de1a8b56a3c	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 5146589b1ad4e7f69fab5de1a8b56a3c d61436b6d0cdee030fac86e14dfc98a6cfacdae0 2095c14ada544ed374bf66b56d1a26dbbb77bc744c6be1bb105c7dcc28ce8df6 Loading...

	#15 Eval - 19e6d65ef88ae5e9066045ea7c4450c2	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 19e6d65ef88ae5e9066045ea7c4450c2 fd1042bfd2f595b9dbbdcf86f546f6218e5bf273 74bdd0a963a034d3739cbba459912102925833bb8083c4adcdf16cbde841713c Loading...

	#16 Eval - e8662ccf85cacb3627cd42ba3112f76e	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash e8662ccf85cacb3627cd42ba3112f76e 723b8e246cfb36870f3f5b93d2dea7869d0a44cf 6e6d8e4faad3b20737ac84b3994e9942e9d36c5f5c948c2361b08cbf1f8f973a Loading...

	#17 Eval - 79ecbef84bc4f46b21bc462bd02a965f	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 79ecbef84bc4f46b21bc462bd02a965f 9dbffd52abcb378c60d761f22e8e9d9ab4af6348 03eacde1c517c18ed2036390f4251bc617e7becdeccc65139b11e777839336ab Loading...

	#18 Eval - 9d412bf3b89b1212eb7a4290eceec4d4	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 9d412bf3b89b1212eb7a4290eceec4d4 b5b883bbf28f6cdd5d5e01154eb9ed13227a1a36 02effe74f82a8ea42173be438fbf7e7992a19732a09ca5b2369f426c46b66893 Loading...

	#19 Eval - 9bbcbfa69ea3089658f212100377863d	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 9bbcbfa69ea3089658f212100377863d b947702c70525a6fb87b5299aba565d26cfea643 c9130ec9193d29d2c574cba19abcab939180866d06948c87e0c9c97e06d7fa4d Loading...

	#20 Eval - 59477320ddb78f2872c9a0d6019009e6	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 59477320ddb78f2872c9a0d6019009e6 0cbc94d08683bb44f28dced8603f3ddaa6b1a130 ce40767b42a47392b25c98d09188d8fa19eb9c3be87ea1019b52baa794744076 Loading...

	#21 Eval - 2ce02da047ec1b1603651f181cae612a	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 2ce02da047ec1b1603651f181cae612a 5df602ad1f1607ff4e76d2edbfb70a0e56a0edb7 0b87ca27cc9db67b660fe43e48284888740d93b58a35a2199accd2695eff255b Loading...

	#22 Eval - 13ba6d0d2d0b05f47f862eb7d7e3d7c1	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 13ba6d0d2d0b05f47f862eb7d7e3d7c1 ca29d0827027350119e394aaf17e43385ce5b9d4 4bcbbdf533a6310818e5fd8b935ed6ab87ac5f41404edc6d5b70ed6ad7c04c58 Loading...

	#23 Eval - 987eb267a0124a8419cbb1876531d498	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 987eb267a0124a8419cbb1876531d498 91ebb4ae0da8e663f79546579f95a2433980079e d93fe8c91be746cae78fc9e978b7a66a412ddc6b21e695bed24c32c212f0f055 Loading...

	#24 Eval - 4db6967a6aa3409ecead380fe3644bd6	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 4db6967a6aa3409ecead380fe3644bd6 07b5a8d0a0429eaabe52149aefb1b53bad1cb320 f191f9cf3f614283d307a22c7897abaaee29a41544d7fbfb5a87d80c9ac0521b Loading...

	#25 Eval - c60d1c8cbb4b4494a2ca925b2821c378	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash c60d1c8cbb4b4494a2ca925b2821c378 d4bcf874593d31536b42aab05fce377f130dc925 261eef651f023d1ca0304540c9b1be6eea6339b978d0e9fe191abd1d2980c872 Loading...

	#26 Eval - 54a7a72a83b9d7f689b6188a4c04a743	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 54a7a72a83b9d7f689b6188a4c04a743 1f2f565bffeb13303b83cbb543e13772c5fa33d6 fe0aa6e49d7df51874b20098bc38424365cb4cc34e8684a2cfc709ba446c0c6c Loading...

	#27 Eval - 69e28dcae58fc02aa6a67088e1484b8c	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 69e28dcae58fc02aa6a67088e1484b8c 21c5674c760183f3eb83cfeba43155e3ad10d07e 431022fee36e8e8ad53d6e9182c94360ff36b9b42c38734500ce8923c656afb9 Loading...

	#28 Eval - 70ca0f957c6f4f01b387e73641ed2444	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 70ca0f957c6f4f01b387e73641ed2444 08e9e861b5f53ae82e5b87b6df4d0b50224be310 6d652c3f5883d94ab4fd5043d4a2cd6d8e83f543b9724e2bcf2ef443f765d6a4 Loading...

	#29 Eval - 2b40186cc456d6cdb67ec92d57f34b8a	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 2b40186cc456d6cdb67ec92d57f34b8a 963d59a042cc6951f56fab286b77991d18c09926 207e5c015f783e0a7691b06b8c202ff3a62626763ad248b789f8539a9b0eddf0 Loading...

	#30 Eval - 37bfe11d8f7b6286a20baa8218974080	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 37bfe11d8f7b6286a20baa8218974080 88888908d3081af8c7b36eeef787acae009a95eb 00da1729f7cf41ea640e8f6c94b84823f655fe1a21f915927f931383f0e95a54 Loading...

	#31 Eval - a325815d432d45df591813f173e6b25d	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash a325815d432d45df591813f173e6b25d 7c974abbf8fd3b04f1a0f7cbacf56029b561762a eb69bb5bd528745fa4a0baea57c84d516416ef930950c23f0d5d6be6f290d3b3 Loading...

	#32 Eval - c50d3a99a2fcf237dd7098e3490d8247	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash c50d3a99a2fcf237dd7098e3490d8247 89a997d8ff8f282e75e289f3314a1278c666dce9 3cef55c742441055c7875283dcccac58014c1ff538907fe69925b73b53c335e5 Loading...

	#33 Eval - 8e4c020154d51f0778664d82ac18b55f	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 8e4c020154d51f0778664d82ac18b55f b1df73ce3121d70f661e888d971272a5a5f0456c 1b3c59abffebea1ac90a878bcad076713763aa8e7d933e3bbf5027060679b40e Loading...

	#34 Eval - 5a816a7230913cf5442e3041adfa26e0	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 5a816a7230913cf5442e3041adfa26e0 7e577e69b09d1c600c90bf6c8942f10a39d2a4a5 d2e3d2add5d5f384343cae37c8b760ddfaf83193b68121be244669851970712c Loading...

	#35 Eval - b12a2f96b833a71eb29417e37d373a59	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash b12a2f96b833a71eb29417e37d373a59 948dcacea0d4c643f61eea4f4dbf30ca3317919e d28842ea41fa9c2e058b174de97a196e1ff2a55cc01e23c50bda7a095d660c46 Loading...

	#36 Eval - f61a5deedba3c44f4e42234c4b1abc91	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash f61a5deedba3c44f4e42234c4b1abc91 b2fc6480596b58b95c00fd4d5db3678f41869f0d 01544a0fa2e0a5d31de4dc5d96cb8c896af1551e4b3712a56d271e80af63c422 Loading...

	#37 Eval - 3031420cee9d54173253311cda5ee290	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 3031420cee9d54173253311cda5ee290 e52d2ffa1ff11ebcae6e5962b4d678925bbe7cc4 72d14e4cc78578694618bc5b5c8015a0018761204d84bed9585df226445253af Loading...

	#38 Eval - d461eb70daf9f59bb88be55774e4e1cf	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash d461eb70daf9f59bb88be55774e4e1cf d46cfe4254695722de5e5db3d94008fee105f34f 10f3e83ef8563a30044b9ff725f750c32a15a815750d91e62b8e0b8b35553977 Loading...

	#39 Eval - aeca3693d879ca1fce9fd5f0909cd903	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash aeca3693d879ca1fce9fd5f0909cd903 3fe91243c12d9d43d549a932ba2026728b1b16e8 1f63faf86b748c54ad09260452e059e016e0d647faad4725ce3b0ecd8aedd579 Loading...

	#40 Eval - 40acc1d50e6a91a5d6e3617e516684f6	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 40acc1d50e6a91a5d6e3617e516684f6 6e567ea22adf75c297374041b7abf80cfccc856f 3483f770125f9195d5da9b0d12d4638b6a8f76164ed8a64bf7130d65d7201fba Loading...

	#41 Eval - b7c2a2e17960e565a0f930d8ecb177b4	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash b7c2a2e17960e565a0f930d8ecb177b4 e89799b9085c0f2e47ea092df8abfab8ecf1c206 e5481eb280e58f7ad41f8b9551c2b966f33eae4916f337688eba48dbe5d0d52c Loading...

	#42 Eval - 9e574b60e8d62237e612b263c7d2fb33	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 9e574b60e8d62237e612b263c7d2fb33 abd47d0e8fa2f497ec00b05246284155809289de 6eb8b07f8cda605780bf9b185f9a4a76318a92022c622643f0b8be8fb1b8d04a Loading...

	#43 Eval - 01918d2eca9558a96cfaac6f0f33e8b7	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:30 Last Seen2024-04-24 18:21:30 Times Seen1 Hash 01918d2eca9558a96cfaac6f0f33e8b7 b923100f53ae6a28a067905c41c610ced48137fa 9cf1286f54dc6b718c7f907f2df8b8ad24992708f4d3bd783af419690b14c4a8 Loading...

	#44 Eval - 74dc20488e581a4c53a911af8095b855	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 74dc20488e581a4c53a911af8095b855 c487f0435f56f884e9491ff82b54a81b5d5b9595 f91e9cdbd0381d27f6b090741cd76d3507147c9244164a94304eddaf63f98ac3 Loading...

	#45 Eval - 4785b5effaa4a4d7dbb2a8eaf35249a5	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 4785b5effaa4a4d7dbb2a8eaf35249a5 df99eb4f3d05f2391a04d0d87c6e045efe51805c b0f3d65e3ef10ba940219d7b3106d435c31a7bc32fc606fc154923aa04ef5115 Loading...

	#46 Eval - f468d690fb580f872badc038613734e0	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash f468d690fb580f872badc038613734e0 afe119a03ae7ff495c92c05e3dd6e3f0358fac64 018a9b842de180264c763817bcf24e12a3f08a8031ead2f13b96e045b8d0a46a Loading...

	#47 Eval - 858974254b0c8cb6ec154ef12bea1e22	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 858974254b0c8cb6ec154ef12bea1e22 d4e6606176c6fc6ddf20e1a6d2d183d5987821a2 ce3d466771160982a5b4b43b2cacc4e635620cac07cc52ee2e77563b705df31d Loading...

	#48 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-06
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-06 10:44:44 Times Seen351524 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#49 Eval - 6da3f83cdcfbff1fd13a70d13751c7a3	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 6da3f83cdcfbff1fd13a70d13751c7a3 77aa0d1f7b8cd67af134aee7fdcc12abfc01087c 84387a74d51e5c4d50698b0e2d20ed3c888c1a21d0b3db028feade7ea3be102e Loading...

	#50 Eval - bc1af707e6bab88d1ee7561aebee18e5	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash bc1af707e6bab88d1ee7561aebee18e5 cc96f95c4c7bfaa0a3d67bc85ba60d1c64de3c5a 05ae282f33062f864c48b9a6abbdd5260d3548445c8a35c41e2594f99d41aadc Loading...

	#51 Eval - 45f5261dbd6db8a2b5896303956ffe55	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 45f5261dbd6db8a2b5896303956ffe55 3247621f2827ebf266c80209ff90a5fc5c3aeedb b4b8ae3df85fca28611a1420320070f7653016d7bfd9ec56d21d537b964c6e7b Loading...

	#52 Eval - 6a335fa4e00c67c0447e3ad523c8bc0d	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 6a335fa4e00c67c0447e3ad523c8bc0d e9520d1775a7c252889967efaa9004245c5b8061 f2606c7e900f129c62dcca3e70f67249b995e75ac42bbe0a7242bd29d55a0a61 Loading...

	#53 Eval - 0a75686356069318e3c895ca6deb1eb7	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 0a75686356069318e3c895ca6deb1eb7 7a4ecf7dd146da7f913efc60adc9e396d3e47035 de145da4cbddb6bf549cd5cb6affd4a609a96877273753350872aa646e931d86 Loading...

	#54 Eval - f01a2830c920d3be43ae86f6a27acf3d	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash f01a2830c920d3be43ae86f6a27acf3d d07f3e34c19ebae3ed90e25a2111112c15f232f0 8146ce3a2142e22894c8e49d3335304eee43ce62de8dcf45209f3e7f0a007939 Loading...

	#55 Eval - 5e1e500fd06fe19ead61d470c1b1940f	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 5e1e500fd06fe19ead61d470c1b1940f 4492a04404e14a9b634d9403fa040cf5fa138ac1 7d1f7c55b3df867053062e706a5635d79fc047ada805e009bf8a8085a2ee62de Loading...

	#56 Eval - 2181bdd0d068444dde8af3afa7cf402e	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 2181bdd0d068444dde8af3afa7cf402e 86f433a00759016bcde08384d30348ee12a4f961 61d0395c228914c1e2e1d210d0b5595af99a6ccc9a6839975ca809600ecb8099 Loading...

	#57 Eval - d9c1d58d949eea2dc02cbf6b2491a0ae	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash d9c1d58d949eea2dc02cbf6b2491a0ae 734e5ab32cb35001ae749377c2d81a3ee80aa7f0 3b3c715ef16f2ccf6c8164383a2032f100de0637e68f628052d030df378ca1a8 Loading...

	#58 Eval - 0abc5a4fa3dc7dc1e9e71220521c79b2	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 0abc5a4fa3dc7dc1e9e71220521c79b2 55b942b5df73ac68538c6e41a463db181e18c986 7332dfce04f5ff058e42c7f3746f1ba3d251ed3e176f7443a997d8fc90c99d8b Loading...

	#59 Eval - 1a14957d632d60cf07611c0005dd8f42	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 1a14957d632d60cf07611c0005dd8f42 1139fdfb8e5408446b854d7770be48324ccd698b fe13fcc4549a881d5ae12ba7fbb9e64f9624b5d96a3e640aaff54e8343f2c6eb Loading...

	#60 Eval - cc13664706a058693dbb13ededd34f46	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash cc13664706a058693dbb13ededd34f46 627cd0c928c54408bf6a5fe17798ae0d40d52bfe cc8ad10281a392d9f8be21f7b592e03d183ad4114b706fe87029c6afd5e7adec Loading...

	#61 Eval - 2b873f5c29e04cc1bad846dae761764f	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 2b873f5c29e04cc1bad846dae761764f 5bf27509a512c81dda2235640d63e5d9de5275f7 48f056b89cc0383143270b74540088aad0f2027c867e551e7bb81e9a777211a4 Loading...

	#62 Eval - fd9f8e003d0040cb752fcec4f3250e5a	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash fd9f8e003d0040cb752fcec4f3250e5a e1f1f530e1370f42240a708f3353573a6cac3f89 2e5d36c319704ee811aade360190a0a0442d8c35381eece72ebf197dbac8e00d Loading...

	#63 Eval - 83b2de2c15cd810e5e87db67ac1ad6c7	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 83b2de2c15cd810e5e87db67ac1ad6c7 42cd1ed207475edf9b416360f4302aa9321d6faa 86594e8958dc2bba0609981bf8eb1c4aaeb1596db7b7088f4705c1da4d7e1cfc Loading...

	#64 Eval - 21890765ccfc5b9efaf31f48522ec500	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash 21890765ccfc5b9efaf31f48522ec500 42a354e0648eb2e1d76be9294d49604e00936dad d17bee00d9d28e9deb22bdb19782e66cb4b4ae41a0f15cea531efb06e2272b47 Loading...

	#65 Eval - d94df73a9a7ef8975813ceb2c6b8b681	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash d94df73a9a7ef8975813ceb2c6b8b681 885188f0e9323b63a953c1fbae58160ac012ee1d a89517fc1f8b2a074e8d151b1c53149721102e4d9b074b15820ca088989f670b Loading...

	#66 Eval - f655d7d72800e09c8ec3ff95804cd3f6	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 18:21:31 Last Seen2024-04-24 18:21:31 Times Seen1 Hash f655d7d72800e09c8ec3ff95804cd3f6 3454d5e2ccc03daa677af05bdf669b92ad7b13c9 5bc88450494b5061b1ac7586fd7164817df7c17fe2238b202d938f916e4319bb Loading...

HTTP Transactions (20)

URL IP Response Size

productivelookewr.shop/apidJ

172.67.150.207

403 Forbidden

5.9 kB

URL User Request GET HTTP/1.1
productivelookewr.shop/apidJ
IP
172.67.150.207:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14394), with no line terminators
Size
5.9 kB (5858 bytes)
Hash
0ed2fb5f6bcb3ee7a95a3ccf9e20a148
0d5c3804ff0ca3dc75730be42c6eb8071936b725
53acce281484d0fb2bdec797b7af1dd5aa4581c3d58b47498000d8b352fe5659

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /apidJ HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 16:20:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: TUc3/La8oBetqV42CuNTPrHO9TCW2egQ2XFYgInx4lYAi/34UchjUyuoWXDDpFZIO+crXWw8O1cMDkhT+guo6MmLTqKphoma+dembu7/ICEvxssVLWHcOoMH6ogeOIehsdOgGfIxLvCLIX/Z79MfEA==$qvid9OeyglrBWUS1I675yQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jerTcv64L7UOAS%2FcS1C4W2ZfF7yZ9Rdg4ce%2Fsy%2BeTWSVDgN1xAeugniU5gYJzc9yeR0mxMuIEdCzVTZi%2FmrC1I%2FNmhrYYqneTjWwOg%2FoIIMYogmvL0JA1yW23aV6csi8JCmX56XqRvqd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87976c72acac56aa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87976c72acac56aa

104.21.11.250

115 kB

URL
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87976c72acac56aa
IP
104.21.11.250:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
115 kB (114738 bytes)
Hash
cac141a9019e6262168ffc2fd1d1f629
1e4b839a6bc3aa7e255f14c654a150c60c7bd2af
c8a416a33fd64e8c24bb44fb201542db96341999c6bf8eae1772a7cdf3bb69b2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87976c72acac56aa HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/apidJ?__cf_chl_rt_tk=dbwr3NoMl57F1soj5fSF47kaSi2ZNbmF23KzxLcoceA-1713975657-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:20:57 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGMjB2Eb6C0L%2F8Ftz7QhNjN2rkfiK%2F1p%2BeEEOVyrPWFka8gUtHZj0AoH3uaee9nRoyYOTUF6cvsYH1iT%2BRdi5k8fOXv41lX5PpU4qiQjkbVK2mi1ebMrRzt%2BI0UwtlTpyqyf2266XPRt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87976c74794cb4fd-OSL
alt-svc: h2=":443"; ma=60

productivelookewr.shop/favicon.ico

104.21.11.250

403 Forbidden

5.9 kB

URL GET HTTP/1.1
productivelookewr.shop/favicon.ico
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/apidJ

File type
HTML document, ASCII text, with very long lines (14484), with no line terminators
Size
5.9 kB (5922 bytes)
Hash
5a25a35c8958107f6c2ce430bfd52842
deb0737469dbf3738af5c7b2ad9a186eb32edb8e
47cac19de36c0640e27877760022c033d3727fa2a151b5f5900ffbe4ecd13b3f

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/apidJ?__cf_chl_rt_tk=dbwr3NoMl57F1soj5fSF47kaSi2ZNbmF23KzxLcoceA-1713975657-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 16:20:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: O2/2dDd2G7hEzvrqpomRKz1joreJzyvFsX+1xzZxy8jL3N9ExtFaxq6ZaXBXzJEGYV1ChIe+Z5dV0mO33D6axTwVfJZvAldAiknZt3Z552X7YW8XXhnaq6aAz4RIXihCV9yxsMsSW3AftaO8KXebPg==$LmI58THe9daJTjh7BA7CZA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x3aQiQZ781OjRv%2FOwxKzy50D0csQHVchGzXaLzqTus6uK6XSPuKPHdSLOwfm6lxgJJOWlVnk0A3%2F1ugL2ob5YHUS4XnMhUTYIeFA8lO8ZRy0uErIFSKK4V8aC2VYGb9%2FgYm2T%2B2E0Hbd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87976c74c98cb4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/favicon.ico

104.21.11.250

403 Forbidden

5.8 kB

URL GET HTTP/1.1
productivelookewr.shop/favicon.ico
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/apidJ

File type
HTML document, ASCII text, with very long lines (14398), with no line terminators
Size
5.8 kB (5846 bytes)
Hash
a946b6ce37dc0ca355033cc85425c173
aacfd6faa581a9ed3bf78d208f5c5ac07ffc5d75
671618ae51ddcff7069993ade8aa5b9357d98345980e53c070505242c82617e2

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/apidJ
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 16:20:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 9FzbQRvKIzkfcQng9xh5yPXm/S5TZ9ijsWZybeetLv4EM0yHZoyq5SzIfrz5k/Ai7FTlun2qXjgwpDqDZ75l6ZkzZR34bRGguMaMjeqIcTlJpcUgarg35IfmLCYd6fzSTZpalh/Se20/IAT9m5Lw4Q==$NvplnvB5G67n+J6El6ddGA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8O3h4hR3E7KD%2FurPUyw1XsUZGNAZTKnlhxvrNa4WbA2fS7vuU9O8wUSxECDYxZDY%2B31vOSjRNhhNTWEuK7QhtL2vsZMpo4gtI6jvyOMkRD3u%2F9CLipgcfI8Fw39ras49Xbq6SfrbcTiQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87976c751868568b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1815634333:1713972337:-9QITEmvGZklq1rVGzepNho34OTZeWnfmpNP7UgcUCk/87976c72acac56aa/0b031e4c4e00014

104.21.11.250

12 kB

URL
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1815634333:1713972337:-9QITEmvGZklq1rVGzepNho34OTZeWnfmpNP7UgcUCk/87976c72acac56aa/0b031e4c4e00014
IP
104.21.11.250:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15992), with no line terminators
Size
12 kB (12126 bytes)
Hash
dc25c4b8f08388549ba14bbf322562f2
382f0380d6def39f44daf646aec54e212208af8f
dc1bf157c5ae9148da42f940ae2e32363367e375772e1af262fc794a50e33a6d

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1815634333:1713972337:-9QITEmvGZklq1rVGzepNho34OTZeWnfmpNP7UgcUCk/87976c72acac56aa/0b031e4c4e00014 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/apidJ
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0b031e4c4e00014
Content-Length: 1850
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:20:57 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: tadqCLRwaG3/qqsqIWz5GMn0Cgd1QxfUKovEb0ApGnHQvweLaOUgtnzujMs8HdAM$Vx8W1+oSIYzFgHO90BFqJg==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHeofz7u2qnvEpRi82ynnYd1LjgLJHQhOcHAnFVkg7DCYmwXBZOnXNjg8461RcTXqoRq1NiUYFckPDghynFNwG1AmcripLGrXXwFVIYf1PSAS3DHudezdo6t9mmYqPZegWOgsb7z1GcA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87976c761bf0b4eb-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bf4lp/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:58 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87976c778c511c0e-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bf4lp/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.3.184

32 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bf4lp/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (41702)
Size
32 kB (32109 bytes)
Hash
20d4a390d6f368b3d12c0013e86988e8
e014c6cfc6e6608c5eaacab3f041a0c4619cec0a
19d0506af99f39b22c0404e8287d992c58ab660e23a238c973aeea9976b3e4db

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bf4lp/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:58 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
vary: accept-encoding
server: cloudflare
cf-ray: 87976c76dbe61c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1068293541:1713972597:JtN90fc-KP14rkiUU1xY74dYtRNGIl--IV-itljsrcw/87976c76dbe61c0e/aef758271a3ae50

104.17.3.184

132 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1068293541:1713972597:JtN90fc-KP14rkiUU1xY74dYtRNGIl--IV-itljsrcw/87976c76dbe61c0e/aef758271a3ae50
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
132 kB (132013 bytes)
Hash
13e74b99c40972b36e4917e81b1d5f6c
7862156582ba1db12d50ed0d44ba385566c29e68
9f5e376d737b4b3596cadfbe9fa20bcb52147a09cba065aa7bd5f72236c9172f

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1068293541:1713972597:JtN90fc-KP14rkiUU1xY74dYtRNGIl--IV-itljsrcw/87976c76dbe61c0e/aef758271a3ae50 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bf4lp/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: aef758271a3ae50
Content-Length: 3292
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:20:58 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 22epgNTzhSCOUxP5HyeKdBrlzw4TKG/F1HSFyyd1ZKlLStcDSw91M6zvSfZz51F6KBEZJ9tDWQ0mmRetlCLdUI4ND7AyrqapoommFRQsI8Dj5tmI+3ThUKYyco79jcjTsFwgN2Lcw8x8YKWgt4YjugDl5ONh8742Wd94f3fkQLM6HoQ9EfoQTUgqXg8h2TXglaWjb25YhJjq5Hpka+OqVRwLOs6TVy62fi6Xqra9oVzRvMA2w1VFeynChvj9GOPW/vpFNOybOT4q/xLN7XVXs37bjWJC3j3+aYEqqmpeKOqCN84dglBoHOm+5kxQd2MPm0hRelZsbXgjz+PKRt9przmbrsn5Uozon8rPGLAc78spl3Zx2dfoGPWscpHUumTgftfaSMrW6rGAVbzL54wmNy7ZCGOt+yK8mkALBbo0flgnlzJsMrEutTVB2tq2XOUl$GFtVMFjCoHPiomQyeRdxcw==
vary: accept-encoding
server: cloudflare
cf-ray: 87976c798dcd1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87976c76dbe61c0e/1713975658500/tQElDLN9kOI_wSu

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87976c76dbe61c0e/1713975658500/tQElDLN9kOI_wSu
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 93, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
42f747e47ec35d5a3650e96bae17e4da
897e049c5fff98778d16e54b93eab6f4dc0003db
3275ca0170bf1880833fa731b5183cf1f788f14c35612d23fa687d605f34bb43

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/87976c76dbe61c0e/1713975658500/tQElDLN9kOI_wSu HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bf4lp/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:21:00 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87976c86cd991c0e-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1068293541:1713972597:JtN90fc-KP14rkiUU1xY74dYtRNGIl--IV-itljsrcw/87976c76dbe61c0e/aef758271a3ae50

104.17.3.184

23 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1068293541:1713972597:JtN90fc-KP14rkiUU1xY74dYtRNGIl--IV-itljsrcw/87976c76dbe61c0e/aef758271a3ae50
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (22552), with no line terminators
Size
23 kB (23298 bytes)
Hash
8fb96d9d7cdfb751d5f7a14f2f57b047
abbba202776e9cee41aaa1f09fb4ca75850a2a6b
c2661a84293ab1c826b5dfee0cc4b0e0691ed868ac5d5293cc1887689bcfe9d7

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1068293541:1713972597:JtN90fc-KP14rkiUU1xY74dYtRNGIl--IV-itljsrcw/87976c76dbe61c0e/aef758271a3ae50 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bf4lp/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: aef758271a3ae50
Content-Length: 26009
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:21:00 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Szy5NkXq8L1TCmEoUTfQ1qm5RqBnqRdYPCDf12P1purbHmNj7akLeHl26Dfp6KQa$raFJW217oFwpbny5IDM53g==
vary: accept-encoding
server: cloudflare
cf-ray: 87976c885ec61c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

productivelookewr.shop/apidJ

104.21.11.250

403 Forbidden

5.9 kB

URL User Request GET HTTP/1.1
productivelookewr.shop/apidJ
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14415), with no line terminators
Size
5.9 kB (5867 bytes)
Hash
42b90522ac4222b12021ba5d123d610c
e014227636833af855cfedd2237ebe5313929060
57e54a503185123c2d340af862f3f24a224ff957953d95c57effd4bee187fe42

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /apidJ HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 16:21:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yZ0vCqU/aQWzQq1t83ZWCTZGuRqISfQQc3CEW2oTagkE9V7YiCIQTVhZ99TuEUwHFr+RDflc/N6Eqi5WhKHLtex9TYGUpBIbu29U8qFxL8KMocJqleEr5vAZfD2mmFTIbc+fTxcFYWqOXI9GLDTHzQ==$8QnINLbItjOZE71bQsnMhg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5cVJDA60CZ5%2FW%2BZyXWZbTNo6sEPOgbs3TCs9wNVhRJ2jUX112bAw%2FmuPj0WMImg5B5BroDuLml%2B3EqtWBIwqmBuGxtr3kfz5uLmzFnw7l%2FKWZNTwHA%2FPI0YSBMVuz36cQNZ4d8SPDwI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87976cb1ee8bb4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1068293541:1713972597:JtN90fc-KP14rkiUU1xY74dYtRNGIl--IV-itljsrcw/87976c76dbe61c0e/aef758271a3ae50

104.17.3.184

114 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1068293541:1713972597:JtN90fc-KP14rkiUU1xY74dYtRNGIl--IV-itljsrcw/87976c76dbe61c0e/aef758271a3ae50
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (968), with no line terminators
Size
114 kB (114389 bytes)
Hash
72e1e63f4f58f702a0bd90be3d6c09be
e8928e4f14ba8892881f521d9c03691bad3c641f
6e4b5d4310d5f6816e6a33b953998a7663013cbf9f48d52c003f14b966dd37f4

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1068293541:1713972597:JtN90fc-KP14rkiUU1xY74dYtRNGIl--IV-itljsrcw/87976c76dbe61c0e/aef758271a3ae50 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bf4lp/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: aef758271a3ae50
Content-Length: 39083
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:21:05 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: ruwgwCjMHNaIWd0YO09DVFmAAMxMAo0Cv6JcwXVp3Q6vcbMB8LVjWeBTgsM07eEMTVtpQhxqfZoFIjE9SlNsYVKFMja+GhcGmlq3kNAs4Wk=$VsWxPoYiQHSQ9rNgmsgyPQ==
cf-chl-out-s: ClmLYP7kruELZ/3ot5m08mw69qR6xrvk2JetAtWVwlOIJRl10vtCSKNQH5+HUmZukrw037Hy0AFX8WU/C06MF0w2UwurTzfgO6L0uucePhmUw7G29FASa/5xyp1A17DRqOYcRgYFoaezub6+NpoAEw==$C8gzYc9HXLBsXTCxX0gB5w==
vary: accept-encoding
server: cloudflare
cf-ray: 87976ca499501c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

productivelookewr.shop/favicon.ico

104.21.11.250

403 Forbidden

5.9 kB

URL GET HTTP/1.1
productivelookewr.shop/favicon.ico
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/apidJ

File type
HTML document, ASCII text, with very long lines (14505), with no line terminators
Size
5.9 kB (5927 bytes)
Hash
b8e2553ac44773b5541ffb1bdadf8c10
71ba47c7a356b6db578e13a286a97df50b1a727e
9f289357a9701e101b033d574ff287cda65343b2df117cd7a7322dc31b644493

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/apidJ?__cf_chl_rt_tk=A_.YXSsLrtlc8s7c4r5CnCSlq0rjn3b4emtnXrpW47w-1713975667-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 16:21:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: CFp3xwRmC0mRMdtd7pKfkgDInfud/oMgM08pSl/VNoaJcAmXOst9jlPJeKjfQYsFtrWYHXdTaaEsv3SIhYP1/bJhJVmwoSoQJMznPQ7PMVfrNbaIm+nzxUoOKJmwJLU3FaMl7bw63iLe1AlQvWK1dg==$3iIV7VyNUhEuL2l/HL+e4Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cad%2BOGMTH%2FRa64yUi54g9h93jvK0bIALTrIEXnHitEDeGIaOQCTy2dXA7bVaFEGJntDP8wg%2BZuHHZbBCWzPCWrLg%2BXRQAMkqolH1F0QS5kYVjG8pliorF8s4CLAXla9RELiOiQev3%2BhI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87976cb298b656a5-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/favicon.ico

104.21.11.250

403 Forbidden

5.9 kB

URL GET HTTP/1.1
productivelookewr.shop/favicon.ico
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/apidJ

File type
HTML document, ASCII text, with very long lines (14419), with no line terminators
Size
5.9 kB (5867 bytes)
Hash
17934aeecf39c70ac58a195451a27174
2de7bef5c2933bc08d72ae8f8c7758b861b56f11
9593d5e0f591e98429b8011039459dfb32f8f19cdf14de310efad4874458f44a

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/apidJ
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 16:21:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: s1zkSKFz95K36U+hFl53T8Umuc1ARefoqk93zdSu7RCMKiv0fXtcw9doHcHCqkt2nSdwXlc3FsPqeqHil6Y/QMAyJa3yRtURDfaqdWN754+Y2H1NBm+sXmDVbUIUyFiUa3Upl8Mk1Wx/rmN/f2Gy0A==$KwQ7g/yb6SLXnbg18enV4w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AcWdq%2BRwTyCGum10BwfjiWyICNajAC3cLKQ1TNUecNBiwjtRXsXXKvxOBqD6UO8%2BkGwcZg66uRbnx0K2Wglovra0ny1jsavDytmwocw2%2BKXe0pmZP%2BUi0ldw65uYRvHCoG%2F8QzSyYjvy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87976cb2fd92712f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/310479165:1713972469:cUMvLWIwA25yye6c-hXZjqjRo5Db2_Ed2HaUY4zeJnU/87976cb1ee8bb4eb/95f62e2b732be62

104.21.11.250

200 OK

12 kB

URL POST HTTP/1.1
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/310479165:1713972469:cUMvLWIwA25yye6c-hXZjqjRo5Db2_Ed2HaUY4zeJnU/87976cb1ee8bb4eb/95f62e2b732be62
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/apidJ

File type
ASCII text, with very long lines (15984), with no line terminators
Size
12 kB (12163 bytes)
Hash
0eeded69cc09ad7effd2fd8277118ba6
14e9ef23464d9ae33b4a14e65025d569416aefbb
36d3118394af75ac6f97c5386893067f45c157b46b24d29132a5f49a3ddf1b34

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/310479165:1713972469:cUMvLWIwA25yye6c-hXZjqjRo5Db2_Ed2HaUY4zeJnU/87976cb1ee8bb4eb/95f62e2b732be62 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/apidJ
Content-type: application/x-www-form-urlencoded
CF-Challenge: 95f62e2b732be62
Content-Length: 1870
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:21:07 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: Sxhp80dOFn0xVWS1zJc8esiDtapt32LQI0iCbBCluLx69JYogcPuPjYaYqG7yv4b$6+imsBLW33Zq3cbC2Ho5UA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vo4i60iSymH386tucYlpLivSxxGUK94HSD2PhmRYWQdmwOwCMPX6J7xEsn40qR3TmTbWGM5hEyWVBUodPkxHnL%2BN3dxT7kgdt2ro2XRHXvdiKxGHvc9GJ9P%2BPUs0AnQ4%2F1gyNez0o7qH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87976cb3cbdf56a8-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gwh4t/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.3.184

200 OK

26 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gwh4t/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/apidJ
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25607 bytes)
Hash
588f64c56d895fc0e25035d5f243c81d
1fe0222adb1e7facc9fb712699c362d5fc96dbc4
3b037db9621c866f5bb4ec05ade3482745072ddded6c2bdb05ee0077ac50872c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gwh4t/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:21:08 GMT
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87976cb51bf41c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87976cb51bf41c0e/1713975668476/u16H-KzZ8ZnFLxk

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87976cb51bf41c0e/1713975668476/u16H-KzZ8ZnFLxk
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 44 x 55, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
844acdc404c8780c5448dff61841eaee
6e3575b5566ab7886526dd79a1c7d9c1843148dc
3d31aa677ad27e8c6b214c518894525c4714d83a3503c68137d151af1f9a99b0

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/87976cb51bf41c0e/1713975668476/u16H-KzZ8ZnFLxk HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gwh4t/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:21:10 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87976cc758ca1c0e-OSL
alt-svc: h3=":443"; ma=86400

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/310479165:1713972469:cUMvLWIwA25yye6c-hXZjqjRo5Db2_Ed2HaUY4zeJnU/87976cb1ee8bb4eb/95f62e2b732be62

104.21.11.250

200 OK

1.8 kB

URL POST HTTP/1.1
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/310479165:1713972469:cUMvLWIwA25yye6c-hXZjqjRo5Db2_Ed2HaUY4zeJnU/87976cb1ee8bb4eb/95f62e2b732be62
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/apidJ

File type
ASCII text, with very long lines (2332), with no line terminators
Size
1.8 kB (1799 bytes)
Hash
eff34f03c90a7c6f9929af2dd1b9fb8d
b5e8e5d6eeb41122e22e0470898011ac31673cdf
8b0c4a7dbd97c6242603bfbbffbddb4caad9e64858414df37a8d27876c7aa17d

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/310479165:1713972469:cUMvLWIwA25yye6c-hXZjqjRo5Db2_Ed2HaUY4zeJnU/87976cb1ee8bb4eb/95f62e2b732be62 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/apidJ
Content-type: application/x-www-form-urlencoded
CF-Challenge: 95f62e2b732be62
Content-Length: 2509
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:21:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: onbi0+z4YJZGBYgbZ+A/V8GgxrR+ZVkuWsM2CsnNAjLjQXUlVNOj5BoJWGzqeAayCCreyG5Cn3Z4u/1Pinos+nLTe31jPZAopWW7oi8haBI=$gVzfZclbFELq6HkaiEXVfg==
cf-chl-out-s: zTxapRkrkZgaJZwmbU5Y0H2EBpkeXkr3TPTge4AncFoZ/Gy64ju8YB41dT0eIMareQCyBHMwAuZ0kvdFVU4q8ehvwJGe3MaIw3DsvzViDGc=$ZOlZzwdFtTG/w2dPdcArEw==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQ2aB%2BIzZXyRX5yjH2YopN8iOKxzOuBr1vF%2FoWihoQt4ADrbOXGQ1bjGJA9qt8rf5426w2J7T%2Fo%2F5uHC2lKrBjK6y5XPa0Uk1xs0fz%2Buj%2F%2FGmUk2tw7w2%2B%2B6YmlRM5ZxqWunsBQHAWTT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87976ced5b9156a8-OSL
alt-svc: h2=":443"; ma=60

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87976cb1ee8bb4eb

104.21.11.250

200 OK

398 kB

URL GET HTTP/1.1
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87976cb1ee8bb4eb
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/apidJ

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
398 kB (397809 bytes)
Hash
ff14aa9b0218ab41eaf280a47cafb11e
52aa0a8c3d467391dc850ecedfb861be14c56a8d
4ac330dcd281bce75ca65903c6dc28e4707e41f9a0a4658adf7fb7cee2082f22

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87976cb1ee8bb4eb HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/apidJ?__cf_chl_rt_tk=A_.YXSsLrtlc8s7c4r5CnCSlq0rjn3b4emtnXrpW47w-1713975667-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:21:07 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p6a%2FdNPJUuFsPFFIOTvtA84F3aGglsvNlPrtjZyUPTQrRtyfpAZQpU49K6oMYPkI2E6nLQIhXY4x1QE6vOofAwbG7k%2Br2tgGKx2V20WW619Iu4Dmk9N3JkDuupGeqEHzfy1x0ZdBTFsi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87976cb2484956a5-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit

104.17.3.184

200 OK

42 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/apidJ
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
42 kB (42415 bytes)
Hash
f94a2211ce789a95a7c67e8c660d63e8
f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b

HTTP Headers

GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 16:21:07 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87976cb2fa4f1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (69)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations