Report - productivelookewr.shop/api

Report Overview

Submitted URL
productivelookewr.shop/api
IP
172.67.150.207
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-23 23:00:12
Access
public
Website Title
Final URL
productivelookewr.shop/api
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
84

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
productivelookewr.shop	unknown	unknown	No data	No data	7.3 kB	433 kB	104.21.11.250
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-22	5.1 kB	498 kB	104.17.2.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed
2024-04-23	medium	productivelookewr.shop	Sinkholed

ThreatFox

Scan Date	Severity	Indicator	Alert
2024-04-20	medium	productivelookewr.shop/api	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop/api	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer
2024-04-20	medium	productivelookewr.shop/api	Lumma Stealer
2024-04-20	medium	productivelookewr.shop	Lumma Stealer

JavaScript (73)

	URL	Size	First Seen	Last Seen
	productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791778c5d68b524	393 kB	2024-04-24	2024-04-24
Pretty URL productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791778c5d68b524 IP 104.21.11.250 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 01:00:19 Last Seen2024-04-24 01:00:23 Times Seen2 Hash 4362a3898ff8c4e77be65d771a39d9cd fbaed4c89d61ce8c650a2646495f20b7891381ac 170247ea571ee96c554a585efa844456983c4e26e91148cbe24c02691e3f2ee6 Loading...

	productivelookewr.shop/api	4.6 kB	2024-04-24	2024-04-24
Pretty URL productivelookewr.shop/api IP 104.21.11.250 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 01:00:19 Last Seen2024-04-24 01:00:19 Times Seen1 Hash 00bd6f603a9c462e5a33354832b02f25 813f7228176aa0d299188b1e810f883f7d161827 763011b5757739be87ff0f73416146d32187ef5b762bb55689661e6a821a4e9c Loading...

	challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit	42 kB	2024-04-18	2024-04-29
Pretty URL challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP 104.17.2.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:08:49 Last Seen2024-04-29 16:17:51 Times Seen2594 Hash f94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 682c78dfaf46228cf952321409ded7c5	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:19 Last Seen2024-04-24 01:00:19 Times Seen1 Hash 682c78dfaf46228cf952321409ded7c5 d6eb48142033bfeb7884bf186e5facb6e7f6b250 198d7fe4d3e4cc2a799bd005f06fdeae95ddf5e8d18264128e1e4259c5480fd1 Loading...

	#2 Eval - f3afe92d8b9fe4cf2fc946adb5a347bb	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:19 Last Seen2024-04-24 01:00:19 Times Seen1 Hash f3afe92d8b9fe4cf2fc946adb5a347bb 7977ab7133c69564a1c42edf6900489df60b777b f4bed0fddabc2b1ddb5bdf2cf9e2ebf765bd6b90c7ef41c15c4bae7f6c444c9c Loading...

	#3 Eval - f2d0ac806c2fd05e55e25fa30b4ec8c9	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:19 Last Seen2024-04-24 01:00:19 Times Seen1 Hash f2d0ac806c2fd05e55e25fa30b4ec8c9 0f345cdcfd255c87aab52f4f4512133da7fdc0a7 71f6e40fa67c8e216c4153a18ac4bd807ff110f998b9acda6708144e53b3f10c Loading...

	#4 Eval - 426efe068ee5868d7eecc32212962d75	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:19 Last Seen2024-04-24 01:00:19 Times Seen1 Hash 426efe068ee5868d7eecc32212962d75 4b2f1efc1c6de59d495dcee00883b84c63e63b97 944d498322babf07952f72f911ea947a841d3b2f14147a8333a9d06c61ca3ee7 Loading...

	#5 Eval - 2aa9e86cc58aa44cf525f1662c93e06b	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:19 Last Seen2024-04-24 01:00:19 Times Seen1 Hash 2aa9e86cc58aa44cf525f1662c93e06b 8befd6b1a46b17e8358c89bf47acb060bb75c2ce 00facd08f5a5f61c8b2ad1943777281c6862041bc207d530cc1b18739271b57c Loading...

	#6 Eval - 883e4872dee76332d8d00b1397f1c8da	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 883e4872dee76332d8d00b1397f1c8da 1c7b45cdc4698369e4836c1536348f0cfbee0aa2 8cd8c4a03728cf0cfc863abb2a8ca2d20844de806da16207fb74683dcc61e17a Loading...

	#7 Eval - fd70c192c272b7ac7d8cfefe21b30ea4	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash fd70c192c272b7ac7d8cfefe21b30ea4 78c1bd6212e7572a48d22fe6ae70facfefcdb9f5 5681c261844edc46444f23627ba1be0e0db4d3fc0710844df1d3bf557feac9f2 Loading...

	#8 Eval - 87b0e5bab5e097d547141fce2cb935aa	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 87b0e5bab5e097d547141fce2cb935aa a3a7c4854c00e3d7706504d42363d480b27435df 0a2fcf6fad4d21c5ea48a25327baae16ed3f1d4008c0ae055a1583b6f9f56b08 Loading...

	#9 Eval - b68e6dddc5af78f08f3f540cf5f6dc3c	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash b68e6dddc5af78f08f3f540cf5f6dc3c 2b0a6af84eeaa770133345a790019205016fbbc7 f6f1931e2f4c7c9be2dece82e87840b3e8822a9eb373fe3545eea81f2950ce38 Loading...

	#10 Eval - 43c81e43a6e7d9140033055ff3e04983	62 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:51 Last Seen2024-04-29 16:17:50 Times Seen2736 Hash 43c81e43a6e7d9140033055ff3e04983 b0eca03913678cb38c488c7c79cc4f9d2755ea17 3f7ef931c657c4333a401c40e8b0b8d1ff3b164542af45e14242314c0ec39f34 Loading...

	#11 Eval - 0698f7c282f0efac30a66127077b1392	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 0698f7c282f0efac30a66127077b1392 6ccc101044c12c7867f53468cc4b270fe2c0245d d04da42fe57ebe6e8f1c3e574df066270dd038b8bb2dbfc4495075e985e60009 Loading...

	#12 Eval - 2e99eccd34cc83c7c96c87468497b9fd	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 2e99eccd34cc83c7c96c87468497b9fd 887c3f22f7a7b004bc3022b87dd54979d8bea55a 783e997820d05492bda9df4837af7089eb9bb087e8f24355a20ebd529eae2a50 Loading...

	#13 Eval - 927f7c33d4b1c0bb28461c61bb59ec51	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 927f7c33d4b1c0bb28461c61bb59ec51 216002f73863d780b47dbb4a60a98e5a59e1395e a0345cc335de5fd76ca1002e14bc1bf36f5156d64281c8c221fe91afc602488b Loading...

	#14 Eval - 9e0b702162326733f04f3f72d37cbc62	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 9e0b702162326733f04f3f72d37cbc62 c2eb83e6ceb8b9dd8c40442fd4d5c1ae176496d1 b679fa89e846803fd2c43b4cef688d353779a54e4e3bb8afa63a1fa53738119b Loading...

	#15 Eval - b85d4cb0fd40013f119d1a04e8481815	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash b85d4cb0fd40013f119d1a04e8481815 8435c2065a11b681e381b13cb22d4322c72faf16 e40d08a5409baccb6ee56f77598aff1a0ad299fe61cab363dd732f106584991d Loading...

	#16 Eval - 1c66b5f90213755dac79c90c4c4ed792	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 1c66b5f90213755dac79c90c4c4ed792 53b5832f401ed126056c1030eef00f00d278902e 3ea1227b468c4e807febea29df5f567cf6164154613c10650ab24f1ca201464e Loading...

	#17 Eval - 8720672671e7ae8bb421ee2a60fc4397	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 8720672671e7ae8bb421ee2a60fc4397 8c695d133903e70cbdd00faec616f57f8050498d 5880d634cac6bfb6ebc9a9611bfe7ae7ab60f86514774d471c4e35eeda036f73 Loading...

	#18 Eval - e4a9e7b41fd7aac13d2976defbf71f39	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash e4a9e7b41fd7aac13d2976defbf71f39 6a205921cd8a14f2ec37f68d3df4eef8378c2d36 3e5c4f92d62ed5d21e6735411734e101a1f4c043d79b1c24bfc433da351ab9d3 Loading...

	#19 Eval - 95524c167a361136ca758eb359e22536	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 95524c167a361136ca758eb359e22536 e57d2411185e49f9ae4dedc93e995d3c6cdbf842 6a141537528925b215d488f9b8105956823967b1983740e9098a527d9c98dc9e Loading...

	#20 Eval - 8685592aa49c01a4ecf511e4c2a44153	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 8685592aa49c01a4ecf511e4c2a44153 6ed756e45863dd5b6a6e11379d2e120d81cf548d 77358c13f2e8f68835cecef94199bad102d22aaa8cce104a8511192b4683e816 Loading...

	#21 Eval - 9b62b664d3629a682d0a3e5f5642b047	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 9b62b664d3629a682d0a3e5f5642b047 140ec66a9b42c2e62b9459115b49803022bd3654 2be40895a451dded845ce95ff54f997479efc78153b674e28cc72e19cf48bb7c Loading...

	#22 Eval - 621d0f53592c79ade88d8fae975f484e	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 621d0f53592c79ade88d8fae975f484e 803e0697e857ab64905b983782c95f81cd86d248 d9178cf94c11a49f76243bfc8e32352bae1bbefa260507ccc453c8cedab58867 Loading...

	#23 Eval - 2950ba79ec21499f3182f83b5663574d	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash 2950ba79ec21499f3182f83b5663574d 5a936f6a413f859826f4f260587e41a9b310c422 ee0e07a2bd0a6829bc9d1a1799f1da128df526efa9e0061bbcda8d0f04e13c17 Loading...

	#24 Eval - b05e2b3b09634580911b336b3e099733	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash b05e2b3b09634580911b336b3e099733 3e74a7d2b1bccce1dbd5ea41271b9eba4896c402 fcf39ca01b329f0d9062a2bd7b03a7de6ce3b795c1ecf2ade93e981f61e4cd2c Loading...

	#25 Eval - e07c6d53a21fe1aff885e97405fcfd26	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:20 Last Seen2024-04-24 01:00:20 Times Seen1 Hash e07c6d53a21fe1aff885e97405fcfd26 d5869eb224c01355b583073f8535b98f331b18cf 2df078047271cf0a44cd63331136fc8cceacba323a138ea81e10ff97c8be4ecb Loading...

	#26 Eval - e925c0df0cf523901eb407736815f692	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash e925c0df0cf523901eb407736815f692 6ca914b25c10b18377a2d12644935a5e21ed21fa cb55002ca2182125daa301b3f07b87010b4a456ffa36ef20de0a5bf75681045b Loading...

	#27 Eval - 2eba69a4e06554c66cb0b27876bf9648	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 2eba69a4e06554c66cb0b27876bf9648 5e585eae4b708093451f04b4736a78208658acca cb2a94a05334a8e4ddeed2b95add6869a906054d819cac15c55c3f5caa13567c Loading...

	#28 Eval - e55bd546e9abde705626f436979d3658	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash e55bd546e9abde705626f436979d3658 292907103c68c4c968b7796bee73612ee11d81a1 f0c7ff8a4728e009b0e702f9a8946cd29ad5c101198399c538c3d0dd085290f4 Loading...

	#29 Eval - 5df664b9043f96a58cc65834c236b048	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 5df664b9043f96a58cc65834c236b048 8bd153a2698820013e21c4a6b73a4d2538a5eefd db2d3b617e5f9da6868f656726fe0e67dc415c2bdca8eb1545edb4b9979f0394 Loading...

	#30 Eval - 6739ef1f483cb052e5c33d538d3e7e4f	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 6739ef1f483cb052e5c33d538d3e7e4f cdfc1dda1e5dfe6e1f8832018ab0345a8f66d659 ad0125a7f7034a482cb0b7b91f91cca0379f23791012aca07b58c5e9b8e5476e Loading...

	#31 Eval - 93d4ab2744bef3ef778ca8b6bd9c6ca5	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 93d4ab2744bef3ef778ca8b6bd9c6ca5 efd5a52890f23b30a8957328cae9c08951543502 f2f39f8824cb52eaa9ae10ff6457475ed937a7978e5764200140e88f00472623 Loading...

	#32 Eval - be98237b4b293ea5501c867cfcfd90cc	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash be98237b4b293ea5501c867cfcfd90cc f198df4e7b7d93fe2520ca85c9818b41bb7bdc8e cd976ce0525d4b846ef66b86dadd2dbb473315ee5ef372f9936cb678916f72f6 Loading...

	#33 Eval - 2a347b3dbbe8f7a54970ab066b0090db	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 2a347b3dbbe8f7a54970ab066b0090db 68fdab4ba6502f68ca7822028c08f835b6f22585 4564dcdf4a7fc7c46df5c9d6d81062a506feb3d7ebe0a706ed1cdd976eaca9d2 Loading...

	#34 Eval - 1c3ac8454c838416415e9f8670b6b094	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 1c3ac8454c838416415e9f8670b6b094 c9267a7abbd6b388954b42505db2609c7f3ec716 20906f7cd2dbdbcd372ec351c09798e0c918fc5b730e146c690c4b00fdc28e6d Loading...

	#35 Eval - 88c75b8b6759fea9b3f8f4d05ea313e9	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 88c75b8b6759fea9b3f8f4d05ea313e9 83236ab625a3ce1fede4b4c8430ba78c9c93d129 05eb5e51c5cf935afe7e68a9b61f335b6da4f57b84e44039ebc6d1d099df97b1 Loading...

	#36 Eval - 976fede1925196786ad57db4b76e580c	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 976fede1925196786ad57db4b76e580c 9aa112bc156ff9f1c1516f7d8ddf009cce927e96 c0b31f53cbefa576e917b7bfa991fde53d8a7104a242230b4dc314346e20d060 Loading...

	#37 Eval - 5ea8c4f4d218a34e8a84e36e030ce8cf	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 5ea8c4f4d218a34e8a84e36e030ce8cf 4b584cfeec737ececb81a3397f747bec47364ceb d01c3591dd658b6a3a749b9bbacb9b603a30916d8b6870691425487ee3c7e459 Loading...

	#38 Eval - bd7f87373d6c7e5d923175f92ac282ab	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash bd7f87373d6c7e5d923175f92ac282ab d870af4fc03b111c79d72686c7b37522c1cb80d3 05ba92181be21774735d7808d91f61c9b4a3a24e6cc2f9712145e2c948f60781 Loading...

	#39 Eval - 35a83f2ad2ab4ae23eb731e9dd9d792f	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 35a83f2ad2ab4ae23eb731e9dd9d792f e038591cc7f49a797c69e139acb9da83e92a52af 2c73e1a8ae1757025a46490938039fdd8b5b7ff6a5ef1e1c9dec159893faca09 Loading...

	#40 Eval - 6ce302c6431ac637f1ece43326dabcb9	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 6ce302c6431ac637f1ece43326dabcb9 e87f6a3a1a29928f388aeb6b04bf4d01fe606577 30d9fb135c8598271784189a99687b8d874ca9aa2b0a376ad4ed1b22b2ccbb7c Loading...

	#41 Eval - 72da61187bcd08e4c622ec3a330f7f78	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 72da61187bcd08e4c622ec3a330f7f78 9b64a9934098c31d042327dbb1312a556cecc1dc 2021b138ddc1235b57863e58650c22d4304739420fbc984f83d3cf81418f5e4e Loading...

	#42 Eval - 2d204f7502db960f7944e38e1f660742	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 2d204f7502db960f7944e38e1f660742 7741bc6db41818be5a1a27d9e831f6daf76d6230 34df3b9bbd1169f44a0d74c81f4a6bb612361c0d811b33608e32f86069a5d20c Loading...

	#43 Eval - eaa3f72b501d56d505f370a50f777502	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash eaa3f72b501d56d505f370a50f777502 86c69217b891f1296c58ade6f503c585855255b5 97d9d73cbccef7672d465e84c8bf521e628f0429d906f616e151cdc539e2f387 Loading...

	#44 Eval - fa0c249efe64ec4a02c123b4dc185965	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash fa0c249efe64ec4a02c123b4dc185965 a6ff5e6d85c3c2ae84331a6e1ad78f82cae34e70 678299430e4525b224d95a7a725ca656cccf3e0a06322769634983ae59cf5f93 Loading...

	#45 Eval - 4e36d89f44cd778f9c5cc3e1da691b7b	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 4e36d89f44cd778f9c5cc3e1da691b7b 0bacf0f4389c7a4c0cc5332e1c6a575c9536ac2c 3edef14d6c5b88e9e8d958986b7b30e67f1f3a8be46f51bcba287a5442aac9d4 Loading...

	#46 Eval - 82e45cfc68dbaadd5b199f938614a73b	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 82e45cfc68dbaadd5b199f938614a73b ab9ea2ff60e39407e546123580ccb78b89e2ec01 7668ba90f0b408f7acb81d5585c2a01a970236b08431c56c3f1298e8d0a4a944 Loading...

	#47 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-06
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-06 06:21:11 Times Seen351519 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#48 Eval - 29a0b46acee1d103a44611658b8f66c4	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 29a0b46acee1d103a44611658b8f66c4 19d23a861c22ad8bfc42430ffcee7a6ed1f7d51a 1b8fb33c7e201d0f05d837312e8c7cfb18e1cf70a55db0f9e09f6e69b23b9d73 Loading...

	#49 Eval - 271174d32802b7bd918c803a639ea14d	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 271174d32802b7bd918c803a639ea14d 3e5125c7397435df222b5e6d9e3a2cd6e86c260e 4e4a9ae34b094870689338d27ba08dc4b08b8ff530b90d3d11e0e30c517f3a02 Loading...

	#50 Eval - 36505cd2bb2329ff36511041859cb262	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 36505cd2bb2329ff36511041859cb262 735dbbc75e425d5687d4fe4b16a23b0ae27fe250 7a19d6236e16a850c11bf393cd7468421a3fd95c8841531d7384757782ddbe98 Loading...

	#51 Eval - 2be9eaebb5eed4ccd26d1e7954fa8cb8	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:21 Times Seen1 Hash 2be9eaebb5eed4ccd26d1e7954fa8cb8 9b7dce43bad809a9219559c9963c3c924a154330 8b05f1c99d9848e8f3a9268e2f4489d0099ab18413db97d7082832299e3770c6 Loading...

	#52 Eval - 8c1693ddcac7a8da55f02a9ca61a6dae	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:21 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 8c1693ddcac7a8da55f02a9ca61a6dae 032c323cc2d87d7d64253566fc22f5eb173b8151 24a28c19810449baaaca7fd91cafcaff6726419099721deec4e610547c401ee7 Loading...

	#53 Eval - f0ae54677abea6182560ef9ead1f06e3	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash f0ae54677abea6182560ef9ead1f06e3 f8e330f00d89136e243502989e605031af3d0a3d a98cb354b96618e8e212f7fd69bd5e5725bc306a2b8da723af7dbddbe60f6090 Loading...

	#54 Eval - acb654bb75d2bd1ae48d0d972a4e92a2	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash acb654bb75d2bd1ae48d0d972a4e92a2 2d4b64b84adb92cec2076f0c616ecda86a07bf49 3596213f7656eac3527bff2cbbe3a45045e49150e3bdd189201b8e4973406da2 Loading...

	#55 Eval - 6dc0561c76638c4478dae371a1a99c0b	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 6dc0561c76638c4478dae371a1a99c0b 9ea936ce359bcee9e9b3cdfaf94dfec7f435eb29 a3de350ba120b740df997c18729f69c4252c25c2255551f2c454872aeb45846c Loading...

	#56 Eval - 71ec4ac96cfab7f70a62502a7ca594a0	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 71ec4ac96cfab7f70a62502a7ca594a0 8bb05561613478c0a1039ac8a2a2684e477e0065 981670d7ff2755501e93101e343e555ec789b525033fbc6379d48ddb9d602417 Loading...

	#57 Eval - 6d6c0fbe6053ae8c744d9481b95df9d8	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 6d6c0fbe6053ae8c744d9481b95df9d8 c68f1c7deb2810036e591d22fbfedc5e71a97021 15bc21a8d863bab13d956c275671857e5ef43317c312431668f257d2c1d4a935 Loading...

	#58 Eval - 2f6edd4f5167d2359d09216f4ab49e5f	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 2f6edd4f5167d2359d09216f4ab49e5f e1be3e0b15ac56f240191ac8416317b99696486e 36374ee95822b25f48024b663586726ced682e14693b09096c4b48f620d2ae7b Loading...

	#59 Eval - d905f02d324f116a7821fb58e5900b97	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash d905f02d324f116a7821fb58e5900b97 d1aff17e755fb936b2221318c640a424f5cc5f04 f478b0835a67922adbc3d680df51a8f1012ab054f827adbbcc62d786d50f4e37 Loading...

	#60 Eval - 33b70a4c78c03bbc98b20c10049ac190	1.0 kB	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 33b70a4c78c03bbc98b20c10049ac190 5fe7ce0f810fe2cabe52e97399a4b89097a16494 111f1da57588a1ffcfdc2154d76654a21262cce415c59493b26e3910479e22c7 Loading...

	#61 Eval - 3147702d38b8d90b596763902ad19c59	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 3147702d38b8d90b596763902ad19c59 4c2a6b8ab3b3462a9bc0b2992e07aef8db131394 f4b7df53892ed462dc5fe5945d7d4624668c1fd35fd151bd24389ae00a284338 Loading...

	#62 Eval - d8e633c81d49c49de4a039a27731260b	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash d8e633c81d49c49de4a039a27731260b 8427e8ad102ca9e0cdd4fdc7353e62d44ac41829 6f1cb28598dae1bec4b8fdcddbdc0c3dbf3a980cf09a8f90198ba1144a15b1df Loading...

	#63 Eval - 1976b9be2dd68553264c711cbe2e5cf4	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 1976b9be2dd68553264c711cbe2e5cf4 0984e6887b33d852d00ea6fa8191b36996904973 2e77422283303b25a8a2facb6cc631d8900c93bf83dd2c3b62037d71f6088e5d Loading...

	#64 Eval - 402b7a847ab52e9e50cf9e8f0309db32	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 402b7a847ab52e9e50cf9e8f0309db32 e5854eab7a8b11e9a12f902237bac90609969de3 190ed6f36aa3e741cdd50d0e65b52c0790034d043e5c2d626026f2c7a90592d8 Loading...

	#65 Eval - a25f5dabe0c0661bfbae68c7086d2358	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash a25f5dabe0c0661bfbae68c7086d2358 e4f2176c81c799cade4d1521fcc135f458fbb658 1e997bfb696e1c8858c3d82cf20b0b4c4aa427e3d2c2c58aaf9a06efbd506745 Loading...

	#66 Eval - 29153b3b87cf27f39047d3c9ddfffeeb	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 29153b3b87cf27f39047d3c9ddfffeeb 51256db939c8fb591a999b587f2a7385644b8675 ed201eae517bb7f717fad10433e30efa7c5b5f6fc078372002b5521e9cfe1d04 Loading...

	#67 Eval - d686cff4f258d015f11da29f119783ea	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash d686cff4f258d015f11da29f119783ea a04a4a85f1dd17b153dff8f50cb83a18407a4420 0fd5f1c0478597616138e83c96efad781639440fbb8e076b1ffaed9b0c3db132 Loading...

	#68 Eval - 72bbd7a757755a211bb4e38568be5709	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash 72bbd7a757755a211bb4e38568be5709 9698d59d4103eeaf5072ca18bcf42b9295634922 51b51d221a84ea1ce12ef9451f663b8c0bd16c7382ad705651eb18076d00d4ae Loading...

	#69 Eval - a7c20dce8b05e36b5c795c3e5966f180	28 B	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 01:00:22 Last Seen2024-04-24 01:00:22 Times Seen1 Hash a7c20dce8b05e36b5c795c3e5966f180 1fddde0129c72bdcd5fb863e4a177b52d913faf3 8d4effabd7a41b872f76fca43c5270715afad8f3de6f8f88bae04060d92f06fa Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07	2024-05-06
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-05-06 06:06:07 Times Seen44754 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (23)

URL IP Response Size

productivelookewr.shop/api

104.21.11.250

403 Forbidden

5.8 kB

URL User Request GET HTTP/1.1
productivelookewr.shop/api
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14362), with no line terminators
Size
5.8 kB (5837 bytes)
Hash
2a934258490e8880a797babd2f833b14
8322ad33e228edd3b52a387afd1163124d9fa813
e4946ee626eb13a45aaf006f65bce7083a53d813f99a1aa4f3e73a6c3b79ab36

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: mq4H6mnz2vRbbINRK2xgCJC24VioUsXblNxihjLxD5RR+vJohDIX4eHo661UYP71Vf8o5mjV+qzpuulj6Oxklic5m9ybPErlT1xMtxJqp8OrXTO7GlSp5aMfCGoRbR4H8Bjh4S9cRqhwUdyuz/oj6g==$kw59QXebrtK0jg1OWYBzdA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZfVMdn%2FKJjHfYKyk%2FhNumM2Tc4E2lhm4oTuKgmEzsH4EC0pfioXL1nWNrG6VOrMKlKJW8bTa7Rs1dKI4RhopN2Mc5Ph8YQtrOwkUGqg4pg%2FTPHzIuMhwDjQJg20ubV%2F8za4uFx7eQPC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791774bfda2b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791774bfda2b4f4

104.21.11.250

113 kB

URL
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791774bfda2b4f4
IP
104.21.11.250:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
113 kB (112646 bytes)
Hash
39f5ae7a44e10cf5e6116cd8d65e0868
5b1362313037859330fe2d853677bc766a2f7caa
947873cd3d379ddb7afc9f5bea16166db2bbde6d8275fa4e67a4922f92418180

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791774bfda2b4f4 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=FrAyIZU8S_SnFlYyujlGmS4hrrwm.qQV.RTckahNVRU-1713913187-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=av%2B1%2B%2FQeuOrEqRQtZxGr0TNJLkO5EFqiHBBOQBVHO%2FAH7wajb3WqB0W6w1FSMozjW8RX4wEeflfyc%2BK0eFtf%2BpK1snZNk4eI0raanG6thAUFp1NJclFIEAIMrjqQ7TsDuqs3mFevdDY1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791774d49101c12-OSL
alt-svc: h2=":443"; ma=60

productivelookewr.shop/favicon.ico

104.21.11.250

403 Forbidden

5.9 kB

URL GET HTTP/1.1
productivelookewr.shop/favicon.ico
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api

File type
HTML document, ASCII text, with very long lines (14484), with no line terminators
Size
5.9 kB (5922 bytes)
Hash
8c820ed7a67ac03f09a2f9516a7e815f
1c5b0ea8adeb76136b266eadaabea7c0fe9d4bf9
c69e53d5e7a4f4ae5e4400f8ee1ea95293c16c483b4329e800ae7b33dfbd2414

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=FrAyIZU8S_SnFlYyujlGmS4hrrwm.qQV.RTckahNVRU-1713913187-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ++YoUgFFhPVesPttnxGCvP3BfqU5MGgENnv3jPohEvefAgN1TZH1TiiReJRKyTzH35ojpFLPWYj3Wdi3WZ2pdQSntYWOscY+hCBOzJtuJcHSegjv19Esmlgpqb8LdBVWjI9IefFbIwJVHSxiyHMRlQ==$ZhQ64Pb1TjBGUknOLyomLA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmyo51Cu2ttpD%2BzdBwqJS8E8WGc4I%2BxIBHn5tJUgT2ONk6Pt64HqqkPkQZliSFMTwq6CoH8ox28%2BKiPHNDA3ACvYqIAYlXoBFXkIPUiJh21x01Vv812u%2BfpWejoThOBqnShm6rKE9oZZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791774d89221c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/favicon.ico

104.21.11.250

403 Forbidden

5.8 kB

URL GET HTTP/1.1
productivelookewr.shop/favicon.ico
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api

File type
HTML document, ASCII text, with very long lines (14398), with no line terminators
Size
5.8 kB (5847 bytes)
Hash
f78128d6ffcc5d698c189174b0513262
0fb989eb24bd6aa415b348299ac2537993816553
61c874b75afd932653fb96ccb0ea8af2aef0a5d1fb3a9ae1bfe686b4030afd93

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: e8iaacKp+VD5L9UYZ/R0jHUFfujI2Dfw+Kt0OhdtSxWUJYsxYJiQZmPu271C+AjoFYxEt4hdGtwphqjW/MdMF0P7dCLdpUBqckF+R2J3fiDZHfu7F5Tt0Bafs411qTkPpPq22wpfH3Q0yp++T14ZoQ==$Hq+intiVW21eYqm+ozqUcw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fxLcMyKGc12y57kMawQBXnRT%2BS3OQxJj%2FQQFZ1XB7UZvnOP%2BFLOmxeXYO2UNYhXIHUR%2Fs2gm%2FndGfa9uLcC6ItEG9fifl7vWKRVu%2BPZ3PlMyhLY7BVSKXd3bL0%2B7jdVIFy0tsDlTP6TN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791774e098f712b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c

104.21.11.250

12 kB

URL
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c
IP
104.21.11.250:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15984), with no line terminators
Size
12 kB (12165 bytes)
Hash
a8bafa28b33c8e7aee145a2bec2200c1
a20b4fc128ecd7f900cf93d2b3188fe0f9f1c9ba
bd56ea0f608d24870a2790762e4f87e9fc58ebd8d417db7d3c8b516450fcc26b

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 447511093d8174c
Content-Length: 1853
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 82HhnI/TniR4aAVhW86q1h/56l5Qgm+W9Uq/OTmaowY3mltGBvYn33LrJvDis93q$e3zOymc6CTGHLjD2k9Jr8A==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zbs0EiddroNWqlxR5kUpdlPfSXyl8cv1WYewdATXMc8SQH%2BRfCkjl%2Bv7a5T1GkCGCCueixFG0azli9TnDQPBebWv6KV63e703JNuy%2B8HNq7lZNMjFOXOHoYHA8OEzITLnVUkHVDhfQQI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791774eab77b524-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.2.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25612 bytes)
Hash
4ec9c04d2efd22a21d6ff6b0f1326e9b
daf678f4aa83f91f170291223e948dc5a820d993
7f59b0ea3d127c73dadb08940f24e1dfb5ead0d1176a8a1387f7e723f2fa9bd3

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:47 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
vary: accept-encoding
server: cloudflare
cf-ray: 8791774f7f32b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791774f7f32b4f4/89cc9e5d14cf110

104.17.2.184

117 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791774f7f32b4f4/89cc9e5d14cf110
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
117 kB (117034 bytes)
Hash
4a2a00cfbf870105e18a53bc446722c9
eaede9e7438275ac525b230769e2e41b212d75a2
1b4388c4a1ad907b61ebfc8214f1bd028e8abe930ae08b62445a7d68174fb3c0

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791774f7f32b4f4/89cc9e5d14cf110 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 89cc9e5d14cf110
Content-Length: 3308
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: SDC4/eUC4PM869sIfzqQMX4XTR/hvx6ykV3CE0EQieL/D7bpjWChLnn2FJaM8YdkquP37VEmbr4PNNY1oRIPJO0QTaGFkQnBG1BjwiczlYfffbyn8zy9JesqXc3h6ChaK0stQIw37yUpFVv7MFgGhH81ZQhZRox2IndcINEuOoFfN960gF6FwAcx5TXKr/GcCQF3MuDItYkfgVDvlH2iqe/YUsWYa+Z/+sfYhpmhPqLC3DXU16ZGD7PtRxD3PC3YJiIkgtroAloAUqFLIu3Z8rLjR0Tk9pJ0xjy1V6SWfiLTReJ6OkfGPD8w57QcdbGcCbGJe/55Jq4ntopRAjrlHreo0CZsbK/jM9qt65sNzigj7LrPFCyOWXRbnHkTaVF0O9OpyLUcqk683TJ6UKKwHw==$LUy1gBIrzW65Z92OvPVrlw==
vary: accept-encoding
server: cloudflare
cf-ray: 8791775298e6b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit

104.17.2.184

200 OK

21 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
21 kB (21171 bytes)
Hash
f94a2211ce789a95a7c67e8c660d63e8
f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b

HTTP Headers

GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 22:59:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791774e1f5d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791774f7f32b4f4/1713913188265/92ZrSzVXr-xuPaS

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791774f7f32b4f4/1713913188265/92ZrSzVXr-xuPaS
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 6 x 49, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
bcee2ff7b79071832915e88b39a4c2b7
c5feb3aeb76fa69cd2850feba1816e87e8a9af12
dc5fbb22803576516af7409eb0508dfa8ff1f7ff6e629092c7e6e434d244838e

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/8791774f7f32b4f4/1713913188265/92ZrSzVXr-xuPaS HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:50 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8791775f2f10b4f4-OSL
alt-svc: h3=":443"; ma=86400

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c

104.21.11.250

1.8 kB

URL
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c
IP
104.21.11.250:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2332), with no line terminators
Size
1.8 kB (1801 bytes)
Hash
97146814f0ddf84d911ad882f6f5f7b7
0bc22677a58c018963bc6f445df0216f1c0fbb6a
52ce6e45bbe37a3024d2339ec2f98800968e51b8166cce43fc1590b82699b1a5

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 447511093d8174c
Content-Length: 2510
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: YzkaiesyjjocTQvhYObqECAgkU1v0ym0EZlHdHajtTqLq84iAMsN2jXJ7APPlEqVHY5XbCxiQmOxYFbgLS3j/IHqT1o+nFFtDEMecHtHQnM=$DI4YVvNQwLRQ7lyK5GQXYA==
cf-chl-out: PrO4RxJsueq9DuZUzKmIzJ4NcDti8ZIVCwROr9ukvfYA7XKnLpr6fSt0FTGrkupkSGNcjniZTSBp759g8HIbZOJdeS9jmbPss67btdqOCaI=$pISrfllhhAOEIm09cax+2A==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVQuW51QbYizaaqIJ%2B0qIaTsqWS8hu6ckbDAP%2BT8FvLjea3Lx4R36q6JWl4R5O%2BfHtc%2F0S5MDm5n3bZ41Oj8%2FgZgwLblMWk7jCZUg6%2B0cIIG692uVo3CSkHDd2KB2%2BTriZKrCSNc37vS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791777f8eceb524-OSL
alt-svc: h2=":443"; ma=60

productivelookewr.shop/api

104.21.11.250

403 Forbidden

5.9 kB

URL User Request GET HTTP/1.1
productivelookewr.shop/api
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14383), with no line terminators
Size
5.9 kB (5857 bytes)
Hash
6c3e35bd2cdb356ec52a4e3a0c7ceef1
c937d220b20591b7b3fed7dfc0af92c59fc1774e
0a075c3e86daf0cbff10cdf36e7a96653b5c8ee58a577a9cb018bbce133d871b

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 94oAl0B63zHYxqbzDMH6W0bI3pUeeNQcSZ37IHNa7pfjuhuOrGoGVPi/+PcuM0V6ATnY2+TJqMrIHbBPhVPPwvrLiSJ8pIT0dG51wT7/N84PyjLwEk1+pV5AjmkjLAxpQXc/Ihuvs066R0H6XHUqLA==$YHrqhvdrl6B+fc2+Y7ojEw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9eMMS%2BTqvnRjc7Lsxk0P4aNK0HR93XVNtHqW7KsJ2ad8elctQUc83KnKB8v187T6olXvvHk08tT48KWC7u5F0P%2FeBHozADSOBK%2FxdfAJ7UKY3TW6STI%2B8FEznbs9AchZs%2FIhXOLDseU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791778c5d68b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791778c5d68b524

104.21.11.250

200 OK

112 kB

URL GET HTTP/1.1
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791778c5d68b524
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
112 kB (111925 bytes)
Hash
4362a3898ff8c4e77be65d771a39d9cd
fbaed4c89d61ce8c650a2646495f20b7891381ac
170247ea571ee96c554a585efa844456983c4e26e91148cbe24c02691e3f2ee6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791778c5d68b524 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=tXW2L9xVm7Y9MsHLqUvf7PTb.DTGAIKG8KXo4dmdFXk-1713913197-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FycnTB6CeP8a7RHoFa%2BXYS%2B9DCvo10US68onRhpmFP6xmnJUJeRWtyih3Vjq1poqjibpPVbs3F5jucAygX2S%2FJtEDQ2CHe6RKxXr%2Fqd1SEnve%2FaiKHNd5RFbPAGhiFJsMi8JmsLpmulG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791778cabce56a8-OSL
alt-svc: h2=":443"; ma=60

productivelookewr.shop/favicon.ico

104.21.11.250

403 Forbidden

5.9 kB

URL GET HTTP/1.1
productivelookewr.shop/favicon.ico
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api

File type
HTML document, ASCII text, with very long lines (14505), with no line terminators
Size
5.9 kB (5932 bytes)
Hash
a6385bc3dacff66d2f1f751dbb4b255a
c9bc13490f89e65f6b038e3eb7983fd84f4aa74b
02303f760ece5d9a43982c878a9c3572ac8804d7af5da55467ca1d4fb8cfe167

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=tXW2L9xVm7Y9MsHLqUvf7PTb.DTGAIKG8KXo4dmdFXk-1713913197-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 3Gn4n5/04RqKn/qdBS2PQ/bIjeyJ5CompHLDvAfWKfmkpv1bCIxtgR9i6KR7bOfXwUnGQRbXNLw2pEVTVAi6OuqCcnqWGYRTxUqvhGXltPYN1Ei0WAJERZ9Oz7qmxBReTeAzrvlL4U96RfA6EWhyvg==$/CmVF7sxzmDNm9Ek3q20Iw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvoTmrSH9sQpR5YZCEOBIK%2Fce2%2B6RXSnDAiZ2tpjI6oubdXnJMz4c1%2Fjsu6g1Uwz5JFiMO4jP76ehyeI9y6kcpWIu7DfcoxHoQ4tbeUPTV1zRq%2Fuivbba%2FEIf7EAHmedbu7dADXcM9CK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791778cfbf356a8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/favicon.ico

104.21.11.250

403 Forbidden

5.9 kB

URL GET HTTP/1.1
productivelookewr.shop/favicon.ico
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api

File type
HTML document, ASCII text, with very long lines (14420), with no line terminators
Size
5.9 kB (5875 bytes)
Hash
cb64c0ea1662943d4d77333b5c245457
b40b25ca273025cd3b250869988fe7e3dc7bb088
d9d57f0331e9a80927c3d148a6811fad6e4b9535f951363cd5206b7538c03098

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: RjB2tNKFmkyUu9zWpw5b0TYt5YAVN6f7mLvzHf4hb5SdwCp5FSVr5YCAGmVIJ21su4anwg19bkrTWdlDiwIaqQaTcmXyN1FsKlgITutuN4fR0tEKahySyokPbc7TludjySdT3Sipa7Xp9FQjkvFtgA==$I58JBMPpDxSdIZtpPlaY5w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6jbN775wFSFyrBtOGSqbycSsZPLY05%2FTcE8QW4pWGOTOuh6Ie0SyVeebEIkhTJ4LmaCjep3QycJ6dCIeCqFW%2F1rjejRvj4%2B5Fn%2BvZJ5L3Y3iYqN9QXgICtsHkO2GCaX4kojknRJ%2BLm7K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791778d6804569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772

104.21.11.250

200 OK

12 kB

URL POST HTTP/1.1
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api

File type
ASCII text, with very long lines (15984), with no line terminators
Size
12 kB (12148 bytes)
Hash
0a4a8cfcc19cda24aab8b994f6dfd9a5
c6080181de40121e3fc26f7f3e130360aca9c72e
4596871a1a17ee3642a720984bfebb8a33b04449ac0c0bcb5dc178aade6548c1

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2b05b28f0704772
Content-Length: 1875
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: knoQA7OIo2tyWJaEpYa42rZr8zCl9BPtCRZ9ipNnTMuaBzkzNzZMI4R2VLRjsHDa$dMv9Qt8YokUaLt5jKhOVGQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Su5Ewn1r6zpF%2FP%2Be544Fd%2B5Dop4GQaU3nOA%2BFl6SMJ%2BGCIRQeBivvDK36NzZHRLecexB0Wf%2FI10SJwd7%2BO%2BSnEYjnLMGo8nVKFwL3%2BYHXUFWGksTXTz2KusCQeniH5KPGdJZiqpSASDy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791778e3ef37127-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.17.2.184

200 OK

26 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.17.2.184:443
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25584 bytes)
Hash
7ddab9c06ddb912080bff1ee64c80630
5b17f2e84f8a34f7d843289cc9260995440d7938
c02306030968c85f780db0db17069241c06d84f7aece5a10251f997bf1b8904c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:57 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-opener-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 8791778f2d7db4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8791778f2d7db4f4

104.17.2.184

179 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8791778f2d7db4f4
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
179 kB (179385 bytes)
Hash
f65b88812becaa1890b3b3da8d29f474
8657ab063c6ddb33106f6cb4e1f6dc24c8142154
565ee23389892c3258346a2a9758235f21bfc0f4a0da848db344b7988bfd4b91

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8791778f2d7db4f4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8791778fcdb9b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791778f2d7db4f4/1713913198350/HVtmLE6FXgav1xf

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791778f2d7db4f4/1713913198350/HVtmLE6FXgav1xf
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 71 x 90, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
e17f52db6141d518d73ab52119b5a154
5c49d1b047178c03f975754cfd8b236d6b33b5c6
5cdb686b17249c91bf18758ae214b4c93748a6cd324b76e182126d9730a7f013

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/8791778f2d7db4f4/1713913198350/HVtmLE6FXgav1xf HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:58 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879177947fd7b4f4-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791778f2d7db4f4/2afefc08bb67e90

104.17.2.184

124 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791778f2d7db4f4/2afefc08bb67e90
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
X1 archive data
Size
124 kB (123701 bytes)
Hash
376d2e7be229de47400d5e4a7afc064d
a5d080546c849c66cc0bc383b769e94e6a192713
34399d0e556d7a6cee01f140d6aeb013b13799e556d6b55ae3c6c887924dc572

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791778f2d7db4f4/2afefc08bb67e90 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2afefc08bb67e90
Content-Length: 3303
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:58 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: W4JF532yiZm+qu3oJMfg3cJ1MgUHMZCBAlqqRHNsyWxFVXaJd7kS4m3zkDtW25GwvnaPNn7pP2mgY3hdXNAGBCt43bQ4eCw87+98WC3N/FzzR3kVChqjF+AMqm0oAljnvWBXF9yEoQBSmq6xAUdjKF9QtXPlen72t3zG6BAqK+iPcwp5n4uMnWjr6auzdF8y4HvGpCBqIAdZ7SsouBicFiAJQrwxvlL+/2AAPxhr69fVhskFCZxH5fviTgj1hczGNbEOyaJI9rvKa1E6kTZ3sVzZCSljTw4tpZGXZdapW7qrtV3aMQwKC4EGbkZ1qG5gNhdmjSXVNO+1qPJEd2w7z4VN3/VjVBpEbEAeQdIGN7d/cqGxPAa5tuGQ484dUzxTNyzuCF5zHgXqBcjiojNCMieXrNTg2U/UmuuWUamP3RPmLJg6IoHfieOlkgcXc1Mx$UZN3z/MKiXxvS/bDL3mrJQ==
vary: accept-encoding
server: cloudflare
cf-ray: 879177919e92b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772

104.21.11.250

200 OK

1.8 kB

URL POST HTTP/1.1
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api

File type
ASCII text, with very long lines (2332), with no line terminators
Size
1.8 kB (1806 bytes)
Hash
f50e19b9825b31489fa7d3a874b47233
d7ef075da8e2e21ca6830bc0da6995032bc7ce39
0ab068d62d3f6e17cf0cef3d2cca441de180055a408fe5be20b5c8c8c38217f3

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2b05b28f0704772
Content-Length: 2514
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:00:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: i4TlPp7fcw0E7j39k4bTFC+usU4KN0Dx+3tNVi/pjkP57GoxnZ84M+QqUjwoJVYGBkbHxI5IeyVtSb+LzJ/3DDgfBr8hNW/V3CgF6DLFlLY=$8336bPHrF/ROBMWGvOvocw==
cf-chl-out: doN5qV4kXglXrAmiHo2CLpMtDg3uyHb2WUJLfJKm1deob18qBjjhzXRpU9XYltk0U7Xf739mL+MGHXaR883nS5in+rKhdqiGRwL0LHLKfAI=$BMQlNmFIRgOliyksjPiKWQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UEoLv%2Fsch3U%2Fvyc18r4Aeh2q%2BzCWYPZu65%2BPpGJLEnpaKZ6bZ5OLqaut84CJq2A0dtow%2FL%2Bpyma2eKzNQ7cqqOWrNt32%2BY9iQ3iZqDXup7HdXB61vNEFygjsRU46xcTLgBzCAySD1biz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879177c32c2c7127-OSL
alt-svc: h2=":443"; ma=60

productivelookewr.shop/api

104.21.11.250

403 Forbidden

5.9 kB

URL User Request GET HTTP/1.1
productivelookewr.shop/api
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (14383), with no line terminators
Size
5.9 kB (5855 bytes)
Hash
6283317d3563b3fb61601897069355d3
cf6d0cacc6c86d908adef5ecdad7ce2fc1d28798
9f9987ef8aec5ee86d5365cfe77dc2fcdab85dec9fab9ad8d6cdd7159f9375c1

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 23:00:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: QDoEzDjBzJ/dLLQxJfRNK797R8yDZNAThuaLmg7ACzp2bD8QiqllJW6vUVop2tMNXr73b1bPlW8xDs67G+AaY25+AcoAv8IWVchU7IqPsblWsOMn7fyCoKciWB+B9IFqUPJU1ftS2Gq2e3hXIzRmBg==$nE01jZaGIv0IZBv6wA4xVg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W5P91eiV898pv7KS5WD00XOegT51tvQgvC4yJVQEgSv7EuYPMBerdvdnGX7ueyf2umiHXPxb3%2FyUcQb5m9snmaFYBDfBSyNER7OHTBIoSUwdhh3VpvWjSeEq6REorrcfZaehplFuJTV9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879177dc8a527127-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879177dc8a527127

104.21.11.250

114 kB

URL
productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879177dc8a527127
IP
104.21.11.250:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (114229 bytes)
Hash
fd6fe4b7892bfb751ce7c680b216e7b8
38a163efb166976a125bbc1459bd9bf780fcc5e3
9826f8b21a5ef6ba3ae7dcddce746537c43be0bb8506bc5233dbb8cb261d58d4

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879177dc8a527127 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=gf5Xd9.xRzm5NAQQJYmm1QWF4_bZM0vCNd8XqBjRNNk-1713913210-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:00:10 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3Cv3D0temw4t8YlUQb%2BQX%2B08wbymfoV30%2BQr3%2FG1HOD40DZs8EM61JiOyApcOxH%2Bl43RueTeb7D4rXO65kgDKE0Qfgfkzz9Lp9kXLhl5mOB5myRU9ZP3aR3lPi3NyEj7EFJD3Yy9LHZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879177dcc8381c06-OSL
alt-svc: h2=":443"; ma=60

productivelookewr.shop/favicon.ico

104.21.11.250

403 Forbidden

5.9 kB

URL GET HTTP/1.1
productivelookewr.shop/favicon.ico
IP
104.21.11.250:80
ASN
#13335 CLOUDFLARENET

Requested by
http://productivelookewr.shop/api

File type
HTML document, ASCII text, with very long lines (14505), with no line terminators
Size
5.9 kB (5929 bytes)
Hash
ec401c56a74d13a197a1a98a3ed079e4
19d44eafba750130fe0a448783ba4162cd73847b
9bba753778f4546a09b89c6a9ce85f9fa39b83833d1ad323d91005258c9c9f4b

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Lumma Stealer
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=gf5Xd9.xRzm5NAQQJYmm1QWF4_bZM0vCNd8XqBjRNNk-1713913210-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 23:00:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: S2l5jOH0R3Z4+RcPCEUf1da0xDVG54K3J9Kiy0CwLxpUvtf15761Knx+F48/jMgUmaTI+WyIBSH7tJQ1c3BfWMGfV037VYke37gK4B8CYI96OlTI6fWnnjoSJ3wfH6zneIl/Ybt5PzLh85/3UDN8xw==$rP/msYPMhuKk18e3Fl+Uag==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aji4uVhlRmscacnqy%2Fyx%2B%2FbIuW%2FpzPfjDO0BLO5lWExZp1t2Dm5Ot%2Blp43Tj52dK3PfDL%2Bo%2FTSu5WeAkPS9qu1UoFMq60OmvNiWvR4Hoh4FOm%2B3%2BlXfP0qA%2Beqq%2BEb%2FiwsH1LlxAuxHx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879177dd885c1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (73)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations