| productivelookewr.shop/api | 104.21.11.250 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1productivelookewr.shop/api IP104.21.11.250:80
File typeHTML document, ASCII text, with very long lines (14362), with no line terminators Hash2a934258490e8880a797babd2f833b14 8322ad33e228edd3b52a387afd1163124d9fa813 e4946ee626eb13a45aaf006f65bce7083a53d813f99a1aa4f3e73a6c3b79ab36
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: mq4H6mnz2vRbbINRK2xgCJC24VioUsXblNxihjLxD5RR+vJohDIX4eHo661UYP71Vf8o5mjV+qzpuulj6Oxklic5m9ybPErlT1xMtxJqp8OrXTO7GlSp5aMfCGoRbR4H8Bjh4S9cRqhwUdyuz/oj6g==$kw59QXebrtK0jg1OWYBzdA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZfVMdn%2FKJjHfYKyk%2FhNumM2Tc4E2lhm4oTuKgmEzsH4EC0pfioXL1nWNrG6VOrMKlKJW8bTa7Rs1dKI4RhopN2Mc5Ph8YQtrOwkUGqg4pg%2FTPHzIuMhwDjQJg20ubV%2F8za4uFx7eQPC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791774bfda2b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791774bfda2b4f4 | 104.21.11.250 | | 113 kB |
URL productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791774bfda2b4f4 IP104.21.11.250:0
File typeASCII text, with very long lines (65536), with no line terminators Size113 kB (112646 bytes) Hash39f5ae7a44e10cf5e6116cd8d65e0868 5b1362313037859330fe2d853677bc766a2f7caa 947873cd3d379ddb7afc9f5bea16166db2bbde6d8275fa4e67a4922f92418180
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791774bfda2b4f4 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=FrAyIZU8S_SnFlYyujlGmS4hrrwm.qQV.RTckahNVRU-1713913187-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=av%2B1%2B%2FQeuOrEqRQtZxGr0TNJLkO5EFqiHBBOQBVHO%2FAH7wajb3WqB0W6w1FSMozjW8RX4wEeflfyc%2BK0eFtf%2BpK1snZNk4eI0raanG6thAUFp1NJclFIEAIMrjqQ7TsDuqs3mFevdDY1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791774d49101c12-OSL
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/favicon.ico | 104.21.11.250 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1productivelookewr.shop/favicon.ico IP104.21.11.250:80
Requested byhttp://productivelookewr.shop/api
File typeHTML document, ASCII text, with very long lines (14484), with no line terminators Hash8c820ed7a67ac03f09a2f9516a7e815f 1c5b0ea8adeb76136b266eadaabea7c0fe9d4bf9 c69e53d5e7a4f4ae5e4400f8ee1ea95293c16c483b4329e800ae7b33dfbd2414
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=FrAyIZU8S_SnFlYyujlGmS4hrrwm.qQV.RTckahNVRU-1713913187-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: ++YoUgFFhPVesPttnxGCvP3BfqU5MGgENnv3jPohEvefAgN1TZH1TiiReJRKyTzH35ojpFLPWYj3Wdi3WZ2pdQSntYWOscY+hCBOzJtuJcHSegjv19Esmlgpqb8LdBVWjI9IefFbIwJVHSxiyHMRlQ==$ZhQ64Pb1TjBGUknOLyomLA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmyo51Cu2ttpD%2BzdBwqJS8E8WGc4I%2BxIBHn5tJUgT2ONk6Pt64HqqkPkQZliSFMTwq6CoH8ox28%2BKiPHNDA3ACvYqIAYlXoBFXkIPUiJh21x01Vv812u%2BfpWejoThOBqnShm6rKE9oZZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791774d89221c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/favicon.ico | 104.21.11.250 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1productivelookewr.shop/favicon.ico IP104.21.11.250:80
Requested byhttp://productivelookewr.shop/api
File typeHTML document, ASCII text, with very long lines (14398), with no line terminators Hashf78128d6ffcc5d698c189174b0513262 0fb989eb24bd6aa415b348299ac2537993816553 61c874b75afd932653fb96ccb0ea8af2aef0a5d1fb3a9ae1bfe686b4030afd93
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: e8iaacKp+VD5L9UYZ/R0jHUFfujI2Dfw+Kt0OhdtSxWUJYsxYJiQZmPu271C+AjoFYxEt4hdGtwphqjW/MdMF0P7dCLdpUBqckF+R2J3fiDZHfu7F5Tt0Bafs411qTkPpPq22wpfH3Q0yp++T14ZoQ==$Hq+intiVW21eYqm+ozqUcw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fxLcMyKGc12y57kMawQBXnRT%2BS3OQxJj%2FQQFZ1XB7UZvnOP%2BFLOmxeXYO2UNYhXIHUR%2Fs2gm%2FndGfa9uLcC6ItEG9fifl7vWKRVu%2BPZ3PlMyhLY7BVSKXd3bL0%2B7jdVIFy0tsDlTP6TN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791774e098f712b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c | 104.21.11.250 | | 12 kB |
URL productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c IP104.21.11.250:0
File typeASCII text, with very long lines (15984), with no line terminators Hasha8bafa28b33c8e7aee145a2bec2200c1 a20b4fc128ecd7f900cf93d2b3188fe0f9f1c9ba bd56ea0f608d24870a2790762e4f87e9fc58ebd8d417db7d3c8b516450fcc26b
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 447511093d8174c
Content-Length: 1853
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:47 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: 82HhnI/TniR4aAVhW86q1h/56l5Qgm+W9Uq/OTmaowY3mltGBvYn33LrJvDis93q$e3zOymc6CTGHLjD2k9Jr8A==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zbs0EiddroNWqlxR5kUpdlPfSXyl8cv1WYewdATXMc8SQH%2BRfCkjl%2Bv7a5T1GkCGCCueixFG0azli9TnDQPBebWv6KV63e703JNuy%2B8HNq7lZNMjFOXOHoYHA8OEzITLnVUkHVDhfQQI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791774eab77b524-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hash4ec9c04d2efd22a21d6ff6b0f1326e9b daf678f4aa83f91f170291223e948dc5a820d993 7f59b0ea3d127c73dadb08940f24e1dfb5ead0d1176a8a1387f7e723f2fa9bd3
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:47 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
vary: accept-encoding
server: cloudflare
cf-ray: 8791774f7f32b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791774f7f32b4f4/89cc9e5d14cf110 | 104.17.2.184 | | 117 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791774f7f32b4f4/89cc9e5d14cf110 IP104.17.2.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size117 kB (117034 bytes) Hash4a2a00cfbf870105e18a53bc446722c9 eaede9e7438275ac525b230769e2e41b212d75a2 1b4388c4a1ad907b61ebfc8214f1bd028e8abe930ae08b62445a7d68174fb3c0
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791774f7f32b4f4/89cc9e5d14cf110 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 89cc9e5d14cf110
Content-Length: 3308
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:48 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: SDC4/eUC4PM869sIfzqQMX4XTR/hvx6ykV3CE0EQieL/D7bpjWChLnn2FJaM8YdkquP37VEmbr4PNNY1oRIPJO0QTaGFkQnBG1BjwiczlYfffbyn8zy9JesqXc3h6ChaK0stQIw37yUpFVv7MFgGhH81ZQhZRox2IndcINEuOoFfN960gF6FwAcx5TXKr/GcCQF3MuDItYkfgVDvlH2iqe/YUsWYa+Z/+sfYhpmhPqLC3DXU16ZGD7PtRxD3PC3YJiIkgtroAloAUqFLIu3Z8rLjR0Tk9pJ0xjy1V6SWfiLTReJ6OkfGPD8w57QcdbGcCbGJe/55Jq4ntopRAjrlHreo0CZsbK/jM9qt65sNzigj7LrPFCyOWXRbnHkTaVF0O9OpyLUcqk683TJ6UKKwHw==$LUy1gBIrzW65Z92OvPVrlw==
vary: accept-encoding
server: cloudflare
cf-ray: 8791775298e6b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit | 104.17.2.184 | 200 OK | 21 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP104.17.2.184:443
Requested byhttp://productivelookewr.shop/api CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42414) Hashf94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 22:59:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791774e1f5d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791774f7f32b4f4/1713913188265/92ZrSzVXr-xuPaS | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791774f7f32b4f4/1713913188265/92ZrSzVXr-xuPaS IP104.17.2.184:0
File typePNG image data, 6 x 49, 8-bit/color RGB, non-interlaced Hashbcee2ff7b79071832915e88b39a4c2b7 c5feb3aeb76fa69cd2850feba1816e87e8a9af12 dc5fbb22803576516af7409eb0508dfa8ff1f7ff6e629092c7e6e434d244838e
GET /cdn-cgi/challenge-platform/h/b/i/8791774f7f32b4f4/1713913188265/92ZrSzVXr-xuPaS HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/innzn/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:50 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8791775f2f10b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c | 104.21.11.250 | | 1.8 kB |
URL productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c IP104.21.11.250:0
File typeASCII text, with very long lines (2332), with no line terminators Hash97146814f0ddf84d911ad882f6f5f7b7 0bc22677a58c018963bc6f445df0216f1c0fbb6a 52ce6e45bbe37a3024d2339ec2f98800968e51b8166cce43fc1590b82699b1a5
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/818378095:1713910339:izOHP0jfo_0lAvXYjpQXRScg5PhiCHwV-usU_fAlbTs/8791774bfda2b4f4/447511093d8174c HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 447511093d8174c
Content-Length: 2510
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: YzkaiesyjjocTQvhYObqECAgkU1v0ym0EZlHdHajtTqLq84iAMsN2jXJ7APPlEqVHY5XbCxiQmOxYFbgLS3j/IHqT1o+nFFtDEMecHtHQnM=$DI4YVvNQwLRQ7lyK5GQXYA==
cf-chl-out: PrO4RxJsueq9DuZUzKmIzJ4NcDti8ZIVCwROr9ukvfYA7XKnLpr6fSt0FTGrkupkSGNcjniZTSBp759g8HIbZOJdeS9jmbPss67btdqOCaI=$pISrfllhhAOEIm09cax+2A==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVQuW51QbYizaaqIJ%2B0qIaTsqWS8hu6ckbDAP%2BT8FvLjea3Lx4R36q6JWl4R5O%2BfHtc%2F0S5MDm5n3bZ41Oj8%2FgZgwLblMWk7jCZUg6%2B0cIIG692uVo3CSkHDd2KB2%2BTriZKrCSNc37vS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791777f8eceb524-OSL
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/api | 104.21.11.250 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1productivelookewr.shop/api IP104.21.11.250:80
File typeHTML document, ASCII text, with very long lines (14383), with no line terminators Hash6c3e35bd2cdb356ec52a4e3a0c7ceef1 c937d220b20591b7b3fed7dfc0af92c59fc1774e 0a075c3e86daf0cbff10cdf36e7a96653b5c8ee58a577a9cb018bbce133d871b
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 94oAl0B63zHYxqbzDMH6W0bI3pUeeNQcSZ37IHNa7pfjuhuOrGoGVPi/+PcuM0V6ATnY2+TJqMrIHbBPhVPPwvrLiSJ8pIT0dG51wT7/N84PyjLwEk1+pV5AjmkjLAxpQXc/Ihuvs066R0H6XHUqLA==$YHrqhvdrl6B+fc2+Y7ojEw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9eMMS%2BTqvnRjc7Lsxk0P4aNK0HR93XVNtHqW7KsJ2ad8elctQUc83KnKB8v187T6olXvvHk08tT48KWC7u5F0P%2FeBHozADSOBK%2FxdfAJ7UKY3TW6STI%2B8FEznbs9AchZs%2FIhXOLDseU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791778c5d68b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791778c5d68b524 | 104.21.11.250 | 200 OK | 112 kB |
URL GET HTTP/1.1productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791778c5d68b524 IP104.21.11.250:80
Requested byhttp://productivelookewr.shop/api
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (111925 bytes) Hash4362a3898ff8c4e77be65d771a39d9cd fbaed4c89d61ce8c650a2646495f20b7891381ac 170247ea571ee96c554a585efa844456983c4e26e91148cbe24c02691e3f2ee6
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8791778c5d68b524 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=tXW2L9xVm7Y9MsHLqUvf7PTb.DTGAIKG8KXo4dmdFXk-1713913197-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FycnTB6CeP8a7RHoFa%2BXYS%2B9DCvo10US68onRhpmFP6xmnJUJeRWtyih3Vjq1poqjibpPVbs3F5jucAygX2S%2FJtEDQ2CHe6RKxXr%2Fqd1SEnve%2FaiKHNd5RFbPAGhiFJsMi8JmsLpmulG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791778cabce56a8-OSL
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/favicon.ico | 104.21.11.250 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1productivelookewr.shop/favicon.ico IP104.21.11.250:80
Requested byhttp://productivelookewr.shop/api
File typeHTML document, ASCII text, with very long lines (14505), with no line terminators Hasha6385bc3dacff66d2f1f751dbb4b255a c9bc13490f89e65f6b038e3eb7983fd84f4aa74b 02303f760ece5d9a43982c878a9c3572ac8804d7af5da55467ca1d4fb8cfe167
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=tXW2L9xVm7Y9MsHLqUvf7PTb.DTGAIKG8KXo4dmdFXk-1713913197-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 3Gn4n5/04RqKn/qdBS2PQ/bIjeyJ5CompHLDvAfWKfmkpv1bCIxtgR9i6KR7bOfXwUnGQRbXNLw2pEVTVAi6OuqCcnqWGYRTxUqvhGXltPYN1Ei0WAJERZ9Oz7qmxBReTeAzrvlL4U96RfA6EWhyvg==$/CmVF7sxzmDNm9Ek3q20Iw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvoTmrSH9sQpR5YZCEOBIK%2Fce2%2B6RXSnDAiZ2tpjI6oubdXnJMz4c1%2Fjsu6g1Uwz5JFiMO4jP76ehyeI9y6kcpWIu7DfcoxHoQ4tbeUPTV1zRq%2Fuivbba%2FEIf7EAHmedbu7dADXcM9CK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791778cfbf356a8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/favicon.ico | 104.21.11.250 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1productivelookewr.shop/favicon.ico IP104.21.11.250:80
Requested byhttp://productivelookewr.shop/api
File typeHTML document, ASCII text, with very long lines (14420), with no line terminators Hashcb64c0ea1662943d4d77333b5c245457 b40b25ca273025cd3b250869988fe7e3dc7bb088 d9d57f0331e9a80927c3d148a6811fad6e4b9535f951363cd5206b7538c03098
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: RjB2tNKFmkyUu9zWpw5b0TYt5YAVN6f7mLvzHf4hb5SdwCp5FSVr5YCAGmVIJ21su4anwg19bkrTWdlDiwIaqQaTcmXyN1FsKlgITutuN4fR0tEKahySyokPbc7TludjySdT3Sipa7Xp9FQjkvFtgA==$I58JBMPpDxSdIZtpPlaY5w==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6jbN775wFSFyrBtOGSqbycSsZPLY05%2FTcE8QW4pWGOTOuh6Ie0SyVeebEIkhTJ4LmaCjep3QycJ6dCIeCqFW%2F1rjejRvj4%2B5Fn%2BvZJ5L3Y3iYqN9QXgICtsHkO2GCaX4kojknRJ%2BLm7K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8791778d6804569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772 | 104.21.11.250 | 200 OK | 12 kB |
URL POST HTTP/1.1productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772 IP104.21.11.250:80
Requested byhttp://productivelookewr.shop/api
File typeASCII text, with very long lines (15984), with no line terminators Hash0a4a8cfcc19cda24aab8b994f6dfd9a5 c6080181de40121e3fc26f7f3e130360aca9c72e 4596871a1a17ee3642a720984bfebb8a33b04449ac0c0bcb5dc178aade6548c1
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2b05b28f0704772
Content-Length: 1875
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 22:59:57 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: knoQA7OIo2tyWJaEpYa42rZr8zCl9BPtCRZ9ipNnTMuaBzkzNzZMI4R2VLRjsHDa$dMv9Qt8YokUaLt5jKhOVGQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Su5Ewn1r6zpF%2FP%2Be544Fd%2B5Dop4GQaU3nOA%2BFl6SMJ%2BGCIRQeBivvDK36NzZHRLecexB0Wf%2FI10SJwd7%2BO%2BSnEYjnLMGo8nVKFwL3%2BYHXUFWGksTXTz2KusCQeniH5KPGdJZiqpSASDy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8791778e3ef37127-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.2.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.2.184:443
Requested byhttp://productivelookewr.shop/api CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash7ddab9c06ddb912080bff1ee64c80630 5b17f2e84f8a34f7d843289cc9260995440d7938 c02306030968c85f780db0db17069241c06d84f7aece5a10251f997bf1b8904c
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:57 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
document-policy: js-profiling
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-opener-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 8791778f2d7db4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8791778f2d7db4f4 | 104.17.2.184 | | 179 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8791778f2d7db4f4 IP104.17.2.184:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size179 kB (179385 bytes) Hashf65b88812becaa1890b3b3da8d29f474 8657ab063c6ddb33106f6cb4e1f6dc24c8142154 565ee23389892c3258346a2a9758235f21bfc0f4a0da848db344b7988bfd4b91
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8791778f2d7db4f4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8791778fcdb9b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791778f2d7db4f4/1713913198350/HVtmLE6FXgav1xf | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8791778f2d7db4f4/1713913198350/HVtmLE6FXgav1xf IP104.17.2.184:0
File typePNG image data, 71 x 90, 8-bit/color RGB, non-interlaced Hashe17f52db6141d518d73ab52119b5a154 5c49d1b047178c03f975754cfd8b236d6b33b5c6 5cdb686b17249c91bf18758ae214b4c93748a6cd324b76e182126d9730a7f013
GET /cdn-cgi/challenge-platform/h/b/i/8791778f2d7db4f4/1713913198350/HVtmLE6FXgav1xf HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:58 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879177947fd7b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791778f2d7db4f4/2afefc08bb67e90 | 104.17.2.184 | | 124 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791778f2d7db4f4/2afefc08bb67e90 IP104.17.2.184:0
Size124 kB (123701 bytes) Hash376d2e7be229de47400d5e4a7afc064d a5d080546c849c66cc0bc383b769e94e6a192713 34399d0e556d7a6cee01f140d6aeb013b13799e556d6b55ae3c6c887924dc572
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1279920557:1713910422:EUZULaBtDOMsj22zyDSoRK0xc1AYiSHrEiRJI_uV-00/8791778f2d7db4f4/2afefc08bb67e90 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2cj2s/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2afefc08bb67e90
Content-Length: 3303
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 22:59:58 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: W4JF532yiZm+qu3oJMfg3cJ1MgUHMZCBAlqqRHNsyWxFVXaJd7kS4m3zkDtW25GwvnaPNn7pP2mgY3hdXNAGBCt43bQ4eCw87+98WC3N/FzzR3kVChqjF+AMqm0oAljnvWBXF9yEoQBSmq6xAUdjKF9QtXPlen72t3zG6BAqK+iPcwp5n4uMnWjr6auzdF8y4HvGpCBqIAdZ7SsouBicFiAJQrwxvlL+/2AAPxhr69fVhskFCZxH5fviTgj1hczGNbEOyaJI9rvKa1E6kTZ3sVzZCSljTw4tpZGXZdapW7qrtV3aMQwKC4EGbkZ1qG5gNhdmjSXVNO+1qPJEd2w7z4VN3/VjVBpEbEAeQdIGN7d/cqGxPAa5tuGQ484dUzxTNyzuCF5zHgXqBcjiojNCMieXrNTg2U/UmuuWUamP3RPmLJg6IoHfieOlkgcXc1Mx$UZN3z/MKiXxvS/bDL3mrJQ==
vary: accept-encoding
server: cloudflare
cf-ray: 879177919e92b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772 | 104.21.11.250 | 200 OK | 1.8 kB |
URL POST HTTP/1.1productivelookewr.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772 IP104.21.11.250:80
Requested byhttp://productivelookewr.shop/api
File typeASCII text, with very long lines (2332), with no line terminators Hashf50e19b9825b31489fa7d3a874b47233 d7ef075da8e2e21ca6830bc0da6995032bc7ce39 0ab068d62d3f6e17cf0cef3d2cca441de180055a408fe5be20b5c8c8c38217f3
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1893158979:1713910248:xwS-wXVsrd2XPpQhNXaWO4105PIvDEj8Dq70Gre_k8o/8791778c5d68b524/2b05b28f0704772 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2b05b28f0704772
Content-Length: 2514
Origin: http://productivelookewr.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:00:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: i4TlPp7fcw0E7j39k4bTFC+usU4KN0Dx+3tNVi/pjkP57GoxnZ84M+QqUjwoJVYGBkbHxI5IeyVtSb+LzJ/3DDgfBr8hNW/V3CgF6DLFlLY=$8336bPHrF/ROBMWGvOvocw==
cf-chl-out: doN5qV4kXglXrAmiHo2CLpMtDg3uyHb2WUJLfJKm1deob18qBjjhzXRpU9XYltk0U7Xf739mL+MGHXaR883nS5in+rKhdqiGRwL0LHLKfAI=$BMQlNmFIRgOliyksjPiKWQ==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UEoLv%2Fsch3U%2Fvyc18r4Aeh2q%2BzCWYPZu65%2BPpGJLEnpaKZ6bZ5OLqaut84CJq2A0dtow%2FL%2Bpyma2eKzNQ7cqqOWrNt32%2BY9iQ3iZqDXup7HdXB61vNEFygjsRU46xcTLgBzCAySD1biz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879177c32c2c7127-OSL
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/api | 104.21.11.250 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1productivelookewr.shop/api IP104.21.11.250:80
File typeHTML document, ASCII text, with very long lines (14383), with no line terminators Hash6283317d3563b3fb61601897069355d3 cf6d0cacc6c86d908adef5ecdad7ce2fc1d28798 9f9987ef8aec5ee86d5365cfe77dc2fcdab85dec9fab9ad8d6cdd7159f9375c1
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 23:00:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: QDoEzDjBzJ/dLLQxJfRNK797R8yDZNAThuaLmg7ACzp2bD8QiqllJW6vUVop2tMNXr73b1bPlW8xDs67G+AaY25+AcoAv8IWVchU7IqPsblWsOMn7fyCoKciWB+B9IFqUPJU1ftS2Gq2e3hXIzRmBg==$nE01jZaGIv0IZBv6wA4xVg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W5P91eiV898pv7KS5WD00XOegT51tvQgvC4yJVQEgSv7EuYPMBerdvdnGX7ueyf2umiHXPxb3%2FyUcQb5m9snmaFYBDfBSyNER7OHTBIoSUwdhh3VpvWjSeEq6REorrcfZaehplFuJTV9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879177dc8a527127-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879177dc8a527127 | 104.21.11.250 | | 114 kB |
URL productivelookewr.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879177dc8a527127 IP104.21.11.250:0
File typeASCII text, with very long lines (65536), with no line terminators Size114 kB (114229 bytes) Hashfd6fe4b7892bfb751ce7c680b216e7b8 38a163efb166976a125bbc1459bd9bf780fcc5e3 9826f8b21a5ef6ba3ae7dcddce746537c43be0bb8506bc5233dbb8cb261d58d4
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=879177dc8a527127 HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=gf5Xd9.xRzm5NAQQJYmm1QWF4_bZM0vCNd8XqBjRNNk-1713913210-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 23:00:10 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3Cv3D0temw4t8YlUQb%2BQX%2B08wbymfoV30%2BQr3%2FG1HOD40DZs8EM61JiOyApcOxH%2Bl43RueTeb7D4rXO65kgDKE0Qfgfkzz9Lp9kXLhl5mOB5myRU9ZP3aR3lPi3NyEj7EFJD3Yy9LHZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 879177dcc8381c06-OSL
alt-svc: h2=":443"; ma=60
|
|
| productivelookewr.shop/favicon.ico | 104.21.11.250 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1productivelookewr.shop/favicon.ico IP104.21.11.250:80
Requested byhttp://productivelookewr.shop/api
File typeHTML document, ASCII text, with very long lines (14505), with no line terminators Hashec401c56a74d13a197a1a98a3ed079e4 19d44eafba750130fe0a448783ba4162cd73847b 9bba753778f4546a09b89c6a9ce85f9fa39b83833d1ad323d91005258c9c9f4b
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: productivelookewr.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://productivelookewr.shop/api?__cf_chl_rt_tk=gf5Xd9.xRzm5NAQQJYmm1QWF4_bZM0vCNd8XqBjRNNk-1713913210-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=2
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 23:00:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: S2l5jOH0R3Z4+RcPCEUf1da0xDVG54K3J9Kiy0CwLxpUvtf15761Knx+F48/jMgUmaTI+WyIBSH7tJQ1c3BfWMGfV037VYke37gK4B8CYI96OlTI6fWnnjoSJ3wfH6zneIl/Ybt5PzLh85/3UDN8xw==$rP/msYPMhuKk18e3Fl+Uag==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aji4uVhlRmscacnqy%2Fyx%2B%2FbIuW%2FpzPfjDO0BLO5lWExZp1t2Dm5Ot%2Blp43Tj52dK3PfDL%2Bo%2FTSu5WeAkPS9qu1UoFMq60OmvNiWvR4Hoh4FOm%2B3%2BlXfP0qA%2Beqq%2BEb%2FiwsH1LlxAuxHx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879177dd885c1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|