| demonstationfukewko.shop/api%25 | 104.21.33.174 | 200 OK | 5.9 kB |
URL User Request POST HTTP/1.1demonstationfukewko.shop/api%25 IP104.21.33.174:80
File typeHTML document, ASCII text, with very long lines (14403), with no line terminators Hasha818b8f03661f6f36d96678ced76fe7b 497d07881fc36152e7c81a7a500e5e266d4178be bce2f55954d0c0e386a4ea261064745dfe45a92e3ef04e2fbcd3420f5796fe23
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /api%25 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: CopMYg5II3DIYvVADiMkcHgectMvLuS8TZg6gQOEH/gxuqO9YUiJXaboFpk5rO1uKrEPwB9zdEhCl34v+VUggeCBJeBrtlsMjWSAmymkqS8NQVg/KZvnOBYaitBnWUa8Mh3XxPNUxnEWkgJZqlBDRA==$jEgq0tvS26kYMFXQyWG/0Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itizyvRpQpgUXmd9nGlrisVcJfpsxMEy889tkxjJOvSk6EnixMwDtU1yZfU5%2B3s2tENsoyo3bkECasFTkRsPd%2Bo9jIchQ6%2F5NKdrEL835f6VvDuYlR06G%2B4V9MsqvwUqS9y4Ku1XDzi8eIM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa6282dc971bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87aa6282dc971bfa | 104.21.33.174 | | 112 kB |
URL demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87aa6282dc971bfa IP104.21.33.174:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (111627 bytes) Hashd0d57d7ca3491499e1f14f637d4e6283 bcb0d2f1b3649560e6af022edb423d5264037b5d 58dc91c85b200e771b384fad00e936cfcbfc8a210887d99920ce74e57532b576
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=87aa6282dc971bfa HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25?__cf_chl_rt_tk=muHkKYfZ6dB5PfG2RlWd.VaY2__1D.1fvxtnYZ2.T2M-1714174479-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:34:40 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgqDE34PcpBZ8KSf%2BHgpsbOQopx32djBjC%2FArg4ixP2BA4cJOPx3Tslg3G%2FbGvMlJVWnyuaV50jHiPBKcpHg%2F8m8qw27ejPPPlcpP81FRFDJyyvSNxHDZUO1a8NrpW9FufhFLDZuVy9Mfe8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa62844c5e569c-OSL
alt-svc: h2=":443"; ma=60
|
|
| demonstationfukewko.shop/favicon.ico | 104.21.33.174 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1demonstationfukewko.shop/favicon.ico IP104.21.33.174:80
Requested byhttp://demonstationfukewko.shop/api%25
File typeHTML document, ASCII text, with very long lines (14511), with no line terminators Hash26102aef4d8e4cf0907d642003ef30a9 891de8e75931cdf041983ed48d2113d4b59b672e 0e1cd69ea58e327652d37f5824eba837b1d1c4177ab235fc1911c92c5c319b1a
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25?__cf_chl_rt_tk=muHkKYfZ6dB5PfG2RlWd.VaY2__1D.1fvxtnYZ2.T2M-1714174479-0.0.1.1-1301
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: VS6SREE3BT+Zw1sQJSrXHEC/ZY2f3JaRbjGTpe4zznaU+vyZmIaYjAFDC16ohTP8RbhW3XNIIzB/A4LrSz+93n4jRvEzVTxbqC/MEgPnQYhCxAZdzdT2AfGlWmGkWCHKm7rcWOZIaAjT07SPshdViw==$cl/Li4JL+wES5bHOijR5xA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxME5i%2FdV3QG%2F2BRWPuAodUpgNV7%2FU1gh2%2Fntpw%2FCfNBmIau39rXrgp8amBvt4QnwYL8j7JFeb4qVjJToOCRuWh%2FvU8daF6ANPkbvt8YijKilU70Om09MHPkjYIBxPawzK0NU9ax8c3qvgg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa6284bc83569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| demonstationfukewko.shop/favicon.ico | 104.21.33.174 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1demonstationfukewko.shop/favicon.ico IP104.21.33.174:80
Requested byhttp://demonstationfukewko.shop/api%25
File typeHTML document, ASCII text, with very long lines (14425), with no line terminators Hashc97da0237052fed5fb84a78391d6be73 dde6cd06168f45cf3a7d9ac1d5cb817c9f0599ee 5777a131bce29196616871869c05467685298bb0a2517b31f4f513a05726f714
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Sgzg282z6xz+cwaCRH0Kye3gPztTENV4xzyjE2AeCNteFKHfflcoF0rq82uwohruV7vdy9gnha+puxfs7ehN8CIgQdFX34km2kt1ccSKiGramZax5RLycNWdtrNM1RuLrBY5ddPOUpIeTFfmM9Rpdg==$iSB6KmFk4ya90uUN6JEm4Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zeQUrQDFIJ3iRliaP5qH0jukczFWlSTyTKqqNHVNR07fkzsD8l3DRx7yfDivgBWTKmnHDDD95oCVmFNJDcgx7Yh9nMd1Tal780NkR%2BfThgdTOaYI5bjhGWSbHSrpjgdlZZKOxS9%2F3ZqS6GE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62852e51b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73 | 104.21.33.174 | | 12 kB |
URL demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73 IP104.21.33.174:0
File typeASCII text, with very long lines (15980), with no line terminators Hash19efb9975ff52a08b779d8104ed2cdde 8d444765fc2946d47d1b51cc464307c97c316920 767738d690f42116b6d6ce60b960e7cdf61b84be996ecfde93c80ccefac60b65
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25
Content-type: application/x-www-form-urlencoded
CF-Challenge: 11ad4cf04fd8b73
Content-Length: 1874
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:34:40 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: RoBNS3ja7086JbQWGuRvnqxCQPwYB4GvadwIP+iMeHBv1hAsSgVKYGz+L6330/C+$ZHgfmTrNfbtMc7Jy/hidBA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWrd%2BSopS62oJ1bZIP8HiOcDM3iblP5R07nlvHjo2I46yPMf1o7wKE5EhTMj9JQMVWSFnK59qBRrGzDJf4v0DEGKrEDqx0269rtNVS6wFWG67%2FGL1aEmkkFmCOLhdsxepAHm2nNe3yn6sQ8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa6285df4156cc-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x9eeh/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:34:40 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87aa62876bc5568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit | 104.17.3.184 | | 15 kB |
URL challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (42414) Hashf94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:40 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa62854eb8568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367 | 104.17.3.184 | | 133 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367 IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size133 kB (133174 bytes) Hash4eca7d611cec7f9588cef329ac632c2e b50b879c240bcb8c8a71f7c58af3c333d92fe509 5101aaad1e1594a6c75ceb620460bc91a282d582f42fda3ac01fbba9c7202ef6
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x9eeh/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: da1950f45bba367
Content-Length: 3295
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:34:40 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: n6zVtK4G8fYKx8v6+9KQTj+v59zjQWN3gqIdey1la5z2pGBBSMEQ/t6JFHg2Wl4JGlwiqkwknoZDP4UaExFUXCb5SDK39wRDy50Nth2VKCSRG0imnDrXsar4WPuwoNWwdexGgh9ADkbLPW1Pu4CehTEAFOS/j4saCayxFppy9kQIgaEcm2G/KaNuTnN2+pCJzsLIvRlXL3H5ZQPy2dPDjsAEueT18cTFPWh+UKxG/KAg4h078o6z2FtYaj97JQt32GxLaKUcHAK5UsOBj2qrXC0pzGzMjx3cSKW42y0nhO1xv1UEHuICxfUq+jGrti5P4EuuPwuLpzqiSlVt735j1os8m97CioX3eiEXsbhigVbTf6d5rIx6ofTu3Bomic6AzcVJ7l+dqSm25G26iDXBhL1OtHFB5YunVa2NdTOp996Z+bOYkB8V1VFUgHCDYPg48BPf53o/641W5mzHZNJa6fBQd7gC8gm2P09421n66iv1irhkm3yHp5fOiBgE8SVD$l4F53qS8yxoYldOAP5ZD+A==
vary: accept-encoding
server: cloudflare
cf-ray: 87aa62895cf1568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87aa62868b3b568f/1714174480868/CZD9KAltfpGsyuZ | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87aa62868b3b568f/1714174480868/CZD9KAltfpGsyuZ IP104.17.3.184:0
File typePNG image data, 75 x 22, 8-bit/color RGB, non-interlaced Hashf847fa7193d2660c9744ef7e2668c841 609217fcca0682d09339b3b245ff5fe7c2d0db6f 283fc2bf8396237a013ad78641ae0dcab08b661edde470f5c6a52b5eff7baea1
GET /cdn-cgi/challenge-platform/h/b/i/87aa62868b3b568f/1714174480868/CZD9KAltfpGsyuZ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x9eeh/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:34:43 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87aa629ac84b568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73 | 104.21.33.174 | | 2.5 kB |
URL demonstationfukewko.shop/cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73 IP104.21.33.174:0
File typeASCII text, with very long lines (3244), with no line terminators Hash34882e747f0adaaf06b049278d852b2a 7f4b736d826cdac476983ab7e9f85a0c28bc8087 0d8c0e063376078a96af2535e92035c34d45efea3ea9f5e855073d5cc2784b51
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1814255442:1714170295:oI8UOFU0MfjkZlm68hDQug8XGzj2q8MSHdH28QSvt4Q/87aa6282dc971bfa/11ad4cf04fd8b73 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25
Content-type: application/x-www-form-urlencoded
CF-Challenge: 11ad4cf04fd8b73
Content-Length: 3348
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: pI7LKfv/SrcukUIWb1zw6R1lOx8v7935iu5Q/1+V0FXVu7vKy+iV9Qw3xNKt4QYZyrvr8rxeMae425vGkggzF9QrXuDXWFz5wndmdJ8wQfgcOYi+qsZThTlRrQ3v/g5y$Bc5NQZcmycnoiHePa7++9w==
set-cookie: cf_chl_rc_i=;Expires=Thu, 25 Apr 2024 23:34:49 GMT;SameSite=Strict
cf-chl-out-s: Jpy5K/I4aa8kOmIvW1El0z+9jDyqR+BZ2lF4pnKtqfR9MciT3ipjbxq9JFotmLMG/QyeagaxIAIWWTDP9DbRYhAiW+xc/6mbwdp1qDFt4rhbgtr+HBeOrmph2cyLlbJLMFlSZ7V2KEzkuADOQhGB/QH4kz3bBrHRvsUei4lmAaFCd9JkOjcU7GIN8uX8w1hKLSDcVZUKKjsyKyKv8PrA6uGoA3GuYa949nyybmrlaCO8ccmGekGuaS24OzV5KMP2rAaEj7NgWNzX7YZZf9OeHmpbH43b/yKZFv2bneSbvRYTLv/qvbmCzvmeUs0LAKbgQGJv6yi5X275lyBTfTtAtPlvcjGUAolSdg+SNd43coGj7AMa4FkeJ9ujD3JSeSTLedbxxeTv7lbgzAkXZgF3zkdZNXctR9n4YPaPpNDQpuxN4xmywgR4jehuLls5+wsSw42FRKxsT45f0haJ+zfo7g==$UwNOgF26WCgGMUkbcmmq+w==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nyAlW0cEjEsd6S36rjl%2BFEzud%2FmR9OdnXdl5E%2BmwGlFny1qm7NCozQHxztid4QZsAcYaaEl3vOb3crOhn1ksN3XQaw5O8k52tx3zFccPmKZpFmzz%2BqZLoVhkX51ZVCShMYTwnJ5veHpteIs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa62bd2efa56cc-OSL
alt-svc: h2=":443"; ma=60
|
|
| demonstationfukewko.shop/api%25 | 104.21.33.174 | 200 OK | 1.0 kB |
URL User Request POST HTTP/1.1demonstationfukewko.shop/api%25 IP104.21.33.174:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (416), with CRLF, LF line terminators Hash7918a2bcb5972fb9180547ebfa69bdf0 e903f27fd09e492fd214f1cfc73bea1f6a262c90 797e5cddce578311bdfbc496be17620fb8630210396c8839a3385c8512194450
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /api%25 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://demonstationfukewko.shop/api%25?__cf_chl_tk=muHkKYfZ6dB5PfG2RlWd.VaY2__1D.1fvxtnYZ2.T2M-1714174479-0.0.1.1-1301
Content-Type: application/x-www-form-urlencoded
Content-Length: 2480
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=FbCYRjm90yfNoHH2b6Zv0qrFLNO0wdjk0vdteKmrR4s-1714174479-1.0.1.1-jcNlcwYBGpN8xhixJoEOLROBptvrFvvssBr5SuHUYm_x3XwYnu9cJNBne0RBbdH.S2LmuN2lsRngBct0PNlsng; path=/; expires=Sat, 26-Apr-25 23:34:49 GMT; domain=.demonstationfukewko.shop; HttpOnly; SameSite=None
PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg; expires=Tue, 20-Aug-2024 17:21:28 GMT; Max-Age=9999999; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FsL182pXjKwHojUnVzwSCkJacbRDMW%2By8d32gBJVpaI%2B8Q80CMP7sIga54nXw06ylEFCw3f0lAa0W7Tr1Tmuk49JjlKcqVefw3JcUSKbGklGtEQQiaJCDv9ZagXgR6DrkIrrpsZ4%2FuKuJk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa62be1f6556cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| demonstationfukewko.shop/core/panel/icons/tabler-icons.min.css | 104.21.33.174 | 403 Forbidden | 6.0 kB |
URL GET HTTP/1.1demonstationfukewko.shop/core/panel/icons/tabler-icons.min.css IP104.21.33.174:80
Requested byhttp://demonstationfukewko.shop/api%25
File typeHTML document, ASCII text, with very long lines (14651), with no line terminators Hash49120baac906288d6f3d8c21a85fb2e5 d37c1a8b5260bde37531a7b0081ed4fc7cd6c9eb a4fd695a872bd58b2dd44ef3bc0509e86f6c8a7bbbfb5e8570a26c43a43064de
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /core/panel/icons/tabler-icons.min.css HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: je+97gVkWjg1KAx6vcXv/+OZfdy73DvXqY8NxfEy0KremSOwoscHNqgJ2/TvIXCP+vP3Rw/0z67D3GQ/TRBvSho0tBqAJbodQojoN7FEYUZ/ek3peL6VyDAnt/wsr0cXLVaZMyCnaE2/bOqxLqOa3Q==$SpQVYacsWL+emGAgAQ6dFg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aax5juDkJTje1WEMbsZ8W1oy%2FR5FQP0LpFKoG53lonwW2hwlUnvN0biyxrmoGyPxcEtHDUTaTyw85qbE7rNxPI6ldugeuZIxALSYWoZAq82ahGm%2Fe5uzzofziIHdIJJ%2FMAT9K7SwwiAMkuY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62bf280656cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| demonstationfukewko.shop/core/panel/css/dober.css | 104.21.33.174 | 403 Forbidden | 6.0 kB |
URL GET HTTP/1.1demonstationfukewko.shop/core/panel/css/dober.css IP104.21.33.174:80
Requested byhttp://demonstationfukewko.shop/api%25
File typeHTML document, ASCII text, with very long lines (14553), with no line terminators Hash3baaebab22b4dad0474c34487a195933 4eee9a5a2f398120b2d11782801063656618ec5c 4bdc0a320b504da500935eec2e52af6155b07d541b649364988663d259c50837
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /core/panel/css/dober.css HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: fN9v4Kzb6qYvC2QAIxq5O0lGIpH2XelFQjxVEl0BH9QmUTIdQsqK4WmCXH6fGQEkb9qGOKjXhR5FlVAoYyNmu8Eqb5r0gLwHsghhq5IY0jl6pf4oaVC3/QbHREm/4psMLIYjv75RA5T9N29YuBaKhg==$I383tbyXXSRmkWiWb0/wPw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7TOlJ%2FuKryyHPqIc7ZmHLeflhittlVFdAE%2BuUTJYbeEwWDBcw2z0WZbZck%2FaXsaWMXxJbfz8%2Bfo7rPE5E7H0GLRO%2FGY9W%2BXHdmTeMCTqV%2B08VxXJwSpOmZCNe%2FW42ktvOM54Z%2BLJbx%2FTvnQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62bf396d5688-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| demonstationfukewko.shop/core/panel/js/doberman.min.js?2 | 104.21.33.174 | 403 Forbidden | 6.0 kB |
URL GET HTTP/1.1demonstationfukewko.shop/core/panel/js/doberman.min.js?2 IP104.21.33.174:80
Requested byhttp://demonstationfukewko.shop/api%25
File typeHTML document, ASCII text, with very long lines (14604), with no line terminators Hashc0496175f79fac3b522edf6f8ce4c5f4 2a8ba01005e54d5103022d2b413cf9e984a935b4 caef7996fe5ff445af29aa9ed00961e4ebf201f9d2adf3407b2f0c57a1463544
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /core/panel/js/doberman.min.js?2 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: pDRZHfZv8lbFLjb7sQH8lFcxY6ex5lRz8+hWFZVk932Kl+8nAqv6AI+GOynIZESrdFY2BRfq4B4puWRK7XPUkvqAFai+wDH31dLDT9TEs2i0OXy9enxyFvMBPYdTmMEvJulghc9mTRjjB1yJwdFjzw==$k5a2tLgVpHk42VWkvKufRw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QpO9YVhhYHcUkJ%2Fa9kC7HSdC2GfS%2Fz0YSE5G4hDh509NaGttgecuD5Pg5fTz9OM7UgK%2B9YyFhUoWnJygHt3Ut8kjYHit6ypLxAxBaJcktLYgIr6VLp3rI5N0LUJLjWT%2B136qlllu5rUTIqE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62bf4ec656c3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.2.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.2.137:443
Requested byhttp://demonstationfukewko.shop/api%25 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://demonstationfukewko.shop
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:34:49 GMT
age: 30670
x-served-by: cache-lga21931-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 18119
x-timer: S1714174490.529743,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/js/tom-select.complete.min.js | 151.101.1.229 | 200 OK | 18 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/js/tom-select.complete.min.js IP151.101.1.229:443
Requested byhttp://demonstationfukewko.shop/api%25 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1002) Hashcb0a959ac3d7a23dd8271f8438671211 8bc8a58a48d6f529e6b58e235b47d92dc61a0e2d 28d785eb15b9a3fb56d6869ee57952e0908d003a0cf911eaae7a14a8bea9bc76
GET /npm/tom-select@2.3.1/dist/js/tom-select.complete.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.3.1
x-jsd-version-type: version
etag: W/"c620-i8ilikjW9SnmtY4jW0fZLcYaDi0"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:34:49 GMT
age: 3870740
x-served-by: cache-fra-etou8220055-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18451
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/css/tom-select.css | 151.101.1.229 | 200 OK | 2.7 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/tom-select@2.3.1/dist/css/tom-select.css IP151.101.1.229:443
Requested byhttp://demonstationfukewko.shop/api%25 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hashc95b0bc73baee2d4aa8a5d31819916c7 5c6101d999331d9dd4f6902ec76fa484cc0e6150 c8168f6b45f8cf03ee444c7a0d2d61850899fd10dd13e2e523ca15e24fb1340c
GET /npm/tom-select@2.3.1/dist/css/tom-select.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 2.3.1
x-jsd-version-type: version
etag: W/"2618-XGEB2ZkzHZ3U9pAux2+khMwOYVA"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:34:49 GMT
age: 2051429
x-served-by: cache-fra-eddf8230097-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2714
X-Firefox-Spdy: h2
|
|
| unpkg.com/@tabler/core@1.0.0-beta10/dist/js/tabler.min.js | 104.17.248.203 | 200 OK | 58 kB |
URL GET HTTP/2unpkg.com/@tabler/core@1.0.0-beta10/dist/js/tabler.min.js IP104.17.248.203:443
Requested byhttp://demonstationfukewko.shop/api%25 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65272) Hashaa14c90bcf88e4bb677a6652c703d371 9f7f1217b1bc208033a41fe844c7a3be8363593d e69349eaa159cd847e1a3f551d69ca3dc4a291eba2428b38371c68dbe78d5620
GET /@tabler/core@1.0.0-beta10/dist/js/tabler.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "22f35-n38SF7G8IIAzpB/oRMejvoNjWT0"
via: 1.1 fly.io
fly-request-id: 01HTZRWFWYCSY1GTYPYYR77RS1-arn
cf-cache-status: HIT
age: 1563734
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf5d9656c5-OSL
X-Firefox-Spdy: h2
|
|
| unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-vendors.min.css | 104.17.248.203 | 200 OK | 13 kB |
URL GET HTTP/2unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-vendors.min.css IP104.17.248.203:443
Requested byhttp://demonstationfukewko.shop/api%25 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeUnicode text, UTF-8 text, with very long lines (20245) Hashc1a9cc6daaac26e4e383a6ff04a9673b 2b3465834913aeac5b3ed3df89ec4bece401a7b5 cf7d804c1592a2a84f897ade4ad534148e25d3563c916fdb7a112691783e5c21
GET /@tabler/core@1.0.0-beta10/dist/css/tabler-vendors.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "501d-KzRlg0kTrqxbPtPfiexL7OQBp7U"
via: 1.1 fly.io
fly-request-id: 01HTZRWFX86R9GKP834HBYFXMJ-arn
cf-cache-status: HIT
age: 1563734
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf7da756c5-OSL
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367 | 104.17.3.184 | | 12 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367 IP104.17.3.184:0
File typeASCII text, with very long lines (3580), with no line terminators Hash78a63d4cbda7ccca370ed68cea17c669 3835953f5a8342b966d3ed4c71715834a854dd9e c9da4284f43adecd81024a2f86c4458ece7294c345a5f3499253e427e4a82a32
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/755913265:1714170536:4eF_P-HIb8Zq2tH64q5uTL9hfs5OCtgB_4xT6bJM3uY/87aa62868b3b568f/da1950f45bba367 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/x9eeh/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: da1950f45bba367
Content-Length: 36256
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: PI/f6Otgi2qGIna1Nuex0uguVbqgO1d0rVb2ynkMgHFXHQpV/watUEZ2AjSZKm9CGrzNsvUr3RAAYqrYZA4f3+LiCuNsqHYYafXqpDh1zvAn73FspnJoo4QVV0dT3s9Z$dHKKC080rsFA5Q99EwEZng==
cf-chl-out-s: MFPoYfvfTNB5cGQTbdRLe5qbAlZuwDmVRhP/xvX1JGMlVCGUPdisGgC6Canapm4iJ1PBhfcPrEQWreCbx5v2C84NqFGDNzO/xTuoyF6VHy1cw+Sfohu7l/8KbzM22+jD7iNhsQ+673F9W/vo9JAzfhmVjEdrc+0H+Gt5dY+0YS4P6/OyEFhrRABpMxz/1SJ+RlcnPxmogPJXGJ40BYOvfsMx68OhPm+7itqnXGb7cqNEsAFWDhEJgqmFVwEMp/qXCXogkZsuOzQ7XUGT7ccbkXEree0zu9SM3m7BW0AKrrEbbXxfdegPSMTSkrnDQMQLNSpSbGjEMPRb8JZDFeKaLtMOkDKIF6do+Oz/hIhC7CLie3eTGBkqHUVnkCTL4P6aOd21ziq9ymJjU0QTbax4wIdI2+5+K4HReu8PNohu1KQKA9XudpFwKme5ywCnwzKDTnLjWbeCHoFDgkgNWoc5TykiDRx237QakBjZKWPtz+RKD+0aeyKd2P/Lx6Ig4H/+5L03sJSZ7usliLKsRVWW+NMZBNlykDA3cQGhw2tOZRhIAx58ZjF6aGA5EJB6Hk1aiTnY+yhO8XTi289BcQoS2ThMUB7MZV6cBT+qV563jt5362fp13uKzFc/sOFxPLuN$40C5EBoEAByevgp/d/GS5A==
vary: accept-encoding
server: cloudflare
cf-ray: 87aa62bc79df568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| demonstationfukewko.shop/core/panel/js/doberman.min.js?2 | 104.21.33.174 | 403 Forbidden | 6.0 kB |
URL GET HTTP/1.1demonstationfukewko.shop/core/panel/js/doberman.min.js?2 IP104.21.33.174:80
Requested byhttp://demonstationfukewko.shop/api%25
File typeHTML document, ASCII text, with very long lines (14604), with no line terminators Hash74c838377e540ff0a1dc0fab159699a1 812d40125334a2327d21d5ba48b1e7b472290032 60afe69fe8785e3c6d219cc76fff6c85ee1a66d99248e0faa3db4a4229069a96
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /core/panel/js/doberman.min.js?2 HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: cQAjDLiPZyRuvlfkUs18b3cnMvF5TUQTShya2BPGvIgL3EfDp6PVH9TrJGHvD1BBwyZy+yN94QN4iACdiFRjBdnTfHbBubQ0sdhQayEi8DPa57onPerquAFPi7eqayoup2otZrdh+MseSLGVfUHZ+A==$zEKM4C5v/sxB2ZI6mpNJaw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8y3xZsc6OWsVKtW6a9v4R6EvM9eBTfgnLEh%2BlX86DGmgMD22YlONBln6tDvKxE0%2FNE8iGsXO%2FXwbvLZDDB0pTdz2oYMClPjPg8522P4363h36npQ8RuPCk6puO3qyaVL5AZYX7Su4FBxBwo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62c53af856bd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| demonstationfukewko.shop/favicon.ico | 104.21.33.174 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1demonstationfukewko.shop/favicon.ico IP104.21.33.174:80
Requested byhttp://demonstationfukewko.shop/api%25
File typeHTML document, ASCII text, with very long lines (14489), with no line terminators Hashd18f914d4a5a97cc1509c3425921b49d 5e1248359cd4b9d9d08db5772b837d596072b2ad 8429d793b404b43f60eee824b5642ecb4bd5bfdec5d1db2cc263e409cec99190
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: demonstationfukewko.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/api%25
Cookie: PHPSESSID=gi4la8n6ksdm7ngakhke8hbsbg
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 23:34:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: lBeb8GEJtLaXdWBg+sIkehifSVHgPTMToRStegifg18EiXTyQLbWm8DAlj+h/3gGMXRfM540ZZMhvnDPHK0grHqJKtEUKfoGETPYeIPo5xLk7XsVNkXFpBmmJopoz7P6EE3Z7EgOtyQHMmG6tDhkXw==$Cq2OEhA/Ewq73TmZPH3/zA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcdvpczTM9XfFZ7rcBNDYITOHVHSCZkymYktnes1HeowlYStnlsP0R5MRgPRvLIqdAGACtV3WZIedsVA3L4caosaIHR8d4YDi%2FxOLb20n%2BZcRyXnw6IrwCGKd5hYRreQ2Z6k56%2BvJYPR6Hk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87aa62c55f421c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-payments.min.css | 104.17.248.203 | 200 OK | 10 kB |
URL GET HTTP/2unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-payments.min.css IP104.17.248.203:443
Requested byhttp://demonstationfukewko.shop/api%25 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /@tabler/core@1.0.0-beta10/dist/css/tabler-payments.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:50 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "2806-kjKGJgq4giZtHvKvnmBtsP+a/jU"
via: 1.1 fly.io
fly-request-id: 01HWEC5WXQGQ2T9ACF8BPVNF84-arn
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf6d9f56c5-OSL
X-Firefox-Spdy: h2
|
|
| unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler.min.css | 104.17.248.203 | 200 OK | 300 kB |
URL GET HTTP/2unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler.min.css IP104.17.248.203:443
Requested byhttp://demonstationfukewko.shop/api%25 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
Size300 kB (300441 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /@tabler/core@1.0.0-beta10/dist/css/tabler.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "49599-nWlRizNidNMAgcjSv4f3utVNqHY"
via: 1.1 fly.io
fly-request-id: 01HTZRWFWVX5PFVQX8X8E63WZY-arn
cf-cache-status: HIT
age: 1563735
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf6da056c5-OSL
X-Firefox-Spdy: h2
|
|
| unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-flags.min.css | 104.17.248.203 | 200 OK | 16 kB |
URL GET HTTP/2unpkg.com/@tabler/core@1.0.0-beta10/dist/css/tabler-flags.min.css IP104.17.248.203:443
Requested byhttp://demonstationfukewko.shop/api%25 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /@tabler/core@1.0.0-beta10/dist/css/tabler-flags.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://demonstationfukewko.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:34:49 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "3dee-nKAPWTieQ/tpCdi7lKfJqVdDhu8"
via: 1.1 fly.io
fly-request-id: 01HTZRWFX8EDWD4PRNMVPS590C-arn
cf-cache-status: HIT
age: 1563734
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87aa62bf6d9b56c5-OSL
X-Firefox-Spdy: h2
|
|