| | 104.21.81.139 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1IP104.21.81.139:80
File typeHTML document, ASCII text, with very long lines (14100), with no line terminators Hash0cca4ddba158f03c9750b1f837f55f4b 29b88d2314d0a710ea3c85b1f299241f2e3dbbf6 30bb51064807e46cfbfca6a9001d625d2090d10b578d214ac99bb9d37be65ddf
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:17:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Ek8pXmxmzXEupqbTx6TofGYyJ7Gue9YBm35p2UgkxQV0GOKgyJ9I/z8Z5sOCk+mmQEi9CJcy1i32zDK9xDokQcfZ9zVyF2zNAop9CGHCmNHRoM3iowyg7OuBSKsPuO7OckBf17Fpe6QBqLNtRCeakg==$DCeEx/9SOd1v733qmgIpmw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=62QBzkT1C7V8N8okJ8cUJdajix8pGAUYZFw9cBlQEIpXy5HYEfM%2FpBrTqV5P670dZuKaNLzT9Y6frQK4BoQcJ5sntSi67yXA49Q6vNa7x5WCTqeI1reEKF1k3uSgvivcX%2FWckMY6eUY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cf55d698b1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cf55d698b1bfa | 104.21.81.139 | | 112 kB |
URL stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cf55d698b1bfa IP104.21.81.139:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (111539 bytes) Hasha5ca389f1421a29cdf7e2c4b47973839 5e5035b00865556e55cbd60e8b6acd623bc1de88 775343e1763687951fd987cd051844d5d79231b69c66ab80f3b0a22b21d99b34
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cf55d698b1bfa HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://stiffraspyofkwsl.shop/?__cf_chl_rt_tk=CpN.olH6DJ2TkhfonJMrwMrGh6N5RbRXwl8y8MijIgU-1715375871-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:17:51 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47ISYE6LLlu%2Bi3nHnSsSIBfsP1I6%2B29cWBFB%2BpIRCMzbS1cd6WkPUQG%2BWZ1An5FmTJa0MxiDmhF94was4%2B5P1I2%2BE94PHOdkKqEZDcVb2%2FmWXhjppGLU%2B0Rw%2BDbHT5IsLTvR33dNpcU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cf55f89917127-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| stiffraspyofkwsl.shop/favicon.ico | 104.21.81.139 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1stiffraspyofkwsl.shop/favicon.ico IP104.21.81.139:80
Requested byhttp://stiffraspyofkwsl.shop/
File typeHTML document, ASCII text, with very long lines (14257), with no line terminators Hasha7a44f3bc517276988f6999c8145a342 e8eb0bc4ee86a4b2acc759b1b4da38ae344e196b 5f9d2d8f1162118577367d124a587142b4943b5639719068a27588231d985a78
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://stiffraspyofkwsl.shop/?__cf_chl_rt_tk=CpN.olH6DJ2TkhfonJMrwMrGh6N5RbRXwl8y8MijIgU-1715375871-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:17:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Xet4wQsJDVtqjA+ZMv8jpOugRI9tVQwZnxIsDo/E33D0irzTx5VSrYTDZuCrqlGs/T1c+xN2EJoNAAbWUTeAvjoUtEFx1bAPa2ea2iYJ6eNe4ZVw7A0xrj7AcPj5shJ8av1g139Qc3FUR01jpLqX7Q==$xmdnZL6YW0k/NKUx2VXBjQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfFwi%2F%2FqMkkG1jLcv%2FSP5MuQmk2Ftg9YTQXiXVpe7Quz4cHqA3V7R2I5GWR1ws2e0dJBMNcK3tGm5elmaJ41JrBoatjA%2FwUQtCPY26zaBIhsfbozUqx2%2Beq6E5sIBFIRsSGPg6gEdAs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cf5603a207127-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| stiffraspyofkwsl.shop/favicon.ico | 104.21.81.139 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1stiffraspyofkwsl.shop/favicon.ico IP104.21.81.139:80
Requested byhttp://stiffraspyofkwsl.shop/
File typeHTML document, ASCII text, with very long lines (14150), with no line terminators Hash5cf1cf69a478bd518f01190287a9cf27 3d58325b25dc9107b8152434e7a8cbed19cdb1d9 002345edd0f606bdaf23550cbc663b7ae513c58efdce114402ccb4fd38ccfea0
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://stiffraspyofkwsl.shop/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:17:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: kYdeEtil37xRSWv9x2620eqHzpg7bQA3YkL2GJ8mGDATmsZPrqVIKYKFQ9a1F8nD4CESa6D/gfwEIx7Ke8M7CQuYua9FjnkAaTt9ELwQuN7H8uQUfuCaG2lHimTto5ArdYr9SvVReFlOMiISeHiR9A==$lvCpxCW4BhFldoD6iMXgXg==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ODsQbglGPa5dGjPF0Aiwi8HTX4GLS8oiNiBx9hFIkX9k8D%2B3ORiYh7I1Js%2FI2Hv0wF4EeRepuPyY3rUi1xc9k3ogAK3JqlvDnqH9l1pUQDJUn%2B329mPV7AMVetAV9%2BwznRWyN9oTao%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cf560ca0f56b5-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1605841052:1715371816:saSGS0qBt_r5U7ovSZ6CBMVrnECMSrED1J4UoiG4WdU/881cf55d698b1bfa/569b66259bfabc9 | 104.21.81.139 | | 12 kB |
URL stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1605841052:1715371816:saSGS0qBt_r5U7ovSZ6CBMVrnECMSrED1J4UoiG4WdU/881cf55d698b1bfa/569b66259bfabc9 IP104.21.81.139:0
File typeASCII text, with very long lines (16448), with no line terminators Hashac849a25820c58f500328eb1ef30d3bb 74e54fefe6792d869d1de8c966e8d548f35ea5df 1defa202d0f5595cc1b07bd3e2c49de5dae87ac274c0c6ee0ac84aa6db29fac8
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1605841052:1715371816:saSGS0qBt_r5U7ovSZ6CBMVrnECMSrED1J4UoiG4WdU/881cf55d698b1bfa/569b66259bfabc9 HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://stiffraspyofkwsl.shop/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 569b66259bfabc9
Content-Length: 1826
Origin: http://stiffraspyofkwsl.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:17:52 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: ZyoNAcI0uGdNTnfl/aTQ0VBY/7i+jjErBGc/3P/b4rK1zNM+zgxAR6w1WIkGIjub$2CdQjhEeHD7Mp6Y+nL82UA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kc5h%2Bry84v0Pbyl0omNtTCgn5JOTnSk3VzhnWqg93w0CaJKecGFom%2ByaGT8MZrXQ35B4flZbQb6ledKSYauZc3u4jNeVyrHJbqI2ZFQUqiljfKYHwTcQM4rj6ncjkjijhJtQJk%2FS9xA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cf561ab8d569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8b99m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.3.184 | | 18 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8b99m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (42150) Hashbeb09bd31035bfce443060bc563c167e 9e4fd4ccf846b6a3e08139f970bf87de1ef22a27 f5146567cfa551f7b487346b69429c14e23307973d46a3ffd4722eb74a90804f
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8b99m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:17:52 GMT
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-opener-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
referrer-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
document-policy: js-profiling
server: cloudflare
cf-ray: 881cf562bd2b0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881cf562bd2b0b55/1715375872877/qQvM6VcM4z6MAK9 | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881cf562bd2b0b55/1715375872877/qQvM6VcM4z6MAK9 IP104.17.3.184:0
File typePNG image data, 31 x 50, 8-bit/color RGB, non-interlaced Hash210889896cd554d5f0c010152a3bb253 1b845642ede11176e087846d0d2c9da4170556f9 457fa8113f649dc2e04b26c853a7dea27a01cc6e242d66c0a5c4eb7e2d95f31e
GET /cdn-cgi/challenge-platform/h/g/i/881cf562bd2b0b55/1715375872877/qQvM6VcM4z6MAK9 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8b99m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:17:53 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 881cf5697a1f0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit | 104.17.3.184 | 200 OK | 15 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit IP104.17.3.184:443
Requested byhttp://stiffraspyofkwsl.shop/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42616) Hash86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
GET /turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://stiffraspyofkwsl.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 21:17:52 GMT
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cache-control: max-age=604800, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cf560e9cdb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/800379579:1715372085:t5SbG1ooEmH39aGelGegg_5dO5ThNyicZqQ-k8294u8/881cf562bd2b0b55/a7d8d379d8f03d8 | 104.17.3.184 | | 97 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/800379579:1715372085:t5SbG1ooEmH39aGelGegg_5dO5ThNyicZqQ-k8294u8/881cf562bd2b0b55/a7d8d379d8f03d8 IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Hash7ad0edf686a2c1eeef38af1471e25588 204d55185e6d761fcb34da4e8a79e1cf623f47fb 81be11ba7d077ec55d970c1baae534d5c059778a8a24a76094c575a5a0a8c6d4
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/800379579:1715372085:t5SbG1ooEmH39aGelGegg_5dO5ThNyicZqQ-k8294u8/881cf562bd2b0b55/a7d8d379d8f03d8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8b99m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a7d8d379d8f03d8
Content-Length: 3552
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:17:52 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: f/CFiJUJJ+TBeZ8IiszZMogGBK19rO+pfgD7PRfJV71U0WruaGAB9D7zEHYe0vTL3R2WC0oP5bS07WI6SYSCUA1ehDLp/P9mnhqLIma20G43kdl4hp1lC3UzGVQw2RjYULY/pjDGiheCdM6kis1QT7XURqdUukaGDr8j/O9CbsAyYyC6boeVueHf0EwSGHkT3QhGebhwDT2klaUUijm5AEkgros6pCHCokwpst6IcozUGI8e6syqodp7F92VQZ0e2Br3EbU8ZGoWnXIZNlwhccSOQrZbaU0CUUUnJ9hbHYdNdsC/7CN+DGelF+ilU6JT6LGFY1kbX6HIfOpUV9oonwlExbN708SVTLsQPgUizAEriJbFexSe4V7Bi2yr9z8Xd5flrgiiehhLejDnwnS8cygSDmVIXWQuYTA9XtoROzf3PmZsWaUceE28LClCa5AG$GXie8okMGmvSvSutQeoh9w==
server: cloudflare
cf-ray: 881cf5656f370b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1605841052:1715371816:saSGS0qBt_r5U7ovSZ6CBMVrnECMSrED1J4UoiG4WdU/881cf55d698b1bfa/569b66259bfabc9 | 104.21.81.139 | | 2.4 kB |
URL stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1605841052:1715371816:saSGS0qBt_r5U7ovSZ6CBMVrnECMSrED1J4UoiG4WdU/881cf55d698b1bfa/569b66259bfabc9 IP104.21.81.139:0
File typeASCII text, with very long lines (3048), with no line terminators Hash6f035d8c96a5cf7d0978966dd295f72f 4c82b240a91e0b9b4bf437cd6df8e64e3c0a08ea 9fa7966330757a077ebb13715c431bb6ba4a6a3b741036ac656155c4bee6673e
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1605841052:1715371816:saSGS0qBt_r5U7ovSZ6CBMVrnECMSrED1J4UoiG4WdU/881cf55d698b1bfa/569b66259bfabc9 HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://stiffraspyofkwsl.shop/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 569b66259bfabc9
Content-Length: 2529
Origin: http://stiffraspyofkwsl.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:18:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: /2AfmaP7MYNgH1CQuG/AYU8UuUXo1+woN6IR1bh0r3lL9LdzlL/GZQnM4spJNegqpp6LQrsoaN8TGMRyUNXyWbmp/ZH+JoHGiOFvMNCmX4E=$KRY2tl1Bcggqs+2w6MwRtA==
cf-chl-out-s: IqZR0ClALYrEj41l/eq0jQ==$+t81WAsBi12m9fTO6jpUSw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHLDGoy9ISEzfPTMMMDC2Xu%2BVGFMD5eKylhNL8wKYRmWYnnUvjYtVZPIvdFm5rfuf38cXbXidRPfV326K28hWbZZpppxVQ1nT79hLQx3kqSz69qgRDGLPULMu5q0%2BenEKgw7yzKZjQM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cf5a26c8b569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/800379579:1715372085:t5SbG1ooEmH39aGelGegg_5dO5ThNyicZqQ-k8294u8/881cf562bd2b0b55/a7d8d379d8f03d8 | 104.17.3.184 | | 9.3 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/800379579:1715372085:t5SbG1ooEmH39aGelGegg_5dO5ThNyicZqQ-k8294u8/881cf562bd2b0b55/a7d8d379d8f03d8 IP104.17.3.184:0
File typeASCII text, with very long lines (960), with no line terminators Hash465d4a5e9c598ecbbbd5a47a911cca7f d5aae8582f8a8d9bd0e9bb76e82d6c9fec756b64 fe3242d82b4b8ea8fc120accd32c0d28572ddbdf6c9be3faad3ced248d4285fb
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/800379579:1715372085:t5SbG1ooEmH39aGelGegg_5dO5ThNyicZqQ-k8294u8/881cf562bd2b0b55/a7d8d379d8f03d8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8b99m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a7d8d379d8f03d8
Content-Length: 40905
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:18:02 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: v5pVyIl8N44ko+cBgDhglw==$FbKutv8QDaJCs+Lhzr+CMg==
cf-chl-out: 0nZPeYsVyFCa3zTYL97isCCA4z23TcEuoFXL/uO2++Zpk9UwXP/+fQkqunCfasy8cp77plPkh8M43B6X8OSM57NljRn/drt7LWCTkWZ0cWA=$9ezD3NFZ0OQm3fzJiegmIQ==
server: cloudflare
cf-ray: 881cf5a1dd9a0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.81.139 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1IP104.21.81.139:80
File typeHTML document, ASCII text, with very long lines (14142), with no line terminators Hashfb958c584e0caa8f7f113d3910e1ab56 5cf644c46d95faa62bad812a073ecbe5b3c221b7 83ca911d285d38c42264c9ce528ae3a263aed29f4288a789b2c523db14dd177a
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:18:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: YYhymCl2KqDde03ZR/tBfZVVTq1RmIS601EtLkyQjT+E+fszo9/LOQKw8WqtnyxbkVgNMdZ2tz+1T9d953NjWaa8FegyGBu/L8W0U+7vwEPcGFRd97FOeRNzFc5HL7OAmKNPefjJv/WSUUAbhugbUQ==$jk6s956Z0x6kfc2V/xjYGw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDmQCxgarrLuLMXsXmpqh5JsJ1QWDek9e1rdSlumaUFzZLXMG%2FBRbqyP4Kt%2Bu9SjgdthTLG7cnhgEbBiVlYVOeboZjmVfbaS%2FRqrQ2%2BPsKyRFl74LaoC9ifd25DN%2FLeqF2gQUcYXv1U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cf5af4944569c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cf5af4944569c | 104.21.81.139 | 200 OK | 114 kB |
URL GET HTTP/1.1stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cf5af4944569c IP104.21.81.139:80
Requested byhttp://stiffraspyofkwsl.shop/
File typeASCII text, with very long lines (65536), with no line terminators Size114 kB (113555 bytes) Hash1bacff7962b7a93e6809a56e26f2cf90 0ac67731bd2f454f5b28e65bfc6a663a06b4eda9 61b9cfa33e3851fe1cdc8c4f4594cecc27a10605201a8fd579cb47009030ac75
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=881cf5af4944569c HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://stiffraspyofkwsl.shop/?__cf_chl_rt_tk=jVKUOVM3Ou4OqSFb9xwMSAitK2frhy82eKzO2vm69As-1715375884-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:18:04 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vaVrkpvx1yr11xcuIdPDk9SAJ3y2e2fSp5dRyJYJ99bVRh4SmFtLUDH8jnvob52d%2Br7S2tGeEz%2Bdt5L3Zojygythg%2FXzTcNJHgs4q8ZxQ%2FgVUVKdVyXEwE3kWelnTyqZWAjUdLmWRRA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cf5afa92fb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| stiffraspyofkwsl.shop/favicon.ico | 104.21.81.139 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1stiffraspyofkwsl.shop/favicon.ico IP104.21.81.139:80
Requested byhttp://stiffraspyofkwsl.shop/
File typeHTML document, ASCII text, with very long lines (14278), with no line terminators Hash1e78e4b2fc7f279490e47af95ccf12c2 41515a197612701156a2129f73f5bf79d5dfe783 b06a08a4f16b66288c1d23f2f82c5977371a75a1e031af69074bd3c4540d7a10
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://stiffraspyofkwsl.shop/?__cf_chl_rt_tk=jVKUOVM3Ou4OqSFb9xwMSAitK2frhy82eKzO2vm69As-1715375884-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:18:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: +NzV2kDDrg/JW9p+/JxKCnFBAMFaWOQ5swKVrxkfhqz60MmOSAOHhZgXG6AKeOXKArb2HCRGuGCYMJGbddnq9BCMVbS70YJeoEER/EZs3wKPlJwG+qdrB6e4fp1aOV5QvCKaZTR0VQ8njBUkU246pg==$tpp/k6wmFt1vpVWhPEzewA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n2J5tUvm0AGk6pM%2F3RY%2FQdDDgTXYDydJ8QuWalarr5BPK11MEs34JZ7nJEmFMUb4b%2FpG93ZM6Vz6lo1LFmm1gJW0qECBea922ZrTbJAebouzQevz6y1UYl8dzZY0UEi3TyFNBsogp3Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cf5aff985b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| stiffraspyofkwsl.shop/favicon.ico | 104.21.81.139 | 403 Forbidden | 5.8 kB |
URL GET HTTP/1.1stiffraspyofkwsl.shop/favicon.ico IP104.21.81.139:80
Requested byhttp://stiffraspyofkwsl.shop/
File typeHTML document, ASCII text, with very long lines (14193), with no line terminators Hashfd4333770cee3f45e23d62442b7ec4d6 4af8fca2df7affd2682ac1ba7d52a0c3634bf946 02635146dcc70ebcf11abd999187d80aee54c8610669a239e05d559598dc82e3
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://stiffraspyofkwsl.shop/
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 10 May 2024 21:18:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: RR0TbahBJzSwvwS+R1cIQ20UbeVFWz3wDU853EnrZVQG/l/GSjAAjfP1+2uQjU227uL6XbaLKcLo7EK3fBQjrnqYeCsxuKGBOJaT9PNT03w1vIccL+OfqKXSqJ+/fVgr4f5YAt0IGqIwY8g29NUwIg==$f+fSen6ny9/jeAmFfSSg5g==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v996a9JYLhircbyKpTTULEVVd2paaZx7cD2UOBPGbgDXxcBV5ksT8gXsbhUvfIQZg3f7Q2lSHPO963t1hoKG7f6cDvTJAC0uMAcp0quQOnRVWOqp%2F2LCn31iXiC7%2BMS9RM%2FJEJ09ksk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881cf5b06f02b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit | 104.17.3.184 | 200 OK | 27 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit IP104.17.3.184:443
Requested byhttp://stiffraspyofkwsl.shop/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42616) Hash86183dd14ee10d1dee92b37b5069d716 9ec32d650ece484bbe624ca734a0a65e22d35dd6 ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
GET /turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://stiffraspyofkwsl.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:18:04 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: max-age=604800, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 881cf5b0680f0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:18:05 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 881cf5b2a98d0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881cf5b2293d0b55/1715375885530/WLsXbRB1oVmh7aV | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/881cf5b2293d0b55/1715375885530/WLsXbRB1oVmh7aV IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 79 x 58, 8-bit/color RGB, non-interlaced Hash0b3378d6e617e7a24e27a2d31de747f6 6706b338d41322ab4b2b5600e4e2777b14fc57d4 87c252e856fc416d9db13e80efe6f683e18e867cc3a3ac1ad1b1b8a04fc20fd3
GET /cdn-cgi/challenge-platform/h/g/i/881cf5b2293d0b55/1715375885530/WLsXbRB1oVmh7aV HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:18:06 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 881cf5bc8ffc0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1782673872:1715371808:cN0Hn0AyvDqjscFJmSgr_i8NcroiRZcsylmXfHb7_io/881cf5af4944569c/f54327fc690f01c | 104.21.81.139 | 200 OK | 16 kB |
URL POST HTTP/1.1stiffraspyofkwsl.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1782673872:1715371808:cN0Hn0AyvDqjscFJmSgr_i8NcroiRZcsylmXfHb7_io/881cf5af4944569c/f54327fc690f01c IP104.21.81.139:80
Requested byhttp://stiffraspyofkwsl.shop/
File typeASCII text, with very long lines (16444), with no line terminators Hash7e949841bafce2fac380966306c08d2a 85186797b4c7967e164743bb15b41a49f114302f 4f45c251e4f3469c74acc54de02676e0c6b21982720f31d1249bcbcf72a2e998
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1782673872:1715371808:cN0Hn0AyvDqjscFJmSgr_i8NcroiRZcsylmXfHb7_io/881cf5af4944569c/f54327fc690f01c HTTP/1.1
Host: stiffraspyofkwsl.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://stiffraspyofkwsl.shop/
Content-type: application/x-www-form-urlencoded
CF-Challenge: f54327fc690f01c
Content-Length: 1835
Origin: http://stiffraspyofkwsl.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 21:18:05 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: FoaA9RFIicIOvTYyIkbvHTsgtWbmkfVg3Z6qrRHdkpwZP8zpALROtM6m0GOvqbpW$AI8VXpnibajGcEKMZVHHoQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgjCYsrTw9BHgtN4f4E47Qvt8y8y%2F4HyuENR6i%2BB86Pk%2Bv%2F9XErAV7BUDhdoWWeU1fFi1Mtqqg%2FmqUaMNRoOvn971LMC1hj%2F546BsltOgmHdkcXs8Hf6CdGl7BbClJ68qRJbz80T780%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881cf5b12d6ab4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.3.184 | 200 OK | 79 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.3.184:443
Requested byhttp://stiffraspyofkwsl.shop/ CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (42150) Hash7d367a9d43b80be6379ddeae60f084a6 c77f4dc41a586a68a7760599c34d6d2bbbf79d41 12a399a769ebc13fe4594c3bc7bcfc43f01184b76899769ae2d074734d7abdea
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:18:05 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
document-policy: js-profiling
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
server: cloudflare
cf-ray: 881cf5b2293d0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cf5b2293d0b55 | 104.17.3.184 | 200 OK | 440 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cf5b2293d0b55 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size440 kB (440185 bytes) Hash18640d89865667a6c7e375f8869ab7e1 41e21c8486b49be7f58befbcbc32b0360182cb38 9b3be90a535e94589e50c7652e35354a9ceafe5585647f32b3631e61b6c9999d
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=881cf5b2293d0b55 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:18:05 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 881cf5b2b9930b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1183714007:1715372038:u2k76uMEJogGjVWzz2lbMU4RyfMdwfM52C8d6-Swu5c/881cf5b2293d0b55/8f997aab9eab6e4 | 104.17.3.184 | 200 OK | 115 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1183714007:1715372038:u2k76uMEJogGjVWzz2lbMU4RyfMdwfM52C8d6-Swu5c/881cf5b2293d0b55/8f997aab9eab6e4 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size115 kB (114552 bytes) Hashe08108fc3573783a604fdbf889815312 ec7aa124c320aaffbb6f574317eee88d9bc5d7e3 3fa7f27a26b838abfee1dcedb32e703967abf37d6f38e36e04b6557c17f78db7
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1183714007:1715372038:u2k76uMEJogGjVWzz2lbMU4RyfMdwfM52C8d6-Swu5c/881cf5b2293d0b55/8f997aab9eab6e4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8f997aab9eab6e4
Content-Length: 3525
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:18:05 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 4VCuuUUPfcRwb/bzxrlMiz4Tz8uwYHcSSsGqKT/lNMq5nKOZokg2ogde7t+n7fh19KYKv+IHDnbCYOHeWErNruh49iMizuWMzSjJHoDq8oiRXrP4GrQ6WrIpGH7TjCoywCKLBloqnRjo+Iytg9gDnFJALJdzcSpx5QbdLzGd073taArVaFKEIAa0u1bA7KhUBRqhaZBz4Y8p/9wLwuN0xgB+zEgYHJtXrfiqhKZI9HDCe5jrZcEQsd1bBmwry5qkBKanP5xvYV5bgo9N3hjaxJFshtNQPfYOh9kEz6lalWrm56gVbCgdXkV6qseR5qj8djN2HssRj1Kp/do7P3lbA90WBT5Pv2CNnii5rz0NP0TQzpQND5TejbxJDrrAKde5py1PSiEfiGu1JiWsr95AKLc5wnEV06MiE+HL21VsHbc0pSwTCuiur20F1JdPeCio$uYSy7u7l3uK9nTQ0eMGI/A==
server: cloudflare
cf-ray: 881cf5b47ac30b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1183714007:1715372038:u2k76uMEJogGjVWzz2lbMU4RyfMdwfM52C8d6-Swu5c/881cf5b2293d0b55/8f997aab9eab6e4 | 104.17.3.184 | 200 OK | 22 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1183714007:1715372038:u2k76uMEJogGjVWzz2lbMU4RyfMdwfM52C8d6-Swu5c/881cf5b2293d0b55/8f997aab9eab6e4 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22332), with no line terminators Hasha1a7f1fb52b8ac379952221925521d79 dfef2e45574853db1e8b878bb30989a21f649285 28b77ddeb23796e9f89d294e8becb667b339170d8770358e69d125c25bfb1989
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1183714007:1715372038:u2k76uMEJogGjVWzz2lbMU4RyfMdwfM52C8d6-Swu5c/881cf5b2293d0b55/8f997aab9eab6e4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wxfdu/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 8f997aab9eab6e4
Content-Length: 28128
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:18:11 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 7uIpIc576Qt0WPLUJL60EWOHDZ/3sg85IFQlSc4ClYw6wBSXZx1W29skJzoWwoBW$llt1EcyMIP1JBTxGygpCWg==
server: cloudflare
cf-ray: 881cf5dc6f700b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|