| | 104.21.86.106 | 403 Forbidden | 5.8 kB |
URL User Request GET HTTP/1.1IP104.21.86.106:80
File typeHTML document, ASCII text, with very long lines (14334), with no line terminators Hash8e2a761618fa0a2d195366bd2dd0f0e7 5038ae7f3f7b32ae7a6551b2fd035093f8348689 9d1a365c8e62b53b2e9f477615f62645c0a352812cb7c11262977eaae82a9664
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /R HTTP/1.1
Host: incredibleextedwj.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 15:19:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 3fRffuK1YArLH1Gs5iAKDBva1ymuVhF5dPL0AMPJZSYaCPUHxTB14B0gzWMJUUEo29h8LVXS5fipKNlAPWjoyrShkrBWeTzVnMK4Jhab+/qL4Adb9ExR3k/0EdpJiQ4pxJywVNH9WtdL23D4dzapPw==$vYbwoNtj3lmlV4wbCxcafQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U6pjfQfphVvl2rHuC%2Bq9wHK7g8V8sRtSVCVUN2cpKbuoAGm%2FGhWxdgzTUw%2BTbnf%2F6LVadeN6kKgVoifo95cH7IgXWkcfDahXhUOXzw9IlVh82KE%2B3O4P2P%2FQr%2Bbd5%2FSiYIPGR8FCgFit"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e978792d5056c0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e978792d5056c0 | 104.21.86.106 | | 111 kB |
URL incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e978792d5056c0 IP104.21.86.106:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (110652 bytes) Hash894f76a1ee39d477009b1909bb6dbee9 0c856b3eaa732041ef12094306ca01218169bb7a 52e31539548b95e06fe69f30de709c483a25ee17b355de4c50b7da8a5af7fb44
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e978792d5056c0 HTTP/1.1
Host: incredibleextedwj.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://incredibleextedwj.shop/R?__cf_chl_rt_tk=OHV1YArT5eyCy_i05N9Y0pbtj1jRx0maqouUsSBof5Y-1714835982-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:19:42 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3d859B4QLLB89N7aGrenN06%2BLSWwxbdlXl5uAFTZKFySme3I1YUumT1jjISnCtu%2BZpNf38ypIub%2Bgm9k%2FzfgO8Vwt5V7%2BZOvbfet6nKPIY%2F%2FVPmSmgs7XXFiTYDLV8DEwCdbMGgA0MCt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e9787b3e8e712e-OSL
alt-svc: h2=":443"; ma=60
|
|
| incredibleextedwj.shop/favicon.ico | 104.21.86.106 | 403 Forbidden | 5.9 kB |
URL GET HTTP/1.1incredibleextedwj.shop/favicon.ico IP104.21.86.106:80
Requested byhttp://incredibleextedwj.shop/R
File typeHTML document, ASCII text, with very long lines (14398), with no line terminators Hash16d03878340722192039ede8c986d8e2 e0585f7edb1e86386acd5d0a9887192d5de14011 b05e2c830ca660f35e392161d6570f06353dc8e43e6cb54afe62fd71b9efb69e
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: incredibleextedwj.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://incredibleextedwj.shop/R
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 15:19:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: NK9hgHv/ddRUNz8GloDEkSFn/g+Cgm3GMTJVXBg6TdGyCkuipd2SHtOxZxeSd/cGE/F3b80u0+TZkYWk/6fYUUAxz4ArcKq9Q1gqs0whqWHIVaEFEnE/eqV06hcbETREw72vxoAi37OAYinPSytfQw==$aIsXuzPBmr5+hXhNTBxjSA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jp4C1z%2FBKG0pBKXFqTlcyDBPhkvTOzIkjG6znz9zd0EZfrBuxtcsPeyZsgOVJTsZhTtVv7KWeHQZJ6Ol1IDVBzZIxmj%2BJ6TShk1EIxTQUFzOMJUACb0BXI64KtU9%2B4tseZEbzjUhMxa0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e9787c1bc6b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1039461177:1714832887:8CQvKsaBsDuqt_z4MTcdT95C89OxRejP5xltbaP7HxQ/87e978792d5056c0/c18d732aebf0cd4 | 104.21.86.106 | | 12 kB |
URL incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/1039461177:1714832887:8CQvKsaBsDuqt_z4MTcdT95C89OxRejP5xltbaP7HxQ/87e978792d5056c0/c18d732aebf0cd4 IP104.21.86.106:0
File typeASCII text, with very long lines (16408), with no line terminators Hasha0dbbe873b873ca5060eeec89269139d fb4cc93d5bb42fc632bd170a93c0dc2193d91c86 f6c77a638da0a5cdebd125129b3b686f3f6077e167e49397f9e85123b8768826
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1039461177:1714832887:8CQvKsaBsDuqt_z4MTcdT95C89OxRejP5xltbaP7HxQ/87e978792d5056c0/c18d732aebf0cd4 HTTP/1.1
Host: incredibleextedwj.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://incredibleextedwj.shop/R
Content-type: application/x-www-form-urlencoded
CF-Challenge: c18d732aebf0cd4
Content-Length: 1882
Origin: http://incredibleextedwj.shop
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:19:42 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: LocYU4a2yZZq7QIs/nDGFsV5EA3LlTa8oRAhAzcctkMrjKA4cZr7JLZYMEGQ+Hx4$ITKO7mNmc76TcdedicQGOg==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iq5558GeAsKNjMkBIjvNMPlcQyElU2a6P8qyo0aeNfePIBhNzgDMv4yKFd2HRF4wkhZl5VkpMIqUqxl3%2FjXWbph4PupfgctLzYDxXJ57FRDp5EbHzVtva0OG3gPxTtEqIGJ86dL7RV9p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e9787cbaba0b31-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gar6c/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.3.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gar6c/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hash82e4ed233b53f83a8c8591fb4fb7675e d14db1bc01b69e995f8b0cecec34d07e81455825 d3dd1519017d36fcaada4f456629e21ee203849836970be16685cf0087d5f288
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gar6c/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:19:42 GMT
content-type: text/html; charset=UTF-8
document-policy: js-profiling
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-opener-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
vary: accept-encoding
server: cloudflare
cf-ray: 87e9787d99b6712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1926594544:1714833043:R3C6zYdANhrDAdqRC2WEQxPRI29vp9ek4qn4aJQtj-g/87e9787d99b6712e/54b70584fa47234 | 104.17.3.184 | | 102 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1926594544:1714833043:R3C6zYdANhrDAdqRC2WEQxPRI29vp9ek4qn4aJQtj-g/87e9787d99b6712e/54b70584fa47234 IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size102 kB (102549 bytes) Hash3c83bb13e2063f4a5080e2b16ae9cbd0 2274588fe5d5b577231f4c168fd565ff316024ec 38826666135249bfbf77782cc22376a20bea791540fe4218f007d244815b47f6
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1926594544:1714833043:R3C6zYdANhrDAdqRC2WEQxPRI29vp9ek4qn4aJQtj-g/87e9787d99b6712e/54b70584fa47234 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gar6c/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 54b70584fa47234
Content-Length: 3521
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:19:43 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Zl9rKJZ8FW8zc0bfcmRqzbwA3/ou9R2ogNAT8kxYz2VYPLnWkK5VG5qvUOHl5+i1/NXSyBLNwTYdgePzYmDdZgeUzg7fJCvMuLnRPEDBc3kIqx9mWDz3kMKzvd3pY8j6PAh/IhUPGIH2AFvU181JnstPyJZ3XBYOLCrqhzDuMNolPdck3rTNjtAMLNuefp8KGKXPSn4X1odVfaHuozPGYrljKdQoL0G4D5EClU7nJl0h6gTGjCREaqOHgFINLu6AZLtc0dxQmLUyZnm5VjLJnaCITq21okTFADSQcrMjVJooXhp8EzaSR3ZGpGKDXrr1FO6Huzs0lu4pI1x/JLmmAz+I3FVXC/MYIaf5IpLmdMyiyVgPdStlrOomt5NBn/IdFhAYWh+MxEma5Nrl/fbH2ejYdZLmhJDApF11/NNY+x0=$oXkZTQxzmlCnkSS7pbfKxw==
vary: accept-encoding
server: cloudflare
cf-ray: 87e978803cf7712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e9787d99b6712e/1714835983410/h4Ajsn1X9s-fTwC | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e9787d99b6712e/1714835983410/h4Ajsn1X9s-fTwC IP104.17.3.184:0
File typePNG image data, 75 x 22, 8-bit/color RGB, non-interlaced Hashf847fa7193d2660c9744ef7e2668c841 609217fcca0682d09339b3b245ff5fe7c2d0db6f 283fc2bf8396237a013ad78641ae0dcab08b661edde470f5c6a52b5eff7baea1
GET /cdn-cgi/challenge-platform/h/g/i/87e9787d99b6712e/1714835983410/h4Ajsn1X9s-fTwC HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gar6c/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:19:45 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e9788def2a712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1926594544:1714833043:R3C6zYdANhrDAdqRC2WEQxPRI29vp9ek4qn4aJQtj-g/87e9787d99b6712e/54b70584fa47234 | 104.17.3.184 | | 23 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1926594544:1714833043:R3C6zYdANhrDAdqRC2WEQxPRI29vp9ek4qn4aJQtj-g/87e9787d99b6712e/54b70584fa47234 IP104.17.3.184:0
File typeASCII text, with very long lines (22328), with no line terminators Hash6a559a25ffa31714e863ed0eaaaadea8 25ad9e4b1e5a994236165950026d799c4e598b98 617c83af79ac51dd78438482df2528cba3aeb848f2c90dc599e5fcba48b90f2f
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1926594544:1714833043:R3C6zYdANhrDAdqRC2WEQxPRI29vp9ek4qn4aJQtj-g/87e9787d99b6712e/54b70584fa47234 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gar6c/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 54b70584fa47234
Content-Length: 27424
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:19:46 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: xaY+WPpY7h+ES8m/9ioY0xWv/j1tI2eKQAT6vlB/8gfwCIlJkNOmp5QHnQ/wP32V$fDvup5MPuChAqhS/Cv2spA==
vary: accept-encoding
server: cloudflare
cf-ray: 87e97891bd43712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.86.106 | 403 Forbidden | 5.9 kB |
URL User Request GET HTTP/1.1IP104.21.86.106:80
File typeHTML document, ASCII text, with very long lines (14377), with no line terminators Hashd4b2fbb88520216c6095420fbbef942c 50f77ef864b3b2f50ccd13e51454286512d3c9b9 0fcc510e4d44f5f2bbf9db9e663ea8a59cdd24097eb30dae3def5810bbc07735
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /R HTTP/1.1
Host: incredibleextedwj.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 04 May 2024 15:19:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: s973sWmq1ILHUwtAEjoK4WCcVDkwdokNheKRulxbQYDyiKnNG8Vaqc6vFloGV28xkqkO2Vp1v57ZjfJPgzs4hqOrLnv63K8V9ina/dwovrje3WjTVm5znMN/zgIlQPehSU4r5pKbsXPpORuowoaUnw==$yhilKOelxSA9jw2vLM3xbw==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gEPw3OGssxcm1aePYpiAw0tGDsD5TvaaU8h8paTiIVe1ievNU9ByIosFYG3BQx4oVBJvoZNaEqLnV7cofY8%2BWWMj8uPEvFriAY4K8eJQOJwKEhPMP6LrqI3qd%2BspcqNjh1xT%2FlyXyFwc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e978bc0fc50b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e978bc0fc50b31 | 104.21.86.106 | 200 OK | 115 kB |
URL GET HTTP/1.1incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e978bc0fc50b31 IP104.21.86.106:80
Requested byhttp://incredibleextedwj.shop/R
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size115 kB (114827 bytes) Hash7ee9e8b4833f04cc9aee05f4eff3b84b 9f31d489ee05445cddb2ab73c438404065f7c969 5bcb58fdffc7b4a06f31469e4263129ef4b89725076a0433eabb6b0bafed36ec
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87e978bc0fc50b31 HTTP/1.1
Host: incredibleextedwj.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://incredibleextedwj.shop/R?__cf_chl_rt_tk=kw6zEOfHHzv1oV6qHHM_khlMuCNidb2947eYYXlGiLg-1714835992-0.0.1.1-1279
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:19:53 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqSeIaVcn0U78LcJNaFtFI0EbYxLYuQQZyxXsXSW0m%2FqT%2Bkvo9luvx%2B4MaFetGLtdR%2BvoSpxie1dfdN7JJyzLfYsNOsxEgHpUW79FRa4IYNcs%2FyHWtn%2FfE9WBhJmBVnW9mrU9cmybrb8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e978bc7f8356c4-OSL
alt-svc: h2=":443"; ma=60
|
|
| | 172.67.218.63 | 403 Forbidden | 7.5 kB |
URL User Request GET HTTP/1.1IP172.67.218.63:80
File typeHTML document, ASCII text, with very long lines (394) Hash6c7fa93bcd8ed969a660112032d594d3 d96068e29b2baa71d4521a5bb442f4815e80455b 44cddd9004a8c0ff7e2d4a0880100a41449c46a678bca3d353f19164ec6a2ea4
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /R HTTP/1.1
Host: incredibleextedwj.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Sat, 04 May 2024 15:19:42 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Sat, 04 May 2024 15:19:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfFW62VSySh2bDi3hWBtRtMcayJCiP7cnQVUubNfMW0gD7ZrBgauTayJJSe4XJ%2F7KJJJv0PPIlp%2BKnBO1h5pPOiHAQBwuSWpTYrfbpGjIXXi%2BpqPY5yHZYRuOytAStVyqEpvoQtL37iS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e978788f6ab4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/867487060:1714832932:F_tm8SxSYjU__73i773p_1lO0_qAQEFztS6PGpEfwfE/87e978bc0fc50b31/662b931df040cd4 | 104.21.86.106 | 200 OK | 12 kB |
URL POST HTTP/1.1incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/867487060:1714832932:F_tm8SxSYjU__73i773p_1lO0_qAQEFztS6PGpEfwfE/87e978bc0fc50b31/662b931df040cd4 IP104.21.86.106:80
Requested byhttp://incredibleextedwj.shop/R
File typeASCII text, with very long lines (16412), with no line terminators Hash2f4cbdbbbec1146ef4ad9f44d03e5e95 f7b60621b50929c181354be227b9f610c955b18c 174d007e1103dfe1e017629b316bc65163d4347f0bdc3518f0a697349edef10f
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/867487060:1714832932:F_tm8SxSYjU__73i773p_1lO0_qAQEFztS6PGpEfwfE/87e978bc0fc50b31/662b931df040cd4 HTTP/1.1
Host: incredibleextedwj.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://incredibleextedwj.shop/R
Content-type: application/x-www-form-urlencoded
CF-Challenge: 662b931df040cd4
Content-Length: 1878
Origin: http://incredibleextedwj.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:19:53 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: RnI7Auwn//XWs9hR0NH1ZCYM5nIkTZUf1HeYkZIMdOnUWKG33Cup91jwwIa16xCK$ZwC+B2GVlou5em189aXhRA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4AYDfCSzLDV7o7eYZfiE5A3Jbw2uA%2Fk5Cuw7PSw5DlQmRMcrxmRMeJ39OmjK%2Ffa4fvRlFVb%2BD8vW2lfGPgInlhztszPuYRpU6Yl33fl4CPdE0JOuYY9p4ULl1e0yOfP%2BkpMPJM48%2Fy0V"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e978be0cca5685-OSL
alt-svc: h2=":443"; ma=60
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ypwof/0x4AAAAAAAAjq6WYeRDKmebM/light/normal | 104.17.3.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ypwof/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP104.17.3.184:443
Requested byhttp://incredibleextedwj.shop/R CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashd225776e75706e1755abeb91ff4028f0 984253051307dbdc9b851efbca731ceea6cce5ef fca99e79f3a4d92b18a4852394691d60286a350fe166daa4a2a7f348c494da9f
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ypwof/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:19:53 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
vary: accept-encoding
server: cloudflare
cf-ray: 87e978bf4b19712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1783594966:1714833088:vD2NkUG2qsbQziKAri1kEL-vmf7Fk92Z6G41QDUA5Ko/87e978bf4b19712e/15468737108b170 | 104.17.3.184 | | 100 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1783594966:1714833088:vD2NkUG2qsbQziKAri1kEL-vmf7Fk92Z6G41QDUA5Ko/87e978bf4b19712e/15468737108b170 IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Hash1e075ca518a8206139b11297302da9f1 a8a7aa4c5b93255ba7728db0586833e4b590797b f76c8544a555946185d25f785a0af34361553b1f1489ec0b7fe26d6164aadf54
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1783594966:1714833088:vD2NkUG2qsbQziKAri1kEL-vmf7Fk92Z6G41QDUA5Ko/87e978bf4b19712e/15468737108b170 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ypwof/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 15468737108b170
Content-Length: 3497
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 15:19:54 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: sT9CVSsjL+CDaS1bCVi3lN6pJ1YfcFFwLGDDUfCy3IFuVdYpO11137NOJ2OOaQYPYZ0aCAOTyRSLCQ1akR+rHW1xJ25ndW8M6s36eIs4O2u3SX1VYCxdcpRwMEaxuzkpZN5vOsyxVVIolvkrKAjNZTp9cEqJbsqVIOtEQ2CTSr42BfKgUemvAT+lcpGNE7/AAIUfjjZyMh3UOqjbbTgTFK176r5jpMrsjgas1qVMN6AE0U+SERjBnCXX2U16V5Jv+shr1cvvFUOYj/emDtlgtggvTPaIzjSvjXbM/amDsIcn8tHr8Lhzd1m0MqP9/9JjdLGQJ4cgU/lp+xYZ6GYsoJUjvsoMRjnRYD7x7UEi8+3NnknugHhRTbzjHu1+wIUsKpEqQwdrYk1pvXnlep0/LE2ye9ykD/SPPux2FD0fHts=$mRftRqCBCBJpXaiLTyczWQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87e978c24f8b712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit | 104.17.3.184 | 200 OK | 20 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit IP104.17.3.184:443
Requested byhttp://incredibleextedwj.shop/R CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hash65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7
GET /turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://incredibleextedwj.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 15:19:42 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e9787c2f3d1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/867487060:1714832932:F_tm8SxSYjU__73i773p_1lO0_qAQEFztS6PGpEfwfE/87e978bc0fc50b31/662b931df040cd4 | 104.21.86.106 | 200 OK | 1.8 kB |
URL POST HTTP/1.1incredibleextedwj.shop/cdn-cgi/challenge-platform/h/g/flow/ov1/867487060:1714832932:F_tm8SxSYjU__73i773p_1lO0_qAQEFztS6PGpEfwfE/87e978bc0fc50b31/662b931df040cd4 IP104.21.86.106:80
Requested byhttp://incredibleextedwj.shop/R
File typeASCII text, with very long lines (2328), with no line terminators Hasha52c38719f100ff4dbcf23dc84ba6e98 94fb8a14a753d33c8c08ff7e92a6f5efd04033ef cdeeb4af0c31b7568868ee45fefc3e433fc04a9ba9d45412b0510c5fac34d3e2
Analyzer | Verdict | Alert | ThreatFox | malicious | Lumma Stealer | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/867487060:1714832932:F_tm8SxSYjU__73i773p_1lO0_qAQEFztS6PGpEfwfE/87e978bc0fc50b31/662b931df040cd4 HTTP/1.1
Host: incredibleextedwj.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://incredibleextedwj.shop/R
Content-type: application/x-www-form-urlencoded
CF-Challenge: 662b931df040cd4
Content-Length: 2548
Origin: http://incredibleextedwj.shop
DNT: 1
Connection: keep-alive
Cookie: cf_chl_rc_i=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 15:20:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: DASK/SKaloyfe+MKcsQGeg==$lo03kFX8wLAkQGSX/FGKYA==
cf-chl-out: w4JPN0mg6EDVp8btJfpSFbvZX7K7/I0DLx9/LcKUSFrNiKIVepQ9Xsc9qr6LiWcdBCmuaiIwYdUSujCKrf43EuTto6iwgFqoc6e4nUhI4ls=$9KYpo59BWwoiNQyXuuSdkA==
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdlSUkwNzndt8ky5M5U8EXFhD8HFVIe3RK49u9H2P0U5AWyns6T7NIuhexTv8uV68q6AlZSUjkMnHHncRIserae3gZpy63oI4SP3zg2PsmoC5XcRePF7IKqIZoY35yM6hdJ0ax9Nm14f"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e978f4acf85685-OSL
alt-svc: h2=":443"; ma=60
|
|