www.hunters.security Open in urlscan Pro
199.60.103.227 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Submission Tags: @nominet_threat_intel feedly-filtered-v1.0 reference_article_link confidence_null cluster_14756114 Search All
Submission: On December 19 via api (December 19th 2024, 3:06:45 pm UTC) from GB — Scanned from GB

Summary HTTP 73 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 73 HTTP transactions. The main IP is 199.60.103.227, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is www.hunters.security.
TLS certificate: Issued by WE1 on December 10th 2024. Valid for: 3 months.

This is the only time www.hunters.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	199.60.103.227 199.60.103.227	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
11	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:15::213:7e4a	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.118.43 104.16.118.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
73	11

49 199.60.103.227 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

www.hunters.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

5765386.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:15::213:7e4a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.118.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	hunters.security www.hunters.security	2 MB
11	hubspotusercontent-na1.net 5765386.fs1.hubspotusercontent-na1.net	414 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	14 KB
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1634	27 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
1	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5921	1 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4514	2 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3945	160 KB
1	unpkg.com www.unpkg.com — Cisco Umbrella Rank: 44542	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
0	fontawesome.com Failed kit.fontawesome.com Failed
73	11

	Domain	Requested by
49	www.hunters.security	www.hunters.security
11	5765386.fs1.hubspotusercontent-na1.net	www.hunters.security
3	cdnjs.cloudflare.com	www.hunters.security
2	platform.twitter.com	www.hunters.security platform.twitter.com
2	connect.facebook.net	www.hunters.security connect.facebook.net
1	app.hubspot.com	www.hunters.security
1	ws.zoominfo.com	www.hunters.security
1	platform.linkedin.com	www.hunters.security
1	www.unpkg.com	www.hunters.security
1	fonts.googleapis.com	www.hunters.security
0	kit.fontawesome.com Failed	www.hunters.security
73	11

This site contains links to these domains. Also see Links.

Domain
go.hunters.security
twitter.com
www.linkedin.com
www.x.com
www.youtube.com
www.instagram.com
x.com

Subject Issuer	Validity	Valid
cca9dc7a.sni.cloudflaressl.com WE1	`2024-12-10` - `2025-03-10`	3 months	crt.sh
hubspotusercontent-na1.net WE1	`2024-12-05` - `2025-03-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
unpkg.com WE1	`2024-11-23` - `2025-02-21`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2024-03-29` - `2025-03-28`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
zoominfo.com E5	`2024-12-10` - `2025-03-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-27` - `2024-12-26`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-24` - `2025-07-25`	a year	crt.sh
hubspot.com WE1	`2024-12-01` - `2025-03-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Frame ID: 114E9976C4B752D1CD1600E8E3F286BF
Requests: 72 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.hunters.security
Frame ID: A2A31293A9BADF2AF00F71157E0685F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OBS Software used to execute infostealer via DLL Sideloading

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

73
Requests

99 %
HTTPS

50 %
IPv6

11
Domains

11
Subdomains

11
IPs

3
Countries

2771 kB
Transfer

4311 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://go.hunters.security/hunterscon-2024
Title: HuntersCON

Search URL Search Domain Scan URL

URL: https://go.hunters.security/community
Title: Community

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft&via=gotosage

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft&title=OBS%20Software%20used%20to%20execute%20infostealer%20via%20DLL%20Sideloading&summary=Discover%20how%20LummApp%20uses%20browser%20extensions,%20DLL%20sideloading,%20and%20infostealer%20malware%20to%20exfiltrate%20credentials%20and%20surveil%20user%20activity.

Search URL Search Domain Scan URL

URL: http://www.x.com/team__axon
Title: @team__axon

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hunters-ai/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCUufMdZ-6mS4dqEFI81IRKw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lifeathunters/

Search URL Search Domain Scan URL

URL: https://x.com/hunters_ai

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request lummapp-infostealer-browser-extensions-credential-theft Show response
www.hunters.security/en/blog/ 92 KB
21 KB 342ms
117ms Document
text/html 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13890a8f68451c83c974d5a4dba823dce8f9537f55938ea8d47b7f5c131719b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 8f484c424ff088b5-LHR
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 19 Dec 2024 15:06:40 GMT
edge-cache-tag: CT-184007583631,CG-24463927651,P-5765386,W-67518999559,CW-113865751404,CW-114030893094,CW-127063834721,CW-177021600416,CW-97550317662,E-113857786690,E-113858768455,E-113858809947,E-113865332764,E-114002466428,E-114356373127,E-114370662982,E-126880748318,E-126882284039,E-126882549514,E-126882549552,E-126882575241,E-126882575404,E-126882575644,E-127024241524,E-127040996237,E-127041525412,E-127662486199,E-127662486200,E-127662695006,E-130719549746,E-133487975192,E-176293618185,E-177020218457,MENU-67518999559,PGS-ALL,SW-3,B-24463927651,GC-113864403970,GC-113870397194,TS-113857760160
last-modified: Wed, 18 Dec 2024 21:34:34 GMT
link: </hs/hsstatic/content-cwv-embed/static-1.1293/embed.js>; rel=preload; as=script,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QF6ScZYCXP5CNNfW8%2BERRFtLBFq9aLxLPJkWQheyVXN62nazM6f28LVNio2RJfTx15pphR3rO%2FEi%2BcisHlF9mP499O0Gpevf8chkwd%2B%2F4E%2BypwtRCGc4D53xBMkAEijV%2BsUHSaw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-campaign-id: fc784c78-a1ca-4d17-bbcf-e3dbeb9b829d
x-hs-content-id: 184007583631
x-hs-hub-id: 5765386
x-hs-prerendered: Wed, 18 Dec 2024 21:34:34 GMT

GET
H3 200 embed.js Show response
www.hunters.security/hs/hsstatic/content-cwv-embed/static-1.1293/ 13 KB
5 KB 127ms
127ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/content-cwv-embed/static-1.1293/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb5224674e43d02db0037517f4aa29ba5ce9ddd0672e513cc7289714ba657522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"f667e53d5752ee2e5759f3dfaf20d330"
age: 1601169
x-amz-version-id: AFGFBaAC1397GFbOapH2DRIkjQ_NaZzY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSCXtFQRQ6I90RMkKSQOBLrtN8WPGZ4%2FGvZExLpUvWPNSJEPsfk4Hw2Hsdptut1JrXiDyyanEqjRZziu31S5ocr0%2FacQcmHUFLxlDergyIw0BynYeFKj%2FUnJaLDtTPpjyKliRqEU"}],"group":"cf-nel","max_age":604800}
expires: Fri, 19 Dec 2025 15:06:40 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: lpWOJ_zdMXFHJm5duZ2GUB55jYNuXLltjv2NHv7Zc9v-LjdXhLo2Hw==
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 19:59:06 GMT
vary: accept-encoding
priority: u=1,i=?0
server-timing: cfExtPri
strict-transport-security: max-age=31536000
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 01d9de39ec907ee6febcea913f8cbfa2.cloudfront.net (CloudFront)
cf-ray: 8f484c43089788b5-LHR
x-amz-cf-pop: LHR50-P6
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 project.js Show response
www.hunters.security/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 130ms
130ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ef84f26c310485299d6b75777414eddb"
age: 1763297
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=93ExPUq4pyLfn67yIYHX4oceecfre0yq0R3bxKoTgaQraSOxs2c0zjCD4ZSRQp%2F8Usa4AHtomBY6%2FjI7aLcXBKVGTLjVKBmX7Isqlvlob4NAlHmD1P8fXY7LVComVUyCXyqtKBUb"}],"group":"cf-nel","max_age":604800}
expires: Fri, 19 Dec 2025 15:06:40 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: -xgYbSkrxPwTYnIoK9L_AZxBwqR3mCc1rYiFHPDkCXL9Y9PnCJ2ZIg==
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: application/javascript
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
vary: accept-encoding
priority: u=1,i=?0
server-timing: cfExtPri
strict-transport-security: max-age=31536000
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 7e7605dff243a25ecb1590c5d7dcc7f0.cloudfront.net (CloudFront)
cf-ray: 8f484c43089888b5-LHR
x-amz-cf-pop: LHR50-P6
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 project.js Show response
www.hunters.security/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 68ms
68ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"61ca66de658cab9587e4636894680d5d"
age: 1689167
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gFe%2FUHn8nC2WU2dFjPh7ldVNEl4%2BUEy0tXotMa%2FBgRhmCJscsFBKIJYWt7ZOYCxUbblO0a%2FOR8bJd%2BUQgHqqUdykwc2VS8914HA%2FFFQGbhj6UIPusJ7dE8crUtsOLgYKsZSQMZOm"}],"group":"cf-nel","max_age":604800}
expires: Fri, 19 Dec 2025 15:06:40 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: hcSFTo_D6PCzjsNbcFYcxXx-qYjVK-tzh0fiKfqcZ_ndENb8NGD0UA==
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
vary: accept-encoding
priority: u=1,i=?0
server-timing: cfExtPri
strict-transport-security: max-age=31536000
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 a93ae2d95d8c99abc86774820825335a.cloudfront.net (CloudFront)
cf-ray: 8f484c43089988b5-LHR
x-amz-cf-pop: LHR50-P6
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 F37JudgeBoldCompressed.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/F37-Judge-Bold/ 37 KB
37 KB 142ms
75ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/F37-Judge-Bold/F37JudgeBoldCompressed.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631550304df547eb64d2d7af3e6bc30bf346fdd47640adefcbe22263b36d65b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "54e5c65113bb56ee4af633895983b9d3"
age: 457041
cache-tag: F-74685838647,FD-74685881460,P-5765386,FLS-ALL
x-amz-version-id: oROJePp8ny04DPku2cFXECrZhzDxBHie
x-cache: RefreshHit from cloudfront
x-amz-cf-id: gHzuOXxdpjzPx0KvjjB8whgGnZiONWUQAwQmKnMbrZsTFEbbZRD0uw==
content-type: application/font-woff2
last-modified: Fri, 27 May 2022 11:06:03 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74685838647,FD-74685881460,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: Q331YRKXKDXGPNAC
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-74685838647,FD-74685881460,P-5765386,FLS-ALL
content-length: 37524
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: reR2TVXQqDIeAFFfX/+Rcek4/jdujRSyjZ0rw8BLisOJHAbmtSaIbFCHV2ka98zVq0jiVmKnVCPbma3bJNR8sA==
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 95b26b715ee81beaff56d7e9f185da2e.cloudfront.net (CloudFront)
cf-ray: 8f484c437f5aef29-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1653649201795

GET
H2 200 F37JudgeBoldCompressed.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/F37-Judge-Bold/ 54 KB
55 KB 115ms
49ms Font
application/font-woff 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/F37-Judge-Bold/F37JudgeBoldCompressed.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aeece6fda59aeaf7ea1271ac3ecbe1189bd88726b444d8813de296f0ad41ad8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"fcdb90a6762c4f6d4b1d785202df4df8"
age: 887436
cache-tag: F-74685838648,FD-74685881460,P-5765386,FLS-ALL
x-amz-version-id: bxO6WUkxLECrzA9CObgprRT8g6V_LjJt
x-cache: Miss from cloudfront
x-amz-cf-id: Mznqcn24kKEDHw8Tjqkl4hDkn9kgVfBFBnyh6AbmGAbFJjWLelbDOg==
content-type: application/font-woff
last-modified: Fri, 27 May 2022 11:06:02 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74685838648,FD-74685881460,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 3JJQ87TTAVD2ZQ4A
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-74685838648,FD-74685881460,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: Fq9MK0ht6SY4yyrVE1gN0v+1j9irConZIWb/V7VSBWVSOula78IDZ8jelc80Lm8g5S02ue//pVE=
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 1c88a6c8b60d1139cfca12b34b1f9828.cloudfront.net (CloudFront)
cf-ray: 8f484c437f53ef29-LHR
access-control-allow-origin: *
x-amz-cf-pop: MAN50-C2
x-amz-meta-created-unix-time-millis: 1653649201856

GET
H2 200 GraphikRegularWeb.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Regular/ 30 KB
31 KB 118ms
52ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Regular/GraphikRegularWeb.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ef33de34661d7ae6bce5bc0b514687f2813f7ade07b4e2511611c62c7494ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "e2d3e1bd2dba862a1c76e2cc88ac1776"
age: 172694
cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
x-amz-version-id: 9bSL54EBoxaoAARqnLg2bUn5vMLmIfW0
x-cache: Miss from cloudfront
x-amz-cf-id: kYUgs6gfHq3voRax2EbQ6c1jdKTkZU7n725RxnjGkwcPwnN25zWfHg==
content-type: application/font-woff2
last-modified: Fri, 27 May 2022 11:14:17 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: XH4XNCD811RFWHD9
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
content-length: 30480
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: xQ+o6BLMoUNRXA5QIUnVKURlR6lQjXbLN8lvLqdc41K2MCMnKCjHWWNcjQLfIejj1POBNLvbIIM=
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 ed123fb341b4af39cf924aafa949d976.cloudfront.net (CloudFront)
cf-ray: 8f484c437f5eef29-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
x-amz-meta-created-unix-time-millis: 1653650056855

GET
H2 200 GraphikRegularWeb.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Regular/ 40 KB
42 KB 141ms
75ms Font
application/font-woff 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Regular/GraphikRegularWeb.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9a85e8c7b1ba0c225aec7ced73372fd08fba0bb37faa515a47008aceb550a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"fc1a5bae62a99fa59c23f0576cebae23"
age: 24240
cache-tag: F-74688947978,FD-74688893086,P-5765386,FLS-ALL
x-amz-version-id: 1UScc5WOOidn3hjYnkMBOExxdbhthO8_
x-cache: RefreshHit from cloudfront
x-amz-cf-id: uuUTxGJyxz3AG341pQuhZ0M5YBH6BbwrJ52ruHYPifumHZZ9bj9p6g==
content-type: application/font-woff
last-modified: Fri, 27 May 2022 11:14:18 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74688947978,FD-74688893086,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: DXH58FX009PKWRCK
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-74688947978,FD-74688893086,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: WG4cJSSzpLeTFn4Flt4Q5GSxb49oc7if+hp6kBclome+/EQMTbo8COoR3ZxLivXw5B14jqoQmjZ5UjNkBTdoUg9PppRYCm9q
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 d6a4f7a34966a5e0069bb151bf9adb7a.cloudfront.net (CloudFront)
cf-ray: 8f484c437f64ef29-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1653650057194

GET
H2 200 GraphikMediumWeb.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Medium/ 34 KB
35 KB 145ms
79ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Medium/GraphikMediumWeb.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc95b09fc339140c69c5136e815b78be4ef324669185635fc3aef462e8d7df83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "aa45b0c2aae2e5fe139bebd1dfdff19e"
age: 172694
cache-tag: F-74689121951,FD-74686513451,P-5765386,FLS-ALL
x-amz-version-id: nhNd1_3PHI0s79bODgTLIoIpudYFz6ze
x-cache: RefreshHit from cloudfront
x-amz-cf-id: s_wdzN-yUMULvQfhBRA1Ln3EveGsnSXlkGUfFHuki7TvO_1UPbvP7A==
content-type: application/font-woff2
last-modified: Fri, 27 May 2022 11:18:23 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74689121951,FD-74686513451,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: QYFNCNSQN64S8563
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-74689121951,FD-74686513451,P-5765386,FLS-ALL
content-length: 34712
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: rVVvVgCy0HKSgYlgHXnq9yoHBBCdDFoupzY+c5HTrp55u++PsWLzHFKqOPwVCEFxwjQh/qv3Vrk=
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 ab7ef1002486648bddb0e6bc684500bc.cloudfront.net (CloudFront)
cf-ray: 8f484c437f68ef29-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
x-amz-meta-created-unix-time-millis: 1653650302473

GET
H2 200 GraphikMediumWeb.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Medium/ 45 KB
46 KB 145ms
79ms Font
application/font-woff 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Medium/GraphikMediumWeb.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee453db69de2afe22f2abc664d11aa3b8720f3b24a8d82d2a1d2306be008e93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"fcffb480afa2b61f3e96a65a4371050c"
age: 1755149
cache-tag: F-74686513466,FD-74686513451,P-5765386,FLS-ALL
x-amz-version-id: rLgVVtHx16aoM4Ice3_nDtYzGojOWLuA
x-cache: Miss from cloudfront
x-amz-cf-id: lEdgrC45QVbS5WuO7u8PQRBG8QLAnfZQkiqP6cX29fRr9iUw3PeH7A==
content-type: application/font-woff
last-modified: Fri, 27 May 2022 11:18:23 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74686513466,FD-74686513451,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 1BTYMWSTKED5CWTT
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-74686513466,FD-74686513451,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: cT2jK4TEw2+hM4JFrwmXURMHItkOnx/zQFmZXM8y67nyxeq07LG2u3vuBfvhf6F2fSSm8DxL/EQ=
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 9a0da3962832290b2dd219763f12257a.cloudfront.net (CloudFront)
cf-ray: 8f484c439ff6ef29-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1653650302463

GET
H2 200 GraphikSemiboldWeb.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Semibold/ 34 KB
35 KB 166ms
100ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Semibold/GraphikSemiboldWeb.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a28d627f3677c456980de2b9026548c69a9f542993b2b5b6d8608882fe1e878

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "e13cf054833eb8ba8d3ffc1e1c2cb82e"
age: 2541623
cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
x-amz-version-id: E4J3u.P1u8zLJOqkt22N.5.YJpbVcz61
x-cache: RefreshHit from cloudfront
x-amz-cf-id: EZ35HU0vFLdIdZuhvLuRKv0blH5yYDazhv7YjBnAiVjWm7I8YL1gaQ==
content-type: application/font-woff2
last-modified: Fri, 27 May 2022 11:21:39 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: VSN6GY9FNRPE44QW
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
content-length: 34772
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: 6i/yxWvXuEkmSi+Howb0WCSIHE73zcG9RQELdAETq7hnCodP+iXpBjf/shhgEXQiONwlL4//bns=
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront)
cf-ray: 8f484c439ff4ef29-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1653650498635

GET
H2 200 GraphikSemiboldWeb.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Semibold/ 45 KB
46 KB 145ms
79ms Font
application/font-woff 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Semibold/GraphikSemiboldWeb.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90eefa1db290de170e8127aa6f3ad079f38762aa27b4c885670cf5d757c0f2fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"9f90b54a350e13f1a49e108263dc77fd"
age: 44750
cache-tag: F-74689122130,FD-74689122096,P-5765386,FLS-ALL
x-amz-version-id: Gi5MSgpYdkr_yWE00VeiwtpigLTzp4EV
x-cache: Miss from cloudfront
x-amz-cf-id: FcjqBI0nK8q5DLa54eOh05ipRw6tjdkGUpcBmON6eOgSsmNLsIrbFw==
content-type: application/font-woff
last-modified: Fri, 27 May 2022 11:21:39 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74689122130,FD-74689122096,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: ZY73HT0X5E0HG075
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-74689122130,FD-74689122096,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: utvy+8NqNc0F6aU3oxT81x6Yo0M8452lH1I4/R2aKXbf66o3cRKrl3N1mXUdgqtbD1cW7GYuKyG8O0hwXSNivTGyAYgnjqapyAmozo9vUdU=
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 7bf85fcd0812bc8811f794ae1fccfd96.cloudfront.net (CloudFront)
cf-ray: 8f484c437f6def29-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1653650498577

GET
H2 200 GraphikBoldWeb.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Bold/ 36 KB
37 KB 144ms
78ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Bold/GraphikBoldWeb.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424560f6d441470e553c5c2d0e31a7df189ddb73ea43d909714d57b16f024624

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "0fb4b480278277d351d7afefe46bf6e8"
age: 1791617
cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
x-amz-version-id: aqs.ab3Smnu9FGL_UhGDqku4oUVVMHEq
x-cache: RefreshHit from cloudfront
x-amz-cf-id: J8PEl4l4UaF_Gkerq-F4yUjsgGe4KigVTE40aZqBLkuFbQw5NZFSiQ==
content-type: application/font-woff2
last-modified: Fri, 27 May 2022 11:23:34 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: F0ZEG8E1TBFDY417
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
content-length: 37044
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: WJHyTcctnusAULWJRhxxdf9KxhX7fAXLtsMtLUGFrMJ2RTqs9NHvFxal+CibXCNKVNj7E5JXsjk=
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 812340d4e76cb03e2d09a3ae9f9fd8b8.cloudfront.net (CloudFront)
cf-ray: 8f484c437f6bef29-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1653650613120

GET
H2 200 GraphikBoldWeb.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Bold/ 48 KB
49 KB 145ms
79ms Font
application/font-woff 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Bold/GraphikBoldWeb.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef4bfee18eaf9bb02c3d3c93ce39551cff6effb9b29678a118c808b0b92489a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"911f0d5fac02bc40cd5381f22e2fcaba"
age: 1035071
cache-tag: F-74689255197,FD-74689491725,P-5765386,FLS-ALL
x-amz-version-id: S2hh5ffEdgyJNoO5lDEhL2UBGwqv.dRz
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 3Z4nCe1sg3jZ3jPJFZ65322ssjQ9ZD2aXaUEERit0haCa4GoYvEG7A==
content-type: application/font-woff
last-modified: Fri, 27 May 2022 11:23:34 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74689255197,FD-74689491725,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 8G4CCNYF9ZBKJRKT
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-74689255197,FD-74689491725,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: OPv9CcgSvQoTo5lUVXZsXWjEx4b1dkdHa7BqT5TXQd4fwygJ3SeCyk4v5gS9klb35MbjlXJNzjc=
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 f715245c12dc1f6bdadc387db50e442c.cloudfront.net (CloudFront)
cf-ray: 8f484c437f69ef29-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1653650613108

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 131ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 15:06:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 19 Dec 2024 13:27:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 main.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/113858768455/1734155572394/Hunters_Theme_May_2023/css/ 163 KB
38 KB 99ms
97ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/113858768455/1734155572394/Hunters_Theme_May_2023/css/main.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df553eea2266c21f18c21943acbd3e86a10b848fc2903849ab9360c2492648a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: f40e9e71-07b1-428f-9526-ad92d04dd64a
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a626ed3c18a89e5d14a92e164ad85625"
age: 1549
x-amz-version-id: YqU8rw4A5Zermkmp2UefY6_CuN8Ia1V8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilvBNiH2q6huF%2F3Q9eriGDRkKVe5V36817JdshClmyajBlGwOr8kex%2FxwtCdHSmswc%2BreuJPjtNSwy7TRbTwTMdfP%2F6saVIaJmqUYC2faK%2F4sEopXk8J2BgsJNIPj10gxTZMg9zg"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: pkZLSRUPc5bEkVzOlB3Nq0YSyV4oY1Agm4cchZ_cIwkATkPpshzQSA==
x-hubspot-correlation-id: f40e9e71-07b1-428f-9526-ad92d04dd64a
content-type: text/css
last-modified: Sat, 14 Dec 2024 05:52:54 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: PENDING
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-rwc79
x-envoy-upstream-service-time: 263
x-amz-request-id: Q2T4M60GEKFYJ5SD
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: YZbtY4Q6xOJcx12SqoY0vgR/nnBzZm0E0aj8HXBND6iS5I55VWqWi//eE5KeX6VuBvMmGhBRAHs=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 c6b0d1d85b2590c57ac754bf9e61944e.cloudfront.net (CloudFront)
cf-ray: 8f484c43189e88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1734155573696

GET
H2 200 aos.css
www.unpkg.com/aos@2.3.1/dist/ 25 KB
4 KB 110ms
44ms Stylesheet
text/css 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
age: 23524195
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01HSJMWAW7RMV2VA9FMYK8M07X-lhr
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8f484c437a179487-LHR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 slick-theme.css
www.hunters.security/hubfs/Theme%20-%202022/Coded_file/ 4 KB
2 KB 88ms
87ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/Theme%20-%202022/Coded_file/slick-theme.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

238b1cf831e99615cf4d403ccdecbc5a3a615f2f0f8e92179cc69f9ec7d60b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"ac139110825d34d1df5de4182f5faa12"
age: 123526
cache-tag: F-69248747294,FD-69248485214,P-5765386,FLS-ALL
x-amz-version-id: z1bsZX54c1Duha0qf2GLwEA1Ju475_Hl
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHC9iKNECdAIbJLOIOmTUMXjNZKzJNWGt072EZGAH9tJws4Qz0q9mcj8RBkAIoO0%2B7m0H01dvtHxOUTm9SIOpekhLheaB9322DaeNjQvxglL9BZF83cdDTwWh3zwuNLSiX7iRXxw"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: EkK5WxtZIutUNmYKV1NC6bXzvTWNXhgJVbvonfe1UfyPfir__sDv8A==
content-type: text/css
last-modified: Wed, 06 Apr 2022 12:25:58 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-69248747294,FD-69248485214,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: DVCS24W3SH6KF4BQ
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-69248747294,FD-69248485214,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: joIroczIoP58xCmPloJ9ZJSxel2LEp9tlEHwnTRWxapwaC3s1tlIb1ABox6GErIwnQUc9TPiMlI=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 31cf11cd322ac54e38d4a43fe3a12f04.cloudfront.net (CloudFront)
cf-ray: 8f484c43189f88b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
x-amz-meta-created-unix-time-millis: 1648029640205

GET
H3 200 easy-responsive-tabs.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114002466428/1688126129748/Hunters_Theme_May_2023/css/ 3 KB
2 KB 71ms
70ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114002466428/1688126129748/Hunters_Theme_May_2023/css/easy-responsive-tabs.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10dc028779c21e5b3f1bc41e19eaccdca81a38e53e7712439d271ceb6174f534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 7736c5ba-31b6-4cfc-b5a2-d47d2664a588
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9b3e369494f25ea9c18f4f72ef2213ec"
age: 1549
x-amz-version-id: BY9GNWlAAug9FlkNRr2aEQugpO0wA3Rx
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RIwBtDT1i97nBsKENyCXyYaWukEB9%2BqZOf3unNBmwIIDeXsXrMcUCyaBuIGoNoWA8JraXPSI0ET5SSStCIOAhA8s5IAYPtCBKLbIyHzqe6fyXCiXFU1CVEsIDj3Owpgw%2FOovvIyQ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: loEqDnEnoRyvRqZxFD3N4l_-eNjCZF1Bfe71gTPD2knjv5ykLw4Fbw==
x-hubspot-correlation-id: 7736c5ba-31b6-4cfc-b5a2-d47d2664a588
content-type: text/css
last-modified: Fri, 30 Jun 2023 11:55:31 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-s5c5z
x-envoy-upstream-service-time: 189
x-amz-request-id: XRNKFT09K71HBYR1
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: ahmzyRvA/n/2Asn3lv2QodsXNLZBkRuaRN841CGhg58xu2pMqlyF4tvwnZgqNNpPzX3M4+AKQuI=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
cf-ray: 8f484c4318a088b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1688126130469

GET
H3 200 prism.css
www.hunters.security/hubfs/hunters_theme_files/coded_files/ 6 KB
4 KB 88ms
87ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/hunters_theme_files/coded_files/prism.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f352a7de3dda4ecc29be98eaf8ecf19731d7d68038058f5568e3117228b9a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"3dd7dff137c510bff50522c86539bb99"
age: 107498
cache-tag: F-176294964336,FD-176294964329,P-5765386,FLS-ALL
x-amz-version-id: oAon8SFHzDJTzJyzo0pdwPdI3oMcMiGJ
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ao9Vf4peIDKr09EXF3TCnLyQHDb4EoCSl7f4ZV9MJMiNNJPwOHfdpk6k3ZWS%2BpcD2Yi%2FbbqlHMVkRWWnKYkgDlYiqWwM2a%2FZ4Zy95LIImMc5gvV3murSppcA%2FhXY%2FSxGlueb2M8j"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: KjBuiuZm9wJG5PEcbw0gbodMeLXrZvx1dTRHTRBI7vHg3XNaCfWlmg==
content-type: text/css
last-modified: Wed, 21 Aug 2024 20:09:19 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-176294964336,FD-176294964329,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 4CMW2AN1AYQ2HCQC
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-176294964336,FD-176294964329,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: DTkRcV2m6I3tAsoK/DTYQMuHLSD/gPXZ+4FZ5zJCXv8z7Zi90zJrXLfmgTQnMWEyf4kq7hCI3k8=
strict-transport-security: max-age=31536000
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 31cf11cd322ac54e38d4a43fe3a12f04.cloudfront.net (CloudFront)
cf-ray: 8f484c4318a188b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
x-amz-meta-created-unix-time-millis: 1724270958871

GET
H3 200 slick.css
www.hunters.security/hubfs/Theme%20-%202022/Coded_file/ 2 KB
2 KB 92ms
91ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/Theme%20-%202022/Coded_file/slick.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"f38b2db10e01b1572732a3191d538707"
age: 123526
cache-tag: F-69248658105,FD-69248485214,P-5765386,FLS-ALL
x-amz-version-id: lv8LwiVh7O8FnrKTBtURlNZDqFrl1rNS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQQZuLhmkMVMAZqV8ZSkb%2BiBNGpwkKyF5k5IK3sJ147ADbYzCQI4SrEv0Z26pR%2Bbe7qOsZtd7BkdXu%2FsG1vDZG8PtuVjYAeDSFXSfZCC9Ls%2BTfYOM7MchQDjuk8KIstymc7j%2BiLg"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: PKnePw1PQgO8EzyhPbi3S2xRAXf6aB34EgLcHsOf-wuMNy3W4URXyw==
content-type: text/css
last-modified: Wed, 23 Mar 2022 10:00:41 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-69248658105,FD-69248485214,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 7CMVWT99B5X6Q5GV
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-69248658105,FD-69248485214,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: shavaN1GD6NNoAerypSRwmLZ8wqsKEZfi12dn+2hStT9tz3wvkoL+eyr9OENCcs27AJbIsYL0mQ=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 5a948164a34f285fa1979922c2fc8786.cloudfront.net (CloudFront)
cf-ray: 8f484c4318a388b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: MAN51-P4
x-amz-meta-created-unix-time-millis: 1648029640205

GET
H3 200 jquery-1.11.2.js Show response
www.hunters.security/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
33 KB 129ms
127ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
age: 1601345
x-amz-version-id: null
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eE5NlOtOTQMU%2F0p2kD1OFCwFnMF4HGhSo0f3IDJ1Bn6Q9Ysg0vketCWhywrqBjFGOwncpU6ARPBegoa%2Fx0QpEOZFnZvjBPIDdFUVr7z%2BlPPeVZFOXkzH0AgbJGTjIeE02Yo49YQN"}],"group":"cf-nel","max_age":604800}
expires: Fri, 19 Dec 2025 15:06:40 GMT
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: SjiFOVX5wzZF7-__p4h0tcRYY5uExi7Kdl1_qkd1ctvbmvYWmsK6ag==
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: application/javascript
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
vary: accept-encoding
priority: u=1,i=?0
server-timing: cfExtPri
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 403878b7454f6fe706d117ca3ebbd716.cloudfront.net (CloudFront)
cf-ray: 8f484c4318a488b5-LHR
x-amz-cf-pop: LHR50-P6
server: cloudflare

GET
H3 200 jquery-migrate-1.2.1.js Show response
www.hunters.security/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/ 7 KB
4 KB 68ms
67ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/jquery-migrate-1.2.1.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"eb05d8d73b5b13d8d84308a4751ece96"
age: 1689579
x-amz-version-id: null
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hwvDKVEpFgUMU%2Bl3AaEUQybuY%2FcX47Eca4G5V6h5PoVQvl%2FBoRfNuArQQa%2F0XAwPWDWJsdxHaHGOzCuQfa2dhRDpDjghL%2FZFeUHg57djrtj9turSI7MqkK5jaxALcPJWBaqw4mnp"}],"group":"cf-nel","max_age":604800}
expires: Fri, 19 Dec 2025 15:06:40 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: AKonbUcLKOa5EwWXbS5gG6BJgupjhO8oHR1g5lFxbFrmLMjgix_8fQ==
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: application/javascript
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
vary: accept-encoding
priority: u=1,i=?0
server-timing: cfExtPri
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 34214b9a4887c1cdb1a08c4e2e17bcfc.cloudfront.net (CloudFront)
cf-ray: 8f484c4318a688b5-LHR
x-amz-cf-pop: LHR50-P6
server: cloudflare

GET
H3 200 blog.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/133487975192/1725515743800/Hunters_Theme_May_2023/css/ 32 KB
9 KB 73ms
72ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/133487975192/1725515743800/Hunters_Theme_May_2023/css/blog.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f6f9f7221a54fc4900e4ed44711c25b3370354baf336529033882586d75152c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 942660aa-ed56-45c5-8c66-90d01643cc47
content-encoding: gzip
cf-cache-status: HIT
etag: W/"7fe698814a172c18a2c5ba080260505c"
age: 2981
x-amz-version-id: BOWJ5B2WfnjK5WqpTgULzR0J2MoyWeP_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8eDkP227suxZ2N%2FFzAa%2FUlIYItpQgvDugCNhMgnsd4avNGQZAG7DcPUHMyrb%2B4ol5rjC2KG77kxV%2FDMq4VKwGHG7Jxg63uTMLhNWkSfmdwvduTV0qQLpnTPw%2FDJhAqG2r8Eynyyc"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: Hqh8k6glTshW3N3L4-XZeZWCxFLO86Qqbhgrmfoy-wh_k2i5dNxBdA==
x-hubspot-correlation-id: 942660aa-ed56-45c5-8c66-90d01643cc47
content-type: text/css
last-modified: Thu, 05 Sep 2024 05:55:44 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54797cf595-k2wrb
x-envoy-upstream-service-time: 207
x-amz-request-id: 9NK1G1VSKWYJ3P55
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: wauFmkYyFuCg8UqwCT+MJK7ohDtLHI1y9GFRBJG8jQCexp4pQzbUZYx2s8LJJAan2iajTwMs1o0=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
cf-ray: 8f484c4318a988b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1725515743800

GET
H3 200 magnific-popup.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/130719549746/1693291612591/Hunters_Theme_May_2023/css/ 5 KB
3 KB 62ms
61ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/130719549746/1693291612591/Hunters_Theme_May_2023/css/magnific-popup.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 29e3a6eb-e5b7-4f3b-8bba-e26fabd57770
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64912a79884a20761ab19de42f85218c"
age: 1549
x-amz-version-id: Xjt7jqVG9NhQHsz_IZzhHZq6jRGc4F63
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeR3TqYKe0D%2BGptF9GWMUHM6%2B2Jn6sGyCEftRqDnGFUwRgFoUUtBqYAvJbunOO7twWLqtVvjgEP%2F8wkEeaZzSAqaYvHDEoHHiIFbBGd%2BiKv7totK%2FjK9V1JkTVmolZ0OfMiF%2BQ1M"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: oitlfYa3kw5kAir-b2OOAdFTYCHH15pMb3wQkWNr678VRrI6C2Rwsg==
x-hubspot-correlation-id: 29e3a6eb-e5b7-4f3b-8bba-e26fabd57770
content-type: text/css
last-modified: Tue, 29 Aug 2023 06:46:53 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-twx7j
x-envoy-upstream-service-time: 400
x-amz-request-id: XRNX6AZAD5C38JK3
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: j23J61UfFgWZw1XHPHtalHDohzr0Mslcgi8wuOWI+YR2PyrOoYDMemuHnQnoVSj6N8Mknfa9Kvg=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 eb9a7c491927f70f3921f0803caae61c.cloudfront.net (CloudFront)
cf-ray: 8f484c4318aa88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1693291612591

GET
H3 200 easy-responsive-tabs.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114002466428/1693291614672/Hunters_Theme_May_2023/css/ 3 KB
2 KB 88ms
87ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114002466428/1693291614672/Hunters_Theme_May_2023/css/easy-responsive-tabs.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10dc028779c21e5b3f1bc41e19eaccdca81a38e53e7712439d271ceb6174f534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 3d7f7403-5bfe-4b24-8dfa-8c32e975095d
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9b3e369494f25ea9c18f4f72ef2213ec"
age: 1945
x-amz-version-id: WRfDjq3ykki5RbUHXjGTj2jUB4D3Ghw8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2B4llO7yvAY%2BjasLwT18PHZfUMd0Bhf%2FBny3amc7P1YaqplVHXOF2w5iuPjOZ9e39dVkscVuF2Diu79M9qvu5ig0VaOzt3%2B0Ksposwinj3HC%2BN9cPe1No%2F6TRUmin%2FY1NCmThVrr"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 2nvkULdWOO3fWeTmNfcdFKctBtC_R7UihfhrQfoMHY4wQt-hUwRSfA==
x-hubspot-correlation-id: 3d7f7403-5bfe-4b24-8dfa-8c32e975095d
content-type: text/css
last-modified: Tue, 29 Aug 2023 06:46:56 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-plw7m
x-envoy-upstream-service-time: 244
x-amz-request-id: JBJ16DVN53WMK1K0
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: rH5WRFgvRVs5rsfalnha5Z3HY3FFJunIn7Xip3oBcxq/Krheo7/o/ghTfIubCiflLgcHYl/MI4oa8BcUzWcAwAX/1/gPsl/H
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
cf-ray: 8f484c4318ab88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1693291615367

GET
H3 200 style.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127041525412/1728555178550/Hunters_Theme_May_2023/css/ 104 KB
24 KB 94ms
93ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127041525412/1728555178550/Hunters_Theme_May_2023/css/style.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e639f213682c84c7ed4da94c224b65a4cfa532975476b44d6b3d22ae0ef8afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 0799ad63-8877-4245-a935-23e9b79b94fe
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3f0e6ccb2f417c511a3bf11d7ae9598f"
age: 3504
x-amz-version-id: lCcO0jaM1q_hQTtMrlUAIh_oSgGTbYQJ
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IYINOEp26juXwVl9a%2BJRzLUEJl0hOJWh6uJ14ARiJDnHfsIuXZky%2FI%2F3tnyxdNtk%2B0RLYbMah%2ByxCLIneUYJQSfddVPtA8JT7SW7xoY8Q5apqzA5m4XuXfzhH6e8WsrTatkh4Uxw"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: XYvmI1gLzlMM2wp565k7bKmbZkmga1VGwdoi-KvVqAPLMpqF-EkRhA==
x-hubspot-correlation-id: 0799ad63-8877-4245-a935-23e9b79b94fe
content-type: text/css
last-modified: Thu, 10 Oct 2024 10:13:00 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-qctxm
x-envoy-upstream-service-time: 266
x-amz-request-id: MB47M0XKNPQK7532
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: jLvFEj006gqpTEBFyKpOFysK9+42nEX5umt+pBzHrivYdl2TeEiC03q+EkSY7t6ebgXB/uk071eydJg6KS0n0Ku5z4vQfoWl
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront)
cf-ray: 8f484c4318ac88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1728555179664

GET
H3 200 additional_style.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127040996237/1704720085106/Hunters_Theme_May_2023/css/ 34 KB
8 KB 93ms
93ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127040996237/1704720085106/Hunters_Theme_May_2023/css/additional_style.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24af0aa554afc559dd1f59f21a2cb05e7fc668adced9605b05f5807df02585e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 5e85986b-cd96-4a6b-a272-cc5660686df7
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1a4540ab849cb164a15d24bd841a965f"
age: 1549
x-amz-version-id: _j1ADJ6juhLyBYdBUKdlkTK.32G8Aa2B
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nQueZtPRX6SB1JOBcqCDFlM31iaUTcPV8NYydXglRc%2BdEAHVv6tfPzCOFf9yLbXkgtkN9l9cKz6l5%2BL6Pp1BTruTTlSpKB7WPhSDOLFlAkXV7mvRfAFGpFgej6ZJRL0UDvEKbaN"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: Uzajtv1q08xlXoYgLiLWOVrsBuLdhcu-yXZlHqRtb5pNeRjzOpw9QQ==
x-hubspot-correlation-id: 5e85986b-cd96-4a6b-a272-cc5660686df7
content-type: text/css
last-modified: Mon, 08 Jan 2024 13:21:27 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-dcvwg
x-envoy-upstream-service-time: 192
x-amz-request-id: A3DGKZH0TRJ51Y86
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: XtipC8jGSMdWF4IBy7yb8rBwgz+Wwnm1j4yhSuV7y3QlBbNuIkrVrRIDzW3Z0cQs9dgdVdYyUwg=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 6b7e1e42d74fd61097787cc6c1a37c34.cloudfront.net (CloudFront)
cf-ray: 8f484c4318ae88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1704720086029

GET
H3 200 theme-overrides.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/113858809947/1693977471236/Hunters_Theme_May_2023/css/ 13 KB
4 KB 124ms
123ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/113858809947/1693977471236/Hunters_Theme_May_2023/css/theme-overrides.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1d913f0ef5cc8fd8d0c483772f5d511071ccc1d441f64292fb7659616f5b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 1268ed44-2d70-4e6b-b71c-213cbe314d05
content-encoding: gzip
cf-cache-status: HIT
etag: W/"55ca2988b2dcdc64c0d28ce220832d86"
age: 3504
x-amz-version-id: MwZEdO.RtzwbqpCFNnZDvkHS1VL3JhKQ
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxDBU9j%2ByLYBFRdNjoOoVNtKvrvFvNZsUqdzwRxQbC4eGLd%2F6qb1k8MQjJmYLlh2I4piJEs6yoiapk5yerr5ywBTui9oFSv0HRNXoHxF9fc88%2FAyAfgINXRmLvFLmx0VfCGrefjC"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: QiWI1vnu2jbaEErC13LqxiMt7-8SVya3oQPk283ANj_e8AoYBad2pw==
x-hubspot-correlation-id: 1268ed44-2d70-4e6b-b71c-213cbe314d05
content-type: text/css
last-modified: Wed, 06 Sep 2023 05:17:52 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6548769dcd-4zfkh
x-envoy-upstream-service-time: 203
x-amz-request-id: 7MD85HV0KBFCJ0WC
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: vFOuf1MmsPRaq3CyDLetAjHJl13Rc5wj10VU8CnzOgQozGmUUhkwkc/e0+oCBwcT6EZAWlciPoE=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 e32f3698b8d39139f138de8a86d00996.cloudfront.net (CloudFront)
cf-ray: 8f484c4318af88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1693977471960

GET
H3 200 module_177021600416_Blog_Table_of_Content_Sidebar.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/module_assets/177021600416/1725602140791/ 2 KB
2 KB 124ms
124ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/module_assets/177021600416/1725602140791/module_177021600416_Blog_Table_of_Content_Sidebar.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c55b14508fa6bc876713dc6ca5b0cdd84333a1294b12d9ccff89d3784e4259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: c0f41925-78f2-442f-97e0-5f79bcdebef7
content-encoding: gzip
cf-cache-status: HIT
etag: W/"b7cf312d99a3fc2fc8be3c954b38366d"
age: 2980
x-amz-version-id: hV5liPpT6zRMd22GBmtfRRZZhKsfBRQ7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKP6GxRugUZ1THoT1kpirZBgJp8xBvDcGDDw%2Fi0ugMWA2gQgvR6aNSXJeCauSwqjj1DPiukQTegZZDslDGPXI8s4p%2BQavQaVbc%2BqsXISsKHEOTgwN04VXw%2BvM427URzxPXfr6K2O"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: K6_B-rAslqpacLK0C87sJIWVG2CCFNygEVY4Q_jR5xZjucy-wpwNmQ==
x-hubspot-correlation-id: c0f41925-78f2-442f-97e0-5f79bcdebef7
content-type: text/css
last-modified: Fri, 06 Sep 2024 05:55:41 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-knhs5
x-envoy-upstream-service-time: 510
x-amz-request-id: 0TM2H8NSRM556MSW
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: YNFr1cdmBdVW8kVSFrato69A9ihz6Prpsnejbf8QYFpp3uxWfiPs95mcoAAtsaTXBtQ/eBdTr5g=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
cf-ray: 8f484c4318b188b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1725602140791

GET
H3 200 module_127063834721_related-post-listing-blog.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/module_assets/127063834721/1734410769691/ 1 KB
2 KB 72ms
71ms Stylesheet
text/css 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/module_assets/127063834721/1734410769691/module_127063834721_related-post-listing-blog.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65e8891f4b378dab5c0bf39bf40aa2d96bccae5f04c5458ea7dfc64eb630d986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: d1eca67f-947f-401d-b28b-acf7f76de2c5
content-encoding: gzip
cf-cache-status: HIT
etag: W/"193ca0a3443917b9a672dfa5ab07d7d9"
age: 2980
x-amz-version-id: q1GWrl9SMVHgJkbwCCHH4fK4gvA4inMH
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uyk%2FHlr81dITRV6Q6hGxPwu625a%2BWOF%2FIn7aVWSrNd2qr3Xryw%2F0fZvi2L7ViMHcDOMX21M8u%2F3%2BJ5j%2Fj%2BsPAvGar%2BIMHsGDMpXB0K3sMXUEmGp3vfKsCdYbLLlbYUiAancsLC%2B0"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: ZghiuigQ1HAvKj2_vzD8-F_9kfy_00bL8gsFmusvMyi6V2a3APGMDA==
x-hubspot-correlation-id: d1eca67f-947f-401d-b28b-acf7f76de2c5
content-type: text/css
last-modified: Tue, 17 Dec 2024 04:46:10 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-replication-status: PENDING
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-rwc79
x-envoy-upstream-service-time: 156
x-amz-request-id: 22K407FVCKFXSAPW
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: MpNQ61a/kCCt7NmAFzLajsepL1b6GjVA/6GOekH9lxvJDojqGg4Bv98/1xmWrRuy0uXOKpMVbEE=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront)
cf-ray: 8f484c4318b288b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1734410769691

GET
H2 200 in.js Show response
platform.linkedin.com/ 511 KB
160 KB 201ms
41ms Script
text/javascript 2a02:26f0:480:15::213:7e4a
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Play /

Resource Hash

f8ba39324d5f993de36bad6333e225beaedc14453f0becb53f02fe917339d670

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-li-pop: prod-lva1-x
cache-control: public, max-age=3600
content-encoding: gzip
x-cdn: AKAM
x-li-fabric: prod-lva1
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 15:31:51 GMT
x-li-uuid: AAYpoGQge1Qn9M/KA8w9Bw==
x-li-proto: http/1.1
content-length: 163881
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: Play
x-cdn-client-ip-version: IPV6

GET
H3 200 black-logo.svg
www.hunters.security/hubfs/Imported%20images/ 2 KB
2 KB 103ms
102ms Image
image/svg+xml 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/Imported%20images/black-logo.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

368406900c890220c314afd610820f1e635e69e4d3e0275ec060057865f563c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"88d1cec7ef908496d2e8aa6c03895c82"
age: 107497
cache-tag: F-71680581388,FD-36925193306,P-5765386,FLS-ALL
x-amz-version-id: VnnFkSmT.uR334htBJTUR8Yrxz9yrp6X
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0ewq24XyWM9WylhDvJ1M%2F1wiD2eU1FybXD5RwgpGD1f2RAY4IwTPXJwTv%2F1IL8UxsfI9Ma%2FNhk7EmSmt8LSebnZy78F314B77MYvWVXGZ6H9ZbSFbDdJv6EXMNdb8%2B9yvjot%2F5J"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 6Kj6lWQYrmI-GIYMeVpX_XJxXvcBQ6b8ymHbCVhEbWff7gOJBsFULw==
content-type: image/svg+xml
last-modified: Fri, 22 Apr 2022 05:21:19 GMT
priority: u=3,i
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-71680581388,FD-36925193306,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: YZ2XMDJ5Z3P79F4Z
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-71680581388,FD-36925193306,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: ASUMeci4rvdFI+d6UzoLXb6z0ENzrZwejQcZFxKMHbZUEL9mSBDLJuk5lbmo0LPCqXd9PIXJy0Cp3gkfrqgtlBsGTXWScITJ
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 c709dd795eaea0aaf9c63cb64d7e891e.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa7088b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
x-amz-meta-created-unix-time-millis: 1650604878426

GET
H3 200 2.05-1200x800-Hunters-JFM-263107%20%281%29.jpg
www.hunters.security/hubfs/ 91 KB
92 KB 121ms
120ms Image
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/2.05-1200x800-Hunters-JFM-263107%20%281%29.jpg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47e702b68f7a9e3e4d49a10288dd9b64e541fb9b3a4c65958154dd6212c0dfad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "1e740a147bb0f5e8b83c6662ee36f637"
age: 120797
cache-tag: F-182363204712,P-5765386,FLS-ALL
x-amz-version-id: rBxrbpjLQQYY43U4T8NlQDAiiw8IbKcJ
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHRV4klIaWk%2BJP9YcmxmdQJN07JiNK3Dy3Fkf%2BfthVypN76uCp4zF2LbOC9Ta1hmryL26znl4nSKsJy5T6Jdf71vF3gQRU6U%2FvMqtxxmpBElfYz6MB3NliCxxT1CGJSRhYuBytOj"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: cU5IqTvexUmETgbD30_SM8KjEWsGlId5hllX8v_b1Vj1q4PD_G_bcA==
content-type: image/webp
content-disposition: inline; filename="2.webp"
last-modified: Mon, 04 Nov 2024 17:14:44 GMT
priority: u=2,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-182363204712,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: JNQ6J129S6YJ8QCA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-182363204712,P-5765386,FLS-ALL
content-length: 92802
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: qual=85, origFmt=jpeg, origSize=369772
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: ilXDvLDzK4EwUFmg2F46hTGx6xiTrgRwpCliTRNNJrjdFlNd29bhMx34891lR708nJ31Bs3FnfM=
strict-transport-security: max-age=31536000
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 2c3b8214b514de8248130ac0902d159e.cloudfront.net (CloudFront)
cf-ray: 8f484c4338c588b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: DUB56-P2
x-amz-meta-created-unix-time-millis: 1730740483703

GET
H3 200 Detect%20and%20Investigate%20Threats%20in%20Snowflake%20%282%29.jpg
www.hunters.security/hubfs/ 31 KB
32 KB 121ms
121ms Image
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/Detect%20and%20Investigate%20Threats%20in%20Snowflake%20%282%29.jpg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e83074dd815b9adf43a1ca073b8dc0bc6eeccb0f9c008f3a06d20dec5f335d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "66ed83a351c121127084476f9674b6d0"
age: 52268
cache-tag: F-179140737673,P-5765386,FLS-ALL
x-amz-version-id: Maw0BuDHzbRRELulH0YPDGOu5COlFzpu
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NC9cbnkYq0RfkranszBeB9dTmgdqBgU8u%2FJbaZo0SXQFkeIFsxm4InapMoo7tnBBvPSgsOQKf6l5EtJj%2BvGn9vvDkSAtaXOM0vmskMrYwvYvRM0mXWo%2FdTFnoyn8biEsCcxnYth9"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 6LrEtklCzbR5hFftWLpn6EKIBM4x0zx6r7YJhVX4rxrSoG4hqd4heQ==
content-type: image/webp
content-disposition: inline; filename="Detect%20and%20Investigate%20Threats%20in%20Snowflake%20%282%29.webp"
last-modified: Sun, 22 Sep 2024 12:00:20 GMT
priority: u=2,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-179140737673,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: T9G7T25HWVC2FMZ6
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-179140737673,P-5765386,FLS-ALL
content-length: 31702
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: qual=85, origFmt=jpeg, origSize=169098
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: 4Uc8M30m4Fm5qdF2zxKPCI3ngQlcVSHOYCLMSmH0wb6nBsqU8I9qdOHMhAdowtR6QW0Pgbx0QZo=
strict-transport-security: max-age=31536000
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 13381fd50efa5561b2ef8fff32bb471a.cloudfront.net (CloudFront)
cf-ray: 8f484c4338c888b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1727006419050

GET
H3 200 Featured%20images%20%289%29.png
www.hunters.security/hubfs/ 195 KB
197 KB 62ms
62ms Image
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/Featured%20images%20%289%29.png

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c23c888b01855d9310b1a569def2623503bcc2a81327955f0a824c6f722b278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "2ac3620fd903a59ff0b19fe172b6087d"
age: 106331
cache-tag: F-164070765938,P-5765386,FLS-ALL
x-amz-version-id: IaNtUqfmHGRaI2nvOMBv6G5rNRuIfCwI
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hjc4Ile8%2Bvfv4%2BPtTWZxOpIxJEbnhu4Z8SJkEPG7B2GQyootIBft30Flj1%2FMNzAhdkoQIa85N6cN4X71Hqe6rjtTc1h7yaLDt7cX%2FLRe3kPpo8pwEhICwwsqBST1pxCFmnbgjymr"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: cUgq6UBHPR8WQTyzhaRoV2fbZzTPUZWn6SCRyGqQz5bZ1qb9OwH2Yg==
content-type: image/webp
content-disposition: inline; filename="Featured%20images%20%289%29.webp"
last-modified: Wed, 10 Apr 2024 18:41:29 GMT
priority: u=2,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-164070765938,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: KJRQE4QZJQJ7MC62
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-164070765938,P-5765386,FLS-ALL
content-length: 200090
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origFmt=png, origSize=298563
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: Cy7irFRod1Kvr5VU6mkJv7q97hpHg1JcDr0CaYpnVonF4ZJ32Zvamhf1An65dIF76wEr07vy2yLnclXrpNmBJA==
strict-transport-security: max-age=31536000
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 b65847a7ad45381be5cfdaa6e8987064.cloudfront.net (CloudFront)
cf-ray: 8f484c44098188b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
x-amz-meta-created-unix-time-millis: 1712774488375

GET
H3 200 magic-mouse.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882284593/1693291612618/Hunters_Theme_May_2023/js/ 7 KB
4 KB 84ms
84ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882284593/1693291612618/Hunters_Theme_May_2023/js/magic-mouse.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f0116d893ce32487b8b683a408b135c15809c7e1b3d8d26bdb5889126f2077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: c0a5d255-92ba-4273-9384-11c7da4eb51c
content-encoding: br
cf-cache-status: HIT
etag: W/"54c961291b27575b217ab9dc804ff844"
age: 426
x-amz-version-id: nkLfko.VU99ei9urIHGN_QjnPno3EX44
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUD2r8JesSP4stu2bP%2F4lMmjhMOHcwEKTvllyPyG%2FV7xiATGIx20egk4TJDPucnv7k4csS8tZb9GvBdZ9K3FWqwLsMump65VIS%2FwHGyrQfTdreLa2zwjOlVtItgQPl9BSKESctkV"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: RWXQ4ZrYk6i8uZsvBsrI50dtmThpANuhJ1BXClbpxw9Dwd54w_iINQ==
x-hubspot-correlation-id: c0a5d255-92ba-4273-9384-11c7da4eb51c
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:46:53 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-k2svz
x-envoy-upstream-service-time: 202
x-amz-request-id: V6TC9SGH1RJX9VS3
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: 0UTe/oVL3V7q8XYB+CgZacSFIwuWgrWh3I6GbikeZKRWvdeLzjMRbJAMrLrJRMoqjc7g547hMhQ=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 5eb5e19c1a78889d10ff38f1551ed2aa.cloudfront.net (CloudFront)
cf-ray: 8f484c44198988b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1693291612886

GET
H3 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 20 KB
7 KB 70ms
41ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ed4-4ef8"
age: 569670
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5Z5fhWitEnbnRvGbEQmTrrWhOB7nJLEv0RKjNN%2BKZ2kLlbP7gkVuijOED9BK4SxQxSsneRSlKa7bc1%2BCaUNn5H2NUJesLWiFF7iL8PWEaVfY2CKOHdtX4TfMVxhxody8WOs01wm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 09 Dec 2025 15:06:40 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:12:04 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f484c44ca966355-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6546
server: cloudflare

GET a076d05399.js
kit.fontawesome.com/ 0
0

GET
H3 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
4 KB 44ms
43ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03f26-2b4c"
age: 56117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83AOqU1OIoPJvY9PNFI2Dhnk85ppYRWPK4rDKuWu6RCo2xfXhZb2aGE5MJ%2B9yGPDpmlz23HA4PgzDvObJ9ul8RJTLBFSTeglAhNY9qvyfA7a503PxPYH42xfO9G6frIa3CToKD0r"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 09 Dec 2025 15:06:40 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:13:26 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f484c44fac26355-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3980
server: cloudflare

GET
H3 200 prism-sql.min.js Show response
cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/ 3 KB
2 KB 42ms
40ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-sql.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fc5f8ce69950ec73adc972f061df42aaea78faa4864709134ea2adc083f3a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "625c25f1-651"
age: 2562323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=upoIxqI165mF6CXdi%2FUuH5t1MFeiPi2sIXrMCt8i3Z%2BONuREpQiNSjyIC7rJXWSdRVVyX8PlhdErMHIMnBkNSwyo%2BJslb8e2AaXcI2aR4VJz7V9f4dyPFSRF9o5K%2F1GwSSFDJ6yd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 09 Dec 2025 15:06:40 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 17 Apr 2022 14:36:33 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f484c44fac66355-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1617
server: cloudflare

GET
H3 200 Owl-carousel.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114356373127/1693291620234/Hunters_Theme_May_2023/js/ 40 KB
12 KB 83ms
81ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114356373127/1693291620234/Hunters_Theme_May_2023/js/Owl-carousel.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc507001be80bda64a1378c7f6edce7a6fe445dd6712c4eeaed70db462a7e934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 6ad9e6ca-6e0a-427d-846b-20f99750ac87
content-encoding: br
cf-cache-status: HIT
etag: W/"b563bf018685e7895cfd162d6dffaf88"
age: 1549
x-amz-version-id: v7yQPkPfKxlswQf6LteLuXRiDwl435C8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zdNnOxhRp88sA7xQuA92yq9J%2FKaHVA%2FF1FaxLZ21vPOJGlv%2FZ3XlZaGOeeITwMDw8w%2BSlCZ1WfQwWhuu2Pqcp1PmMaU35ZsumkO9%2FNlPRg5gO5gx6AdHQxUNLq5aRdTXh55ZvDX%2F"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: ChmQwZsQLJ-rvVgC3v5qLez3XGfVpQ3It6HoaFcKkUmdXoqPlYtwTw==
x-hubspot-correlation-id: 6ad9e6ca-6e0a-427d-846b-20f99750ac87
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:47:01 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6548769dcd-8sfnt
x-envoy-upstream-service-time: 198
x-amz-request-id: 3KJZFJ5T1SFDZHYJ
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: gjRTN6YX0n+tjy+niI8Hq1f8NV4oCzAjJ3FU1yp2P6/c28QyIO6nNp0l1aBolfIYnCnGEZgTJu4=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 e21deb2f30f16d84eb8e8fda826091d4.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa5988b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1693291620646

GET
H3 200 magnific-popup.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662486200/1693291616579/Hunters_Theme_May_2023/js/js_plugins/ 20 KB
9 KB 80ms
78ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662486200/1693291616579/Hunters_Theme_May_2023/js/js_plugins/magnific-popup.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 3cbbf4ce-2f41-457e-9c4d-766f855cb7f0
content-encoding: br
cf-cache-status: HIT
etag: W/"ba6cf724c8bb1cf5b084e79ff230626e"
age: 1549
x-amz-version-id: Al9aEv2E0deAwAfGacCRBEskazOldysU
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hztV6wv9LuF75APp2C5F%2F2VtOTfah0dRyAA4DZrUsxCRyEAb9HaOqEGbGAsIOXzEaEw7lRKH4yEETUV%2F9q5IsC%2BZ%2BN1DmHotSz2Z07Y7hdVFGaY4tsJEt3L8ueTTiXPMXSWEogoR"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: eZwaskfTC2mnfOtqqIhnq3EjjKQ3gBxZiGaMgHQMj65ITJ-brJl55A==
x-hubspot-correlation-id: 3cbbf4ce-2f41-457e-9c4d-766f855cb7f0
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:46:57 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-b2s92
x-envoy-upstream-service-time: 143
x-amz-request-id: CMW0P77W8EEVFAN9
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: Ymp/N0nQgjhwWQcjHK1Y+RdmV04NQBHYDB9DYrEiK1Q08CcYF2Tt5gJQ/3hLFwpoJ8DhI3n5k3W6weWS+XNKzEdrsNj6uLFxSQQvm89ht7o=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa5b88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1693291616579

GET
H3 200 mousewheel.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662695006/1693291622639/Hunters_Theme_May_2023/js/js_plugins/ 3 KB
3 KB 101ms
99ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662695006/1693291622639/Hunters_Theme_May_2023/js/js_plugins/mousewheel.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 06bb7604-f373-4ac1-aaf8-eb615f015597
content-encoding: br
cf-cache-status: HIT
etag: W/"d5843dbdc71ff8014a5eafd346a262da"
age: 1549
x-amz-version-id: EB4B3aQyiLb5JuXTAcZzRVAQLRHIpKLi
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8xMjQ3jgoy1n1wybCjeJJbIfPz9SdV0cLJF5TFnZftYNPe9mtHLGKupWJkuZaiJkb3tp9tXVrJRsrg7PVFlluRvpYUhddkgWrPb0Zu8guaqwoYBlM%2BfXh1tDADR4lOzQODvprIJ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 63jYkvw06PcabKvM0EjjG2m9xRjyZ8CJSqfsxzBFgajarGOwKthHaA==
x-hubspot-correlation-id: 06bb7604-f373-4ac1-aaf8-eb615f015597
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:47:03 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6548769dcd-mzbzs
x-envoy-upstream-service-time: 164
x-amz-request-id: 5ZV20A9MWYRYJV0X
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: Vmy5aXknc7T4A7wZH+MkW3WN6RMRDzeTU/P7hFVNSxd/CImzTY3s/nFpKnvIv35NjdDcox4lbas0OWhuJhO2rrebDxgkhcCtxApwoNUFDJM=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 88b63cb2f8aab28c7291262ffc15282e.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa5c88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1693291622639

GET
H3 200 aos.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662486199/1693291612611/Hunters_Theme_May_2023/js/js_plugins/ 14 KB
6 KB 117ms
116ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662486199/1693291612611/Hunters_Theme_May_2023/js/js_plugins/aos.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c29e718b023d06a8824bd6cc3d2856124f2c41af363a256936e7c7a79a4b8af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 507861a7-919f-482e-86eb-4fd4d7f9f507
content-encoding: br
cf-cache-status: HIT
etag: W/"ede6e7843492ab4c25dcb5ff2fb243e0"
age: 1549
x-amz-version-id: WX4f.toIuFDPXZmixmFRY3dgQMbUPcRt
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otTa%2BaDINpeRse%2BKNTBdYxkoatdMevYAc9If5DK4dElAaVeiW6775hRuBN3vXiLNBivis3DD%2FtgVFMESDqbyEaEGct8vBO8c3UZsfT%2F%2FErn0Oo2%2BHNSeXhAYG3x3w6ZuNjMYrR33"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: M9vaMO-JN3inW33e4LKMc0Vdm7_agP_V9QsqAIC_LbvUB_jj9a5uFA==
x-hubspot-correlation-id: 507861a7-919f-482e-86eb-4fd4d7f9f507
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:46:53 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-679cd85c5c-n6klc
x-envoy-upstream-service-time: 190
x-amz-request-id: VKNRMY9C7SD8G6AJ
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: ldLieHYObOEmv/NCk6KCdyzqFPhRpOo5UAoqS+lIXv7ol6yn7ty7MKv2LKgpzUD7TbOsp2nJniQ=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 ea42f57e1e0a065bc1c1c637f97d3be4.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa5e88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1693291612977

GET
H3 200 ScrollMagic.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575644/1693291613854/Hunters_Theme_May_2023/js/ 17 KB
7 KB 88ms
87ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575644/1693291613854/Hunters_Theme_May_2023/js/ScrollMagic.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9dad45994fa30a773ffd383f0daba950926e1c95fc807b644554825ac34bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: f193c6fb-67b8-4fa6-afde-dd42d77c614c
content-encoding: br
cf-cache-status: HIT
etag: W/"6ac0def42e0780c817de6097d1607a27"
age: 1548
x-amz-version-id: .pBAd2cfgI71wmAPubCRyFgyotetpu1F
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K89xgjZzJ%2BLXUVjJ423W1WOl%2BbMTcTtirzDTQaCEDY3j%2Bl%2B%2Bsc9vAglP2OmUwdk796nng0uaAOz0xlRlYBZ5B0ueeGMbMhNnumYGZl67tL%2BIztQyaJkREpIlnnHVTARjuykNEZPQ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: OIKGi7N3dIkRBDhTqvi2F3e87nzUYjg2aRhjmg4IY-QrXwQa9WyyyQ==
x-hubspot-correlation-id: f193c6fb-67b8-4fa6-afde-dd42d77c614c
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:46:54 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6548769dcd-tsm68
x-envoy-upstream-service-time: 216
x-amz-request-id: 4KF5SBDV5QA6028T
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: kvLbO1kw9+XQQ1tndvh0nqoPChXMF7SaflpWNwlokmnIBBJc2pQtuGdxlhrr8ms6o7spvO9QPKI=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6088b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1693291613854

GET
H3 200 debug.addIndicators.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882549514/1693291622778/Hunters_Theme_May_2023/js/ 7 KB
4 KB 82ms
81ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882549514/1693291622778/Hunters_Theme_May_2023/js/debug.addIndicators.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c15402dcdd0b03490883b62681c0d676af10894c7ce55218650d0f3827c6f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 729b4c27-e958-4065-8a8b-4a1d2e286896
content-encoding: br
cf-cache-status: HIT
etag: W/"2ca110d3d8bfbf577de0d2339e952d19"
age: 1548
x-amz-version-id: G_XOawQsOWl3pTEmVM.aigCXZh2FBzqq
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNe6uPwLvphFpIIgTUeak5qyXwWTahdQk7JdOF5EPSsujLOEscHYgyf7wQfhDRWWSltIyKBExti%2FOEpEViKR%2FoOSL2VHk1DC0%2Bv8H2V9SlsbNuc0WHnjgdBAXYCVILlp6mcZNruP"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: X2vVYUtQZw6Jec9I1oBvEt-2SdBVIgJjPYnSXOvR4X-7H2oXJkp0SA==
x-hubspot-correlation-id: 729b4c27-e958-4065-8a8b-4a1d2e286896
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:47:03 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54797cf595-6snpn
x-envoy-upstream-service-time: 197
x-amz-request-id: 76AA1WAMM5BQSR24
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: jKA/KvS896ihJY6jOTc9+5afbBzgAjgmRI6WnWVOEOLXjUs/aVUsUU3PkeIlUCxr2OPuo4yi/Tp0gz5I1jnhLgBJEfMlIlrNyfEbHwyk8Ko=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 b0785dd15b9c7ed21cde8fa5e473d0a2.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6188b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1693291622778

GET
H3 200 easyResponsiveTabs.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114370662982/1693291620440/Hunters_Theme_May_2023/js/ 6 KB
3 KB 87ms
85ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114370662982/1693291620440/Hunters_Theme_May_2023/js/easyResponsiveTabs.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5ac74ae7bad75e342eeb77f0c16005fcb01eaf5473b584030feb2f9f07e23df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: f249fc42-3b5e-4f56-a2a1-a645b9813238
content-encoding: br
cf-cache-status: HIT
etag: W/"cb4427cd8f350ccfbe2447e487ced2f1"
age: 1548
x-amz-version-id: GXs4GlqPQXBqS3kFTrlfj_Tb_2NZavMh
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEVgrfRct9xAjJ1L%2Beob3JEw7ti6Tkq3QUQs1VZwrptCwaY5jTisQZGSWUR%2BAb2pqH76objyWi9KaDNXEbmRDSieFNwS5RbXY3pjvDZRYUSuW4oT2boVe7zkZMe72jJSBC6DPRF0"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: FqZ6LvoMOmeCRFsmkOIjK3Ym9JumjoMY0e4fGybhHwsCmsHywgVX-Q==
x-hubspot-correlation-id: f249fc42-3b5e-4f56-a2a1-a645b9813238
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:47:01 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
x-envoy-upstream-service-time: 199
x-amz-request-id: JGQJ39NVFEYBNHHW
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: 7TD9MYby7QN/3B2ulFC8fJETpLubf00JYXDln3k1iggo1k9EF45Ae35kk2E5OeBMFO7XTAjEYQCBibQMkf9QLQ==
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6288b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1693291620639

GET
H3 200 slick.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882284039/1693291624252/Hunters_Theme_May_2023/js/ 42 KB
12 KB 62ms
60ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882284039/1693291624252/Hunters_Theme_May_2023/js/slick.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: cd21928c-5ee6-4872-b175-3b23a236f207
content-encoding: br
cf-cache-status: HIT
etag: W/"efe2dc57bf7b73137e9642e586ee272b"
age: 3502
x-amz-version-id: Fb072li6tYjBxDBknsVKEvzOtP5mz1G5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eKwWWWCDAQAcxjj0P2RgMsoNwLQj9KVJtGtuISqPfNcRPh%2FQNHm9Y3aUWbi4n%2FY9W8RFAbY5ZItSkdPY8iKCmJkW6lxPKBbsZqzEQmx0ocL%2BNa3mMk1iJW6qa4AIB7cVdUKCC8yp"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: ymNfjdraprs9clUYjSrPmOCHs4MuLhYX7S6WwHMumy1ZTRzJpNDQsw==
x-hubspot-correlation-id: cd21928c-5ee6-4872-b175-3b23a236f207
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:47:05 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6548769dcd-nlpn7
x-envoy-upstream-service-time: 172
x-amz-request-id: W9XRYYMCAYE5RNXG
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: bYGbKtxmQFDwsIUnhshYGfszJfd8PHNc9xuv8IHgiOZpkUcpYxgBIxNrIkYw92m4NlqXoE9Gkh72JJys283IeSxiWIrSnRIO3akPxR95Eug=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6388b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1693291624252

GET
H3 200 jquery.matchHeight.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575404/1693291617490/Hunters_Theme_May_2023/js/ 5 KB
3 KB 85ms
84ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575404/1693291617490/Hunters_Theme_May_2023/js/jquery.matchHeight.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

762a5cce3355f95306400b6113dd70cbb8bcf2ce3601fa27297d1899d007ec54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 6c7421dc-83d3-4dad-bc28-d0b18a06a917
content-encoding: br
cf-cache-status: HIT
etag: W/"3a5a31244d61d9cd0778b47e2d60374e"
age: 3502
x-amz-version-id: 2Pt0BYwvDy8cMMES08pnbHuhXdNpbKtt
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=in00HWmYWzd2mAHPR5iZgcCIbIQcOT%2BEzSabbPn92qqTiUl8n8wNQVSEt3ivxrOP2rsmBrUPuqF2qcyFVnqLiIlmM0qb1JU7v7JB7sH7lUoeivPHH%2FQ%2FoPDW6aK4IlNubAJMFTID"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 3PY1xxb8S1CHa8WQ18ObEU0ISqZD0K6QH9u6RR8nuKE_gXaReNYHmQ==
x-hubspot-correlation-id: 6c7421dc-83d3-4dad-bc28-d0b18a06a917
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:46:58 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-rwc79
x-envoy-upstream-service-time: 215
x-amz-request-id: T9KXJAV74Q634K0B
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: qhKowl1Kd2wJrhAKhsYJHJzwNOxth7X68yIAYjklb4gSLF+YlKGqOf/6wlWQuQb4xOuacbv7SP2kM9vwGCBiKfBWTXWpbTLE
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6488b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1693291617668

GET
H3 200 isotope.pkgd.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882549552/1693291622937/Hunters_Theme_May_2023/js/ 54 KB
15 KB 81ms
80ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882549552/1693291622937/Hunters_Theme_May_2023/js/isotope.pkgd.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e31677db4782bc8c9162fa1b42005aad15d67853f7a496e9fbb493fe2309759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 4c1ea54c-973a-458a-9f0a-000d59831dc7
content-encoding: br
cf-cache-status: HIT
etag: W/"d171d2b83a97424cf2f260c1fc1394e1"
age: 1548
x-amz-version-id: WhIw.DQXpL.ZBq74aHMGtTHmE6XKg.AO
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bf3MCrpPolGuoDos6D4tbxj5dm5mfQmm2xQ8wicsW7BF1OcXcAQz%2F3FrUyA969PGi5dE9kbGn3KqzOsI4NhiPSxrjhUkmXkLZMPXEDD50JhHstWCKYBzanavKZvFKK9oJathfEqT"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: YeaUkU9xpaGaWNfOhQNL6xdJKv1-wrPvacSKRBZGNAYtScpHXaurvg==
x-hubspot-correlation-id: 4c1ea54c-973a-458a-9f0a-000d59831dc7
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:47:04 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
x-envoy-upstream-service-time: 184
x-amz-request-id: JGQW6E8XW8CY8ARB
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: +VYd/vJ8WG0ozYIVBAGYP3IjdUpI/uHQdC675jwJgoCVohOKSOuOASPPG2TAOjFaX0P27IfNp5omaNsosoqwO5Gh+sjGSqco
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6588b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1693291623392

GET
H3 200 main.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127024241524/1727866885819/Hunters_Theme_May_2023/js/ 13 KB
5 KB 76ms
75ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127024241524/1727866885819/Hunters_Theme_May_2023/js/main.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f46e2fe055ca798ae7242cc770d2136169c4298407ec09bdc79ac73a545adb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: dd44df5e-7be3-4a87-9622-7c111809f9a1
content-encoding: br
cf-cache-status: HIT
etag: W/"83fd3f63889ecf4d879ff978bbc5a7b6"
age: 3502
x-amz-version-id: 8gvaeCYmSRFny4nUM7XK_SZ_ZDVl.RVk
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GKet0YQVggvJ5Glx8dFq%2BJ%2FMZYpKPYjFhoVk50u6gHz4FAXWVVUUkBioUkE3QfGm7gS7h6yPFQJmeqhcMEcWgJjCbblV3x8exgZPPtE%2B67vBEr2HdDhfwKSi5kuOnD7yPb3BMtWg"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: XWIZoDLbaVCUEhb6TIyLttgYqoWAciHm55w6XwYnd8zyjRN3fHAx-g==
x-hubspot-correlation-id: dd44df5e-7be3-4a87-9622-7c111809f9a1
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Oct 2024 11:01:27 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6548769dcd-5f7tz
x-envoy-upstream-service-time: 183
x-amz-request-id: NGSH73ZY3CTSYTEZ
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: jnNZYdvB+LF7DDMvnAR3S6VYbAxXZKbMSeAUjyNyA0YjwKCgAHG8ulEL1b3nJMoacNhmya2HTDdXbCyEZxEjBlafRoJ9zmDx
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6788b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1727866886078

GET
H3 200 custom_script.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575241/1693291612623/Hunters_Theme_May_2023/js/ 151 B
2 KB 78ms
77ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575241/1693291612623/Hunters_Theme_May_2023/js/custom_script.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa2622bbcafa420ce5be37bca0ff1e87dacede5fba4f42641d000313b4a1d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: ba831247-c15e-4253-841f-6d685b040fb0
content-encoding: br
cf-cache-status: HIT
etag: W/"4ca3117ba95e8789d0b706f44b545073"
age: 3502
x-amz-version-id: Wh.fFmcfNGDyyXMIXV3QBJ1mayq8w00j
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWgd5oref9fToI%2BoKZFZbYhy%2FkADaucgCcjx6G7xVx%2FtMfIEJJX76QSHAwikwEIrQTv3maAgAOgWezDDpI82kPclgDh%2FlUbQrfw4c8cy7mLf3ZJ0UTept3jJW3EzBSq1%2FxMmhtBy"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: pQjCSE1qf31CddQnmhkzhb1_tWRQ5MLNIsxoog83fwjXC89WC_NUwA==
x-hubspot-correlation-id: ba831247-c15e-4253-841f-6d685b040fb0
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 06:46:53 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-rwc79
x-envoy-upstream-service-time: 263
x-amz-request-id: T8PSZRDT6N6TR5NT
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: 023gKPOEUOlVZ1bH74kTmMiS17aZhrtczVhNWb1qp32WsUp/QvseABGpPGvSMjenbgcioq6YFSlnOC2uv4sLLQ==
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 bc330e83c319e99d19922ed79166586a.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6988b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1693291612737

GET
H3 200 prism.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/176293618185/1724271074702/Hunters_Theme_May_2023/js/ 575 KB
206 KB 108ms
107ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/176293618185/1724271074702/Hunters_Theme_May_2023/js/prism.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a300d0cca9c84237c8127d65ddf9619b1f1dd7834240d9b5fdfc9eaa25706cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 8e7c365f-0d29-4aea-8484-3378058d7535
content-encoding: br
cf-cache-status: HIT
etag: W/"76e9eb0938253042b85c917a887b10c2"
age: 2977
x-amz-version-id: hi4qftgT0n941NW2C1gYzI8P3nSN5hgh
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XHaS0zvtg%2FmXaME0IPMOfb2u0xiLvvgetp%2FBZfWp5Zi4DB8sM4UlXYCW2dJk3bIQhonprTfrJ8DSPN%2B2nMMQKtwUztrTAZg2rIw10rIhwCenIDYOsgREhshCuxAshUlBcaJNMJHJ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: 8GeO8yeK63UyM_U2nueQpJxd-sF8nn7W0vE5JLlf7p6qVafhNTGlIw==
x-hubspot-correlation-id: 8e7c365f-0d29-4aea-8484-3378058d7535
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Aug 2024 20:11:15 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-tvmvp
x-envoy-upstream-service-time: 292
x-amz-request-id: TSKXBBAVTZQ9SGBK
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: koPNaxbMQEWrUeL1jGt3nZFu1ruVNjWJGmCoxZITVn95TsdF40R3uhgizGA9uD5XTIrKrn0PBIU=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6c88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1724271074703

GET
H3 200 module_177021600416_Blog_Table_of_Content_Sidebar.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/module_assets/177021600416/1725602140089/ 2 KB
2 KB 107ms
106ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/module_assets/177021600416/1725602140089/module_177021600416_Blog_Table_of_Content_Sidebar.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f72983748dfd73b846c63554d18da197fec40f21b43f400cc2d8d1a2339098f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: c7e5327a-bee5-4c19-937c-6839002a63ce
content-encoding: br
cf-cache-status: HIT
etag: W/"ddb217cf8b81653c720488ad63e9e9e9"
age: 2977
x-amz-version-id: hWykXL3FXMyTYU1Ece.FCASwbh4OR9pr
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4TiHObH73SaLg1z6I4wUiJNeSCmnxYm8YNv6zcDCgpP6WZPzWJJXS63fabD98Ssdn9sufOp7%2FAf1QRwqDQpfouIWpIFN8wrYwY7iYGnpXfq9XLQLotExxhq5XzsDdEAKCp2iyTcV"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: Ub5bMihnfJF-t_ItEGHX-o0_f3uM2taLE5eTdp6HR_lAVgqPBSIzYQ==
x-hubspot-correlation-id: c7e5327a-bee5-4c19-937c-6839002a63ce
content-type: application/javascript; charset=utf-8
last-modified: Fri, 06 Sep 2024 05:55:41 GMT
priority: u=2,i=?0
server-timing: cfExtPri
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5689dcb94b-knhs5
x-envoy-upstream-service-time: 166
x-amz-request-id: BP2F1QA477P7JMXK
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-hs-alternate-content-type: text/plain
server: cloudflare
x-evy-trace-virtual-host: all
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: origin, Accept-Encoding
x-amz-id-2: ZzIjZA7y/isVYgay3U8N5uKb38B4WtXD1g10PC7TsoPcyeMmwzaaqhija+ME+zR1qJL+25mS6bI=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: www.hunters.security
access-control-allow-credentials: false
via: 1.1 bc330e83c319e99d19922ed79166586a.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa6f88b5-LHR
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD61-P1
x-amz-meta-created-unix-time-millis: 1725602140089

GET
H3 200 index.js Show response
www.hunters.security/hs/hsstatic/HubspotToolsMenu/static-1.354/js/ 12 KB
5 KB 81ms
80ms Script
application/javascript 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3ef0deda0631561665e95645daf500a2"
age: 1590148
x-amz-version-id: O3iI8Pl3bd7LIBbSsE98q3XHW8vfw5hp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XsQUPioJpRjVpLsaoK4xrpUHYEM2nqHYlkET5lLHjnhT9nAC5t%2Ba7S5%2FMlA366EIfmc5PY0bWsgIA91kE1Y9I%2FMaFfOo7IkOFqbTSyQSMmMw7IdBwJetMg2MJBJHIHKzO44gOzsj"}],"group":"cf-nel","max_age":604800}
expires: Fri, 19 Dec 2025 15:06:40 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: esAVPsWwJ69Z7RH_Ugmqn-pV40dbsADj_qut__IbFZqO1OAekKkL5g==
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 20:24:20 GMT
vary: accept-encoding
priority: u=3,i=?0
server-timing: cfExtPri
strict-transport-security: max-age=31536000
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 49810345bf6ae2e25866372144f1838c.cloudfront.net (CloudFront)
cf-ray: 8f484c44fa7188b5-LHR
x-amz-cf-pop: LHR50-P6
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 GraphikSemiboldWeb.woff2
www.hunters.security/hubfs/May%202022/Fonts/Graphik-Semibold/ 34 KB
36 KB 74ms
73ms Font
application/font-woff2 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/May%202022/Fonts/Graphik-Semibold/GraphikSemiboldWeb.woff2

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a28d627f3677c456980de2b9026548c69a9f542993b2b5b6d8608882fe1e878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "e13cf054833eb8ba8d3ffc1e1c2cb82e"
age: 123526
cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
x-amz-version-id: E4J3u.P1u8zLJOqkt22N.5.YJpbVcz61
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpg6VFj14qxJJ6lQJ2bwaE1d%2FKGlg%2B%2BGxxkw0jZ0gZJB7lb1G5QKbZFVnqR7vAuxNfFCMDIo2I92Rx7S0nFQ4UmaeAHQaB6aN%2Fkk5fzLvJo4HMX7hy7c%2BV0f5NJYkdzg2WWDiun6"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=OgUmOo9QFwZAIkGNOn0bS_r79cQLPvvtH2BSNam6Ptk-1734620800-1.0.1.1-uM4z0ZS7.iUQBNK1o1OP3HqQ8SvueaJ3djAH86tFf23BF6jNwjvIXKZEsLaG3rARS_uCjD7sUfjb7zx7wJtYANgJDiTknEGW8JNkLAtV5SpZX0rzHgTlkBdvBdKH3QBXPnDPjENMHR_sgzQiSAUCF7DVlERrd.oqCAqfrbZKRN4"}],"group":"cf-csp-endpoint","max_age":86400}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: Xw-YZ2IsVY0QEVacOj4OkVd2peA5hHgqXDy5jkd6BS_IU6jN3ehOuA==
content-type: application/font-woff2
last-modified: Fri, 27 May 2022 11:21:39 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 99MG74JVPV4429CT
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
content-length: 34772
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: fcUAPgS3JzJCCEMKFumVyKd1/nDqVvsNCnJ5YbJqXQ0uSPL9pEGbD1cI1afJS+44UrDslhAkA10=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OgUmOo9QFwZAIkGNOn0bS_r79cQLPvvtH2BSNam6Ptk-1734620800-1.0.1.1-uM4z0ZS7.iUQBNK1o1OP3HqQ8SvueaJ3djAH86tFf23BF6jNwjvIXKZEsLaG3rARS_uCjD7sUfjb7zx7wJtYANgJDiTknEGW8JNkLAtV5SpZX0rzHgTlkBdvBdKH3QBXPnDPjENMHR_sgzQiSAUCF7DVlERrd.oqCAqfrbZKRN4; report-to cf-csp-endpoint
via: 1.1 8b74b2b1058716502ca7132227c8a9ba.cloudfront.net (CloudFront)
cf-ray: 8f484c451a8288b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: MAN51-P4
x-amz-meta-created-unix-time-millis: 1653650498635

GET
H3 200 GraphikRegularWeb.woff2
www.hunters.security/hubfs/May%202022/Fonts/Graphik-Regular/ 30 KB
31 KB 75ms
74ms Font
application/font-woff2 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/May%202022/Fonts/Graphik-Regular/GraphikRegularWeb.woff2

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5ef33de34661d7ae6bce5bc0b514687f2813f7ade07b4e2511611c62c7494ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "e2d3e1bd2dba862a1c76e2cc88ac1776"
age: 123526
cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
x-amz-version-id: 9bSL54EBoxaoAARqnLg2bUn5vMLmIfW0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItlsdJ%2BnvntNSkAvJCIaeE2fI9RgY012J3HtjyBBKSZaz%2FURvRCnvUOoe4CmTAybXAPiG3sQzsZaTlZr1ib%2B8dmwKCPg19auRwNBnx3sO0lyCqh64qavbk%2BBSiL2BTeRRpV%2B8MQW"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: pWHs0G2G-ox9g4_7h0WrYUvw3mqFb2VH1yat2TRrS9_3b3spMo7uPg==
content-type: application/font-woff2
last-modified: Fri, 27 May 2022 11:14:17 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: DVCH0NY4K3CCCHFV
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
content-length: 30480
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: KxGXU/Oh2FN+si3EtmY87mInvF5JgGPGSp79zmdTkDfbdBKn6yy0Y2KCc2BdS/ixel77yRhMxVU=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 d2f7627e31875d8900a76b77162f72ac.cloudfront.net (CloudFront)
cf-ray: 8f484c451a8588b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: MAN51-P4
x-amz-meta-created-unix-time-millis: 1653650056855

GET
H3 200 GraphikBoldWeb.woff2
www.hunters.security/hubfs/May%202022/Fonts/Graphik-Bold/ 36 KB
37 KB 97ms
96ms Font
application/font-woff2 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/May%202022/Fonts/Graphik-Bold/GraphikBoldWeb.woff2

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

424560f6d441470e553c5c2d0e31a7df189ddb73ea43d909714d57b16f024624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "0fb4b480278277d351d7afefe46bf6e8"
age: 123526
cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
x-amz-version-id: aqs.ab3Smnu9FGL_UhGDqku4oUVVMHEq
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6NK6%2BvLoLgwV0s1Rb97Cb6UAzCEjFuPpw5%2FHbTSi5njlGKPY1uenATogbZd9xxW5tSqAH%2BOKS6%2BpGCXrv2Ga1VYuvIVJ2BAPaemChISxIFpsDT7KCL6ZUX3%2BjSrcfYmLeKTDF5mQ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: -vsGCb9gpu9-620CpFyKx2rDDwVvyi_kmmrLtw33bs5LY2WC8cWQtA==
content-type: application/font-woff2
last-modified: Fri, 27 May 2022 11:23:34 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: DVCZ07TG99BYT9K1
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
content-length: 37044
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: Xp3Kg0tLIQkN15Xmkmlp+mz7IimDE86WWbPOjSf+U2qmgq8Dnky0/1QWga4ZD+klI/4IQOO141c=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 44bee1140cd8bb60119c7121eba693cc.cloudfront.net (CloudFront)
cf-ray: 8f484c451a8988b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: MAN51-P4
x-amz-meta-created-unix-time-millis: 1653650613120

GET
H3 200 F37JudgeBoldCompressed.woff2
www.hunters.security/hubfs/May%202022/Fonts/F37-Judge-Bold/ 37 KB
38 KB 85ms
85ms Font
application/font-woff2 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/May%202022/Fonts/F37-Judge-Bold/F37JudgeBoldCompressed.woff2

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

631550304df547eb64d2d7af3e6bc30bf346fdd47640adefcbe22263b36d65b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "54e5c65113bb56ee4af633895983b9d3"
age: 123526
cache-tag: F-74685838647,FD-74685881460,P-5765386,FLS-ALL
x-amz-version-id: oROJePp8ny04DPku2cFXECrZhzDxBHie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=unkGygaohjLp8vHpFWAx2edoh6Igr1xi2uOYziHGhKVrEzhms7wpn8QqkUngauxtgSO4sAZfKaTe18vU%2FAOIRF4fQ%2FUaq%2BdEu2rRYppw2X6hfbwLEwKTCIzASUc%2F10e3Oah95kZZ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: qCTNXbyqUuOoHcAgoJ81RwPE5lAoyBFSxkf5Mf9gRCNdJYz-4lpWsw==
content-type: application/font-woff2
last-modified: Fri, 27 May 2022 11:06:03 GMT
priority: u=0,i=?0
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-74685838647,FD-74685881460,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: DVCZM04T0RGY2A8D
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-74685838647,FD-74685881460,P-5765386,FLS-ALL
content-length: 37524
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: sEjybWd03ZBk7voVmy4YVXfyHkpBYvejm0und/FlQyIlbVIuRY26uxBQ/eHPoWy2b+09XnS7cSI=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 8b74b2b1058716502ca7132227c8a9ba.cloudfront.net (CloudFront)
cf-ray: 8f484c451a8a88b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: MAN51-P4
x-amz-meta-created-unix-time-millis: 1653649201795

GET
H3 200 Untitled%20design%20(9)-1.png
www.hunters.security/hs-fs/hubfs/ 36 KB
37 KB 86ms
86ms Image
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hs-fs/hubfs/Untitled%20design%20(9)-1.png?width=801&height=418&name=Untitled%20design%20(9)-1.png

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00616a1bdd8748b55fc50600abe83c31864dad9a057f1c397ed4354c2767e00b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

cf-cache-status: HIT
etag: "cfSdukr28ON0wSGZIeo_zLg7U95FbuHgg10rMJHV_6DQ:0a483585f41e0935871ee47b1b77d24a"
cache-tag: F-184010043957,P-5765386,FLS-ALL
cf-resized: internal=ok/h q=0 n=22+54 c=4+49 v=2024.12.2 l=36870 f=false
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7ZPz50eJrhIvJ2fw%2BZ9lpccvc9EkRKbSOadaHfvw%2Fc5MfVRms620zgGweoPQ0zikKHDmIoPhJB8mQk%2FhJ37F%2B2zV5nw1MNsK8GT%2BHwxuPTnZV8h9YUNR%2B%2FCcC4q9X%2BYmEbPIqoz"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=rqCZIDx1CDIwDJY6Y5FviZIDzBKHUMS.V9YGAXZ2mEU-1734620800-1.0.1.1-FvIrfC4iep58lIVHCdb3hZKkJQQGdFjMh1FxnXEXU6.HpQQ1fyJLZ1DIeDEMl0uncOzKFTppBr.IimjCaDnjjZazjkDereeZxqCQhR8S27rLW1NKDwoVaSyXjiw7.WWB7AL8XF2a1ydE2auW6vFeqN_YrrBPmsJ7kAmGCgONw3I"}],"group":"cf-csp-endpoint","max_age":86400}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 15:06:40 GMT
content-type: image/webp
last-modified: Tue, 17 Dec 2024 18:49:59 GMT
vary: Accept, Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=rqCZIDx1CDIwDJY6Y5FviZIDzBKHUMS.V9YGAXZ2mEU-1734620800-1.0.1.1-FvIrfC4iep58lIVHCdb3hZKkJQQGdFjMh1FxnXEXU6.HpQQ1fyJLZ1DIeDEMl0uncOzKFTppBr.IimjCaDnjjZazjkDereeZxqCQhR8S27rLW1NKDwoVaSyXjiw7.WWB7AL8XF2a1ydE2auW6vFeqN_YrrBPmsJ7kAmGCgONw3I; report-to cf-csp-endpoint
via: 1.1 0d28fd7b073340c78cdcd5a3e2e0fe5a.cloudfront.net (CloudFront)
cf-ray: 8f484c451a8b88b5-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36870
server: cloudflare

GET
H3 200 linkedin-icon.svg
www.hunters.security/hubfs/March2022/ 643 B
2 KB 71ms
71ms Image
image/svg+xml 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/March2022/linkedin-icon.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7802c74a8e2285615d0ee35e104175b11653884c111470744907827543cbb29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"e0c606f3ed38d3b0e235a9d79e2d50d5"
age: 111807
cache-tag: F-69884653457,FD-69047889517,P-5765386,FLS-ALL
x-amz-version-id: RGaoSmCKiksnnaxFoSo.9rmpZKMbOr0i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qE7XEabDFp%2BCdyLpIS6OnMXqswt9Vz3NVNa%2BfJVRJd%2BYnXthC94hmTF3VJYnXHktp37oXbetANnGWcPvv5XA6mjua1T9P41%2FDnUwVrkbVeq%2BaURHrtsE0qjDmlr75HGQfDWUJ4G%2F"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: o90XqMi2zngxWVy5Q0lv-vMOgG0XXmp6lZ-XqW7ufQRPmgcUEOaFsw==
content-type: image/svg+xml
last-modified: Thu, 31 Mar 2022 06:41:54 GMT
priority: u=3,i
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-69884653457,FD-69047889517,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: QBQYARFB37A5T0V1
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-69884653457,FD-69047889517,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: aOZ00NVLARPbYoyuEPpwfZMdtn/LI4bNNCvpiejLqXiP91lR/XhBM0zMYiT5JNgFSxxnNWHaAZ85A/nPKWNixNAs+OU6/uC7dF+UTW3do/U=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 39477feb1cccdb27c6768eefe642d96e.cloudfront.net (CloudFront)
cf-ray: 8f484c452a9388b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
x-amz-meta-created-unix-time-millis: 1648708913834

GET
H3 200 youtube-icon.svg
www.hunters.security/hubfs/july2022/ 1 KB
2 KB 82ms
82ms Image
image/svg+xml 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/july2022/youtube-icon.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca76596a4a51aff45954e24a6dd4e1f148f7f0b16c578e1c919f5e1106a04df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"485d3d8fd140c1a3d379056d6f87c309"
age: 111808
cache-tag: F-80602868852,FD-79786790955,P-5765386,FLS-ALL
x-amz-version-id: 7SVwuijW7.9ZxDGZl7_ajMufvWc9s565
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJZDos3DQWgLNTtYfU2RWkPr02qWifAWrQOgONz7raNUjgY2YyjNaeHZFjp4F1IPMBDNW4R3ahEeSYFCtGHxF28gEM%2ByOM64vIXv0Nj99%2FMG6sRILI0e3QKXDw0zTgfhoH%2F6b8nl"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: l1OW4iNXlcsa0bTW6aqR0ZTLSEPhLAdBfTm_UE9tmFw5fG-pSpqHCg==
content-type: image/svg+xml
last-modified: Sat, 30 Jul 2022 06:30:12 GMT
priority: u=3,i
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-80602868852,FD-79786790955,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 7D1MXGCF8N2HC88P
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-80602868852,FD-79786790955,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: vYEpEzpdbbbvp5OXpVvsuOEwjtYMANQuR5UOSStJpmu0cb4ePulJqsTPGUYPKtO7GLJaasG/PM+ybotLgjeb6g==
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 abe5b733b9c99f8f88ee8cb18db1d93e.cloudfront.net (CloudFront)
cf-ray: 8f484c452a9488b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
x-amz-meta-created-unix-time-millis: 1659162611609

GET
H3 200 instagram-icon.svg
www.hunters.security/hubfs/March2022/ 2 KB
2 KB 84ms
84ms Image
image/svg+xml 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/March2022/instagram-icon.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ec0979e7bb7143c393e8a431924cbe84a42fa6ad659f0b83530c88b5a349a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"6d9f00570997ce78863203323d206105"
age: 52267
cache-tag: F-69883107502,FD-69047889517,P-5765386,FLS-ALL
x-amz-version-id: ohnkeFx5GZM_tWLIt9ZBHORho_g_4kmz
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lnoY9syF5Qh0itEJdgpAQ4RFnVFcmFhz1A6Japq1DAtYzOjDD%2Fe5JJAAcJN8AtYvXjwlDauaQF6peXBYiaqSkglGvfQfigps7OLgW8GV6Nsbrh5iN5kfw58aekf%2BqH5CJgxdLEwj"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: -oFaA4BPE1gQ0bbyzvbOEpf3q5ItG1yn-MQfM7CwfwdS4TW4tfdo1A==
content-type: image/svg+xml
last-modified: Thu, 31 Mar 2022 06:41:54 GMT
priority: u=3,i
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-69883107502,FD-69047889517,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: KH2PFFXB63JXZSWC
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-69883107502,FD-69047889517,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: A7vy5nes+jjbT1dUJ049aZjLjIn1W62KxQoHDgYkSB+aTgvKI8ttHBUkjAVLCUimlxfw+l7GYJM=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront)
cf-ray: 8f484c452a9588b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1648708913835

GET
H3 200 twitter-icon.svg
www.hunters.security/hubfs/March2022/ 927 B
2 KB 91ms
90ms Image
image/svg+xml 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/March2022/twitter-icon.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d5f628bd87bce595cf9c4a7bf72985cbea5bffab1a535a266f70acc04fd2590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"59c767f187bf12c75ce744733bfa4597"
age: 111807
cache-tag: F-69885227289,FD-69047889517,P-5765386,FLS-ALL
x-amz-version-id: OzvZViA9VWh6aRDHSIlYEgB3BdAss8oJ
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EvhbQLfFMZueWxjfNrUj64fZ3c1KHKaUIdNlhPQQ5m3DkYmtAp2lWPdiWjeym5U1eNPl1zgqsSScBkklCkTvwHbBZHByNSiU%2FpbyNLb7lY0zhIBMA9ti8jBSx6yvaVk7reTrpnTt"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: F3B2MbeYrLQZi8wKqvhGlxmBSjDRLcAzyIfPnASOI8zdTjHjsZgzsQ==
content-type: image/svg+xml
last-modified: Thu, 31 Mar 2022 06:41:54 GMT
priority: u=3,i
server-timing: cfExtPri
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-69885227289,FD-69047889517,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: KH2TJ0AHDCD0QY3W
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-69885227289,FD-69047889517,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:40 GMT
vary: Accept-Encoding
x-amz-id-2: HGHEL18b+nmh/4yzcgOeT5F20GV4C00rTVp/2JiQburiAYOECJeN9/NBOF8kYeTX9XaaDH+r+RlblM+OFKKOXA==
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 feff0449a1f635967cefa9b64c140c9a.cloudfront.net (CloudFront)
cf-ray: 8f484c452a9788b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR62-C4
x-amz-meta-created-unix-time-millis: 1648708913852

GET
H3 200 VqKHtlHBiv3Lc8dabqWd Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 2771ms
2732ms Script
text/javascript 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/VqKHtlHBiv3Lc8dabqWd

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

73c311377a5c098c532b38550f08a7711dd46d65a87e507ea72d70384ebeecba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 15:06:43 GMT
content-type: text/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url,page-url
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8f484c46dad16322-LHR
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 81ms
40ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

2e11527332569f2c74fcd62a076142c637c1a42fc885fc049318d18a52eba6d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-md5: ysTrFSfBX0v22M5b+mTaTQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "cf85380517dc96043d8d88ba96918509"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 15:26:23 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 15:06:41 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: ef46dbd6d65d451d9335bacc51c2de01
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4490, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: nDjMaESjQxskK1zyHmI+IGwTiCCbrN+aAaBpKW1tYRHaeGVJzzx3JzXISfevH1+jUIuUJAVc/m1q7yyg9o9RTA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1686
origin-agent-cluster: ?1

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 187ms
41ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-encoding: gzip
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Thu, 19 Dec 2024 15:06:41 GMT
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kiad7000108-IAD, cache-fra-eddf8230166-FRA
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27597
x-amz-server-side-encryption: AES256

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 304ms
248ms XHR
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=5765386

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-request-id: 831d9890-304e-4e62-9111-6b26d840bd4e
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-methods: GET
x-content-type-options: no-sniff
x-evy-trace-listener: listener_https
date: Thu, 19 Dec 2024 15:06:41 GMT
x-hubspot-correlation-id: 831d9890-304e-4e62-9111-6b26d840bd4e
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8f484c46f95a60ef&resource=unknown"
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-4wq5t
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
cf-ray: 8f484c46f95a60ef-LHR
access-control-allow-origin: https://www.hunters.security
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 right-arrow.svg
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/March2022/ 272 B
1 KB 108ms
53ms Image
image/svg+xml 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/March2022/right-arrow.svg
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2856b09b8551910e6cb03f10c7c59245716b78864f205ee433fb3109f15fcbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
content-encoding: br
cf-cache-status: HIT
etag: W/"fe17677dc5e5a558797d8f08f625efaf"
age: 2541623
cache-tag: F-69047833408,FD-69047889517,P-5765386,FLS-ALL
x-amz-version-id: BCXBoPsgYqnM0oNdz5UfoKeTAiJIuz9.
x-cache: Miss from cloudfront
x-amz-cf-id: uGAWwlP93MugUF-yIBvWrrX9bKtTbfU0aDJSM7j6S01tgH19zTVEhA==
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 05:24:26 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-69047833408,FD-69047889517,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: EQEBPPCR9VBFXQ56
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag: F-69047833408,FD-69047889517,P-5765386,FLS-ALL
x-hs-alternate-content-type: text/plain
server: cloudflare
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption: AES256
access-control-allow-methods: GET
date: Thu, 19 Dec 2024 15:06:41 GMT
vary: Accept-Encoding
x-amz-id-2: IkVzHalkDwUuBNK8lNwzImIUuRz4YnlaAheqblKEFkkwmQvsnLFznQ4UF9TL04gpCESRdtx1+7U=
timing-allow-origin: 5765386.fs1.hubspotusercontent-na1.net
via: 1.1 e11502649b2fdd9cb3960f027c8c1ea2.cloudfront.net (CloudFront)
cf-ray: 8f484c470d2af662-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR3-C2
x-amz-meta-created-unix-time-millis: 1647840265758

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 254 KB
75 KB 40ms
40ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=7bdfaf484d93fcf27ee64a7e515c106d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

82ed6228f7dfb119e4c1b3eca3ef73bdd2733d88aab83b411defee440fc31ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hunters.security
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

content-md5: wtEBtPV9nQ8tb6aO0S+5uA==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "a7203bec30267d89b18f1876de8d693e"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Fri, 19 Dec 2025 14:24:37 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 15:06:41 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: f0826f41f0031e9760972138ac8334e7
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1888, tp=5, tpl=0, uplat=0, ullat=-1
x-fb-debug: t3btHqQ1WU/YmtqwcNE9Oqc0RUHHW2Al4SX82L8c3xDi5h3M+mdOtk1L+H/exkH+K/sDRgAUeXGyYfedl/myhA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 76651
origin-agent-cluster: ?1

GET
H2 200 widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame A2A3 0
0 117ms
39ms Document
text/html 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.hunters.security
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Thu, 19 Dec 2024 15:06:41 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 11 Dec 2023 17:19:49 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000164-IAD, cache-fra-eddf8230065-FRA

GET
H3 200 Youtube%20Profile%20Picture-2.png
www.hunters.security/hubfs/ 1 MB
1 MB 63ms
63ms Other
image/webp 199.60.103.227
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/Youtube%20Profile%20Picture-2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55d014846b34bef181c9b239e103c4c61f28f8917aae9540c4ba3ebdfd1d604d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "1ce024c6f60f588abacbda5deb823052"
age: 123528
cache-tag: F-75057322131,P-5765386,FLS-ALL
x-amz-version-id: S6lAdoIj9aqykg7msQHTGVsWLzb1qvj.
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6TYRlcX0Hgt5lAMNXVGLjYp2pG5BdVcRTIsoaWi1nl5zX6zPe3TMgtxcGtF5HbNK%2Bo29LGUkvz5cUW7yaPYztneiyH4DdjHSv0UV%2B%2F3OJowPVx5ivpO3fRDhfqDrARRxepWyhfM"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 29FEVR_Y_DgJjLktaiS1YTXcXCTYaYfCjqZ_V4ErtDjfcN3V8jq0EA==
content-type: image/webp
content-disposition: inline; filename="Youtube%20Profile%20Picture-2.webp"
last-modified: Wed, 01 Jun 2022 08:54:53 GMT
priority: u=1,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-75057322131,P-5765386,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: B8VE72MVVVZ04SJY
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-75057322131,P-5765386,FLS-ALL
content-length: 1116226
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origFmt=png, origSize=1690575
date: Thu, 19 Dec 2024 15:06:43 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: 3oTOhuJsMdEBqHPCUvZC5XEflISQMI8L0QexpC5IPWN0tTwVwMIundte8uDj6lwLS4yF600qn84=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 1f440b6f0424a445f1d01b84762bad0e.cloudfront.net (CloudFront)
cf-ray: 8f484c57fe6888b5-LHR
access-control-allow-origin: *
x-amz-cf-pop: MAN51-P4
x-amz-meta-created-unix-time-millis: 1654073692057

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kit.fontawesome.com
URL: https://kit.fontawesome.com/a076d05399.js

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.hunters.security/	1970-01-21 01:50:22	Name: __cf_bm Value: Ae.3dI1oClIjTDKA8XN0g8uvmi03dhUXzIBclTCnbRE-1734620800-1.0.1.1-_GYQnQSMM22VPgcFUQVTne7K0kLkvibOdUnqNDvnaVO.HlHNApSNmaJj.UTZTjGFcCBSFnkYnAWfPjz96.p.tw
.www.hunters.security/	1969-12-31 23:59:59	Name: _cfuvid Value: .p2KnY9O1Ef6RGyEE3QdyEgG8iEgBolqEwwT.Q_NwXE-1734620800458-0.0.1.1-604800000
.hubspotusercontent-na1.net/	1970-01-21 01:50:22	Name: __cf_bm Value: 5zkSNKxWZ1mnJH9t1jNZmpQwmI7QRXNmD.lbnotPeMw-1734620801-1.0.1.1-HLPjbq1GMmNEKLHZJnwH2xIkX9umrs5XPfclMUDj6JxIg1WBykwW3vEcv35aLwzeVnB2zozyZAZxqiBygHPjjw
.hubspot.com/	1970-01-21 01:50:22	Name: __cf_bm Value: UOI0tLjzWyW5LOs7EWY924Nxu_dbWvKrHWOZuv9DdEY-1734620801-1.0.1.1-.SoCrFdoub7iFsA_A3d6HW5xRNMzMVFGeA3YMIyqsnEixIqtVElOLTKOQ0twGJ6wfIvmqsuYYhcVbqJ8TXsLjA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: F06jiE_XK8MgjfKsk728gfsSkqX_U.ugDdrPiuNkiQk-1734620801339-0.0.1.1-604800000
.ws.zoominfo.com/	1970-01-21 10:35:56	Name: visitorId Value: c5aa8ec0cfd3bd1d35d41415da63062f8a253cac4fc330064f7fd541d4dbc9f8
.zoominfo.com/	1970-01-21 01:50:22	Name: __cf_bm Value: hvNpfVXW3djfhQXUMkXjEkWYnG_L7spPU0Bmm0.pvTU-1734620803-1.0.1.1-vN0sKU8m6Q8KLEHelyVk98i.6TH6hczrDuTxNTfJqjMH1xhACJ5YeOppXqenR8y4dOknjJT9u9WJkOU7gbRkhg
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: AzBClEbdAgt0cLmgky8odkEGYRZsORbegiUkwC9R5jY-1734620803802-0.0.1.1-604800000

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 11) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 14) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 15) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 17) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 20) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 21) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 23) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 26) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 27) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 29) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 32) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 33) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 35) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 38) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft(Line 39) Message: <link rel=preload> has an unsupported `type` value
javascript	error	URL: https://www.hunters.security/en/blog/lummapp-infostealer-browser-extensions-credential-theft Message: Access to script at 'https://kit.fontawesome.com/a076d05399.js' from origin 'https://www.hunters.security' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://kit.fontawesome.com/a076d05399.js Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5765386.fs1.hubspotusercontent-na1.net
app.hubspot.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
kit.fontawesome.com
platform.linkedin.com
platform.twitter.com
ws.zoominfo.com
www.hunters.security
www.unpkg.com
kit.fontawesome.com
104.16.118.43
104.17.24.14
146.75.116.157
157.240.253.1
199.60.103.227
2606:4700:4400::ac40:9284
2606:4700::6810:7674
2606:4700::6811:f8cb
2a00:1450:4001:813::200a
2a02:26f0:480:15::213:7e4a
00616a1bdd8748b55fc50600abe83c31864dad9a057f1c397ed4354c2767e00b
0c29e718b023d06a8824bd6cc3d2856124f2c41af363a256936e7c7a79a4b8af
0d5f628bd87bce595cf9c4a7bf72985cbea5bffab1a535a266f70acc04fd2590
10dc028779c21e5b3f1bc41e19eaccdca81a38e53e7712439d271ceb6174f534
13890a8f68451c83c974d5a4dba823dce8f9537f55938ea8d47b7f5c131719b7
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1df553eea2266c21f18c21943acbd3e86a10b848fc2903849ab9360c2492648a
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
238b1cf831e99615cf4d403ccdecbc5a3a615f2f0f8e92179cc69f9ec7d60b0a
24af0aa554afc559dd1f59f21a2cb05e7fc668adced9605b05f5807df02585e6
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
2e11527332569f2c74fcd62a076142c637c1a42fc885fc049318d18a52eba6d8
2e83074dd815b9adf43a1ca073b8dc0bc6eeccb0f9c008f3a06d20dec5f335d5
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f352a7de3dda4ecc29be98eaf8ecf19731d7d68038058f5568e3117228b9a82
2f6f9f7221a54fc4900e4ed44711c25b3370354baf336529033882586d75152c
35c55b14508fa6bc876713dc6ca5b0cdd84333a1294b12d9ccff89d3784e4259
368406900c890220c314afd610820f1e635e69e4d3e0275ec060057865f563c0
3c23c888b01855d9310b1a569def2623503bcc2a81327955f0a824c6f722b278
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
3fc5f8ce69950ec73adc972f061df42aaea78faa4864709134ea2adc083f3a33
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
424560f6d441470e553c5c2d0e31a7df189ddb73ea43d909714d57b16f024624
42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e
47e702b68f7a9e3e4d49a10288dd9b64e541fb9b3a4c65958154dd6212c0dfad
4aeece6fda59aeaf7ea1271ac3ecbe1189bd88726b444d8813de296f0ad41ad8
4fa2622bbcafa420ce5be37bca0ff1e87dacede5fba4f42641d000313b4a1d49
55d014846b34bef181c9b239e103c4c61f28f8917aae9540c4ba3ebdfd1d604d
5c15402dcdd0b03490883b62681c0d676af10894c7ce55218650d0f3827c6f0f
5ee453db69de2afe22f2abc664d11aa3b8720f3b24a8d82d2a1d2306be008e93
631550304df547eb64d2d7af3e6bc30bf346fdd47640adefcbe22263b36d65b4
65e8891f4b378dab5c0bf39bf40aa2d96bccae5f04c5458ea7dfc64eb630d986
6a28d627f3677c456980de2b9026548c69a9f542993b2b5b6d8608882fe1e878
6b1d913f0ef5cc8fd8d0c483772f5d511071ccc1d441f64292fb7659616f5b79
6ca76596a4a51aff45954e24a6dd4e1f148f7f0b16c578e1c919f5e1106a04df
73c311377a5c098c532b38550f08a7711dd46d65a87e507ea72d70384ebeecba
762a5cce3355f95306400b6113dd70cbb8bcf2ce3601fa27297d1899d007ec54
7e31677db4782bc8c9162fa1b42005aad15d67853f7a496e9fbb493fe2309759
7e639f213682c84c7ed4da94c224b65a4cfa532975476b44d6b3d22ae0ef8afc
7f46e2fe055ca798ae7242cc770d2136169c4298407ec09bdc79ac73a545adb4
82ed6228f7dfb119e4c1b3eca3ef73bdd2733d88aab83b411defee440fc31ee0
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ec0979e7bb7143c393e8a431924cbe84a42fa6ad659f0b83530c88b5a349a04
90eefa1db290de170e8127aa6f3ad079f38762aa27b4c885670cf5d757c0f2fa
91f0116d893ce32487b8b683a408b135c15809c7e1b3d8d26bdb5889126f2077
a300d0cca9c84237c8127d65ddf9619b1f1dd7834240d9b5fdfc9eaa25706cab
a5ef33de34661d7ae6bce5bc0b514687f2813f7ade07b4e2511611c62c7494ac
bc95b09fc339140c69c5136e815b78be4ef324669185635fc3aef462e8d7df83
cb5224674e43d02db0037517f4aa29ba5ce9ddd0672e513cc7289714ba657522
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5ac74ae7bad75e342eeb77f0c16005fcb01eaf5473b584030feb2f9f07e23df
d7802c74a8e2285615d0ee35e104175b11653884c111470744907827543cbb29
da9dad45994fa30a773ffd383f0daba950926e1c95fc807b644554825ac34bf7
dc507001be80bda64a1378c7f6edce7a6fe445dd6712c4eeaed70db462a7e934
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e2856b09b8551910e6cb03f10c7c59245716b78864f205ee433fb3109f15fcbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9a85e8c7b1ba0c225aec7ced73372fd08fba0bb37faa515a47008aceb550a1
ef4bfee18eaf9bb02c3d3c93ce39551cff6effb9b29678a118c808b0b92489a0
f72983748dfd73b846c63554d18da197fec40f21b43f400cc2d8d1a2339098f6
f8ba39324d5f993de36bad6333e225beaedc14453f0becb53f02fe917339d670
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

www.hunters.security Open in urlscan Pro 199.60.103.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

99 %HTTPS

50 %IPv6

11 Domains

11 Subdomains

11 IPs

3 Countries

2771 kBTransfer

4311 kBSize

8 Cookies

9 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hunters.security Open in urlscan Pro
199.60.103.227 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

50 %
IPv6

11
Domains

11
Subdomains

11
IPs

3
Countries

2771 kB
Transfer

4311 kB
Size

8
Cookies

73 HTTP transactions
0 data transactions