Overview

URLbom.so/x7isy1
IP 104.26.7.214 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-03 02:54:44 UTC
StatusLoading report..
IDS alerts0
Blocklist alert7
urlquery alerts No alerts detected
Tags None

Domain Summary (10)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.149.219.22
e1.o.lencr.org (3) 6159 No data No data 23.36.77.32
cf-assets.hcaptcha.com (7) 0 2022-02-22 19:51:32 UTC 2022-11-02 14:14:50 UTC 104.18.22.122 Domain (hcaptcha.com) ranked at: 5458
bom.so (7) 417517 2017-09-01 20:09:21 UTC 2022-11-03 01:27:38 UTC 104.26.7.214
r3.o.lencr.org (6) 344 No data No data 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-02 05:33:59 UTC 34.117.237.239
cloudflare.hcaptcha.com (3) 0 2022-02-23 15:28:14 UTC 2022-11-02 14:14:50 UTC 104.18.18.132 Domain (hcaptcha.com) ranked at: 5458

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-03 2 bom.so Sinkholed
2022-11-03 2 bom.so Sinkholed
2022-11-03 2 bom.so Sinkholed
2022-11-03 2 bom.so Sinkholed
2022-11-03 2 bom.so Sinkholed
2022-11-03 2 bom.so Sinkholed
2022-11-03 2 bom.so Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.26.7.214
Date UQ / IDS / BL URL IP
2023-01-22 17:09:37 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.7.214
2023-01-22 11:13:38 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.7.214
2023-01-16 03:27:43 +0000 0 - 0 - 0 bom.so/d3vbve 104.26.7.214
2023-01-13 12:26:38 +0000 0 - 0 - 0 bom.so/xHX3zY 104.26.7.214
2023-01-08 13:12:00 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.7.214


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-09 03:05:16 +0000 0 - 6 - 0 ouo.io/QLI332 104.22.22.162
2023-02-09 03:04:28 +0000 0 - 0 - 11 ckk.ai/Cambiar_res 188.114.96.1
2023-02-09 03:04:11 +0000 0 - 1 - 1 cdn.discordapp.com/attachments/10392342538226 (...) 162.159.130.233
2023-02-09 03:04:09 +0000 0 - 2 - 1 cdn.discordapp.com/attachments/10413646926412 (...) 162.159.134.233
2023-02-09 03:04:06 +0000 0 - 1 - 1 cdn.discordapp.com/attachments/10409318100429 (...) 162.159.133.233


Last 5 reports on domain: bom.so
Date UQ / IDS / BL URL IP
2023-02-08 23:24:17 +0000 0 - 0 - 1 bom.so/GMW3W5 104.21.34.183
2023-02-08 20:14:56 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.163.184
2023-02-07 11:19:48 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.68.240
2023-02-05 22:10:11 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.6.214
2023-02-04 15:11:12 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.6.214


Last 4 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-19 22:07:40 +0000 0 - 0 - 7 bom.so/YQS2hs 104.26.6.214
2022-10-24 03:02:04 +0000 0 - 0 - 8 bom.so/BnX7dD 104.26.7.214
2022-10-07 22:14:54 +0000 0 - 0 - 8 bom.so/RzgfKx 104.26.6.214
2022-09-28 14:56:28 +0000 0 - 0 - 8 bom.so/YCmIM3 104.26.6.214

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (38)


Request Response
                                        
                                            GET /x7isy1 HTTP/1.1 
Host: bom.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.26.7.214
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 03 Nov 2022 02:54:33 GMT
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ix1%2BZoQq8CmFCJ7hHF3Djd0nez%2Bffj5KAidk1Pmx9q7cXw%2BeO5hosvSxFZQp9ld6RbTyNnpOjSXccYbHokmwcVOY8k8RLmEWQrvoZl%2FmEhFGaTWkG3OO%2Bwg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7641d3727fccb4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (816)
Size:   3697
Md5:    091e943e9db2dd4400800a4c04ae5682
Sha1:   495128f829e800c2e5f15329484225c62688f378
Sha256: 7e9544ade46f4930451d881efb4bc9447e681acd406309bfa2f123a509bdfdd2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F251408F64B28BEBFE96F3DB5C3DDE3D5AD5FEBBAF2964B3516C114EAA51F4D"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7449
Expires: Thu, 03 Nov 2022 04:58:42 GMT
Date: Thu, 03 Nov 2022 02:54:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5144
Cache-Control: max-age=115336
Date: Thu, 03 Nov 2022 02:54:33 GMT
Etag: "636238d9-1d7"
Expires: Fri, 04 Nov 2022 10:56:49 GMT
Last-Modified: Wed, 02 Nov 2022 09:31:05 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2469
Cache-Control: max-age=112661
Date: Thu, 03 Nov 2022 02:54:33 GMT
Etag: "636238d9-1d7"
Expires: Fri, 04 Nov 2022 10:12:14 GMT
Last-Modified: Wed, 02 Nov 2022 09:31:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F62EFF2AD4D64D785A48E2761D7F2BDA9171F1E60B0E9DC525D8F589F9EF7C60"
Last-Modified: Tue, 01 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2225
Expires: Thu, 03 Nov 2022 03:31:38 GMT
Date: Thu, 03 Nov 2022 02:54:33 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: n41xIlP90nuqKtDX2ERHDgGsxjp1yfyhgLkzX/zJJUmPky6y68Nr7V0G+1HYLrj26ZW3c18fs7xcUFav9l1GNQ==
x-amz-request-id: 7P5GJJJXTVKNT9CG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 03 Nov 2022 02:08:59 GMT
age: 2734
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /cdn-cgi/styles/challenges.css HTTP/1.1 
Host: bom.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Connection: keep-alive

search
                                         104.26.7.214
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 03 Nov 2022 02:54:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 14:03:59 GMT
ETag: W/"635be14f-1896"
Server: cloudflare
CF-RAY: 7641d374b8f8b524-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 03 Nov 2022 04:54:33 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (6294), with no line terminators
Size:   2604
Md5:    ba2d8534d208d2a5b158507e004d7150
Sha1:   ab81307634698ea304a68783fa38937f562009a2
Sha256: 63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bom.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Connection: keep-alive

search
                                         104.26.7.214
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 03 Nov 2022 02:54:33 GMT
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5EEnSzN1%2Fn2eaclej0h9PenZ5KHpiYLgzXtEqrOh7Vk191gahOkUDYFbsvc5tcKNFF0%2BYdfrPAMTEALE8WfZWx0PYGzqgw%2BIZMaa%2B%2B1Lo%2B98W13jQI3MnY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7641d374cc41fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (792)
Size:   3694
Md5:    3f1c45c4c4599b1ca862efd8d0e6bae7
Sha1:   70bef80f45e7b8456e6a3bc00ff18b75352daf05
Sha256: 107e6a047a4b9078f2d02f17d12b7f12c288846ef12c16b9f07b3da854dff912

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7641d3727fccb4ed HTTP/1.1 
Host: bom.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Connection: keep-alive

search
                                         104.26.7.214
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 03 Nov 2022 02:54:33 GMT
Content-Length: 42
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 14:03:59 GMT
ETag: "635be14f-2a"
Server: cloudflare
CF-RAY: 7641d3754942b524-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 03 Nov 2022 04:54:33 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 03 Nov 2022 02:54:33 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7641d3727fccb4ed HTTP/1.1 
Host: bom.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1?__cf_chl_rt_tk=MDXLmsdutL5DFkIyUp4t8JSW_yjwvsUTOWqXp7so0Yw-1667444073-0-gaNycGzNAv0
Connection: keep-alive

search
                                         104.26.7.214
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Thu, 03 Nov 2022 02:54:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BEioQvB6rsiPU3w%2BkIDyL6AMHOfsSJrcIuuWorT%2FtFEO%2B1PxxM7TXPIi2if8FMkZTjw5BTRPNl23XiRNyR2oknFOnX3Z8Z7kTKpHj6HKOvsmn8fFP9wm5Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7641d375694fb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (57050), with no line terminators
Size:   24799
Md5:    9a9c391fc1e3618aebf2b11cb095bc57
Sha1:   f6d835a14a72f2967b21a882916c54ad4c79c6b1
Sha256: aeb39522e719b0efcd0637d8f0890e531c3c0613b4e4dce596ab9dc6ee87f5c2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1 
Host: cloudflare.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.18.132
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 03 Nov 2022 02:54:33 GMT
cf-ray: 7641d375fb99b4eb-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"b90536c97bb07e890f4835e16aa28f70"
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: -O7QxwZYs9aGWPLLMVOFy6CDODSXAWWwvQZAMPk9_3TQpiFNMIAuqg==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (57362)
Size:   132883
Md5:    0f78dae4fbac42a62ef9bd39f2bd86af
Sha1:   286c103c67fe57e4df91595e03f3c14de5f19af3
Sha256: fd8e36a153bc6afbfb2487c4e5f9a42c99bdd6518ab6840de85a4831da743094
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1329
Cache-Control: max-age=106462
Date: Thu, 03 Nov 2022 02:54:34 GMT
Etag: "63622518-1d7"
Expires: Fri, 04 Nov 2022 08:28:56 GMT
Last-Modified: Wed, 02 Nov 2022 08:06:48 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HeffRRtFXyc4D99N4uli4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.149.219.22
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5UyPpzowZ4Lpy7QNpr//WXwcDkU=

                                        
                                            GET /cdn-cgi/challenge-platform/h/g/img/7641d3727fccb4ed/1667444074009/1vontIvLp6nfqfo HTTP/1.1 
Host: bom.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Connection: keep-alive
Cookie: cf_chl_prog=e

search
                                         104.26.7.214
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 03 Nov 2022 02:54:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqQFDtAHT%2By1X6PKWboMAyEIZrWNnKibG9veQ0Gz0FNV1cFHExU9XPtALle2rS%2BGcFWpiuLbi%2FffRBXnUwXHSk41LtFqWTGXgn0HTEqfz%2FMbIOXYx1ymJRk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7641d37b3b8eb524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 88 x 27, 8-bit/color RGB, non-interlaced\012- data
Size:   61
Md5:    4f66697b7fe50a0f9cdd630b89b892a7
Sha1:   7ba615fd4a6821552144a5a9c42a1d76214a13c4
Sha256: df64ae6bc71b80ac01c0f2ceb88d4a0cc59d015b9d74fac817bb4ffc9bddcdd1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.8849094847248512:1667441334:MDb4NBkYTp-6NZJJtvOtWKzfEBLnNKZTgXsQhin4FCc/7641d3727fccb4ed/a167f1523f9c81d HTTP/1.1 
Host: bom.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Content-type: application/x-www-form-urlencoded
CF-Challenge: a167f1523f9c81d
Content-Length: 15350
Origin: http://bom.so
Connection: keep-alive
Cookie: cf_chl_prog=e

search
                                         104.26.7.214
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Thu, 03 Nov 2022 02:54:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: ier0bDcgmyK4wB80M+gurQR+rCstlxk/LaPXdoW2t4o=$CqxWiV7n5q/XgQvNx4sxvg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6ItSTUR36kfzoG9z0qxmpIG%2FO%2BzVt6qgWi27fjCU%2F2H4yZfKxhni3NaP6AS4nBpzPpv00OQry40jSIdfG5bYnVhwxH%2F8Jge0t9p1aEfv244MvOJULV0I78%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7641d37c0bdcb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (5092), with no line terminators
Size:   3838
Md5:    0b91bdbedb669dee12b0c2cf9dafc176
Sha1:   b8e68dd42264b81b85622dfd62f8db64e0cd37cb
Sha256: 9aaaaa08dece5455ad97a21f2a6f20bd3e80bb88eaa09a7ab6b5d4ccc0707251

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "B21F6EA0314FB4ADE20EAA9588FCE167660CC1143BC28CCF87DF8CE1463AC1C7"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3997
Expires: Thu, 03 Nov 2022 04:01:11 GMT
Date: Thu, 03 Nov 2022 02:54:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "B21F6EA0314FB4ADE20EAA9588FCE167660CC1143BC28CCF87DF8CE1463AC1C7"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3997
Expires: Thu, 03 Nov 2022 04:01:11 GMT
Date: Thu, 03 Nov 2022 02:54:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "B21F6EA0314FB4ADE20EAA9588FCE167660CC1143BC28CCF87DF8CE1463AC1C7"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3997
Expires: Thu, 03 Nov 2022 04:01:11 GMT
Date: Thu, 03 Nov 2022 02:54:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12232
Expires: Thu, 03 Nov 2022 06:18:27 GMT
Date: Thu, 03 Nov 2022 02:54:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12232
Expires: Thu, 03 Nov 2022 06:18:27 GMT
Date: Thu, 03 Nov 2022 02:54:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12232
Expires: Thu, 03 Nov 2022 06:18:27 GMT
Date: Thu, 03 Nov 2022 02:54:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12232
Expires: Thu, 03 Nov 2022 06:18:27 GMT
Date: Thu, 03 Nov 2022 02:54:35 GMT
Connection: keep-alive

                                        
                                            GET /i/8f810a5/e HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
Connection: keep-alive
Cookie: __cf_bm=TbipXIN.EUHM6OLeb2Ej0HCeDa1W3MYITLVKXniSSO8-1667444074-0-ARvlzv667hUTqh8wzNZFF/jMl6TzJPEVfN9GKjSax7gLEs70ScLz7IavbesPT7dZbk3ai6KLVvjURN3rVoUiR3Y=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.22.122
HTTP/2 200 OK
content-type: application/octet-stream
                                        
date: Thu, 03 Nov 2022 02:54:35 GMT
content-length: 114206
cf-ray: 7641d3800ec8b503-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 186830
cache-control: max-age=1209600
etag: "2745ad521baac169716b15059fe39a95"
last-modified: Fri, 28 Oct 2022 14:37:00 GMT
strict-transport-security: max-age=0
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3PRSaWbsA0argH6tzdDtJtPBhRL_s_k5A2QbKonpx6K2YPSZUWz1cA==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   114206
Md5:    2745ad521baac169716b15059fe39a95
Sha1:   9b85a2b1de0bfde12c61778a96c1602c07c206d2
Sha256: 7b36a7217d78504b206aefba7712faf37bae871cf72c7740626ab9269e8d4e60
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68776550-80bb-42be-9be2-eb62bcccccc1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11437
x-amzn-requestid: 52f99e39-e3f4-450c-ac61-e613cb1e7a08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a_iCaHvYoAMFRmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6362e3a8-3b8d8f595238263410e90feb;Sampled=0
x-amzn-remapped-date: Wed, 02 Nov 2022 21:39:52 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: aQKU76PrqkATLgKUwqzwHBdRusLwAnx_DmNHvtHOkkM7IzG_lopE3w==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 21:40:08 GMT
etag: "221b2d7a48090242bffda933cfa9f7ff3932d92a"
age: 18867
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11437
Md5:    3fe3ed0509ad6dbbf9e911a1154a3bc0
Sha1:   221b2d7a48090242bffda933cfa9f7ff3932d92a
Sha256: 415b3782419e0157a9a522f98bfc32dd133a374546ab1b57954e2cb37ec6554d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3235a32d-fb0b-4624-8362-0b2d8fead111.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10255
x-amzn-requestid: 5414f7ef-f510-4666-97f4-c8cb042f6877
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: atDhDEstIAMFlAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b7fa0-76cd3cf7260dfe7c66ded970;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 07:07:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M6828PVQNpc14Dg1YQ8nGI8eIkZE7X771ZhWaAx4yrF9tk0UGeDBpg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 21:42:56 GMT
age: 18699
etag: "c8188247edb78ee5f3c469a612b2430bbcd513b6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10255
Md5:    788a6ab1a5391958811453809e08ec74
Sha1:   c8188247edb78ee5f3c469a612b2430bbcd513b6
Sha256: e961a4412a3f73ab7da9db2da06e72528a2abded50a442741687787933e98900
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd29dc073-c468-4a6d-911c-661817b2bf58.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11467
x-amzn-requestid: 39f4af84-a979-496d-b0d9-7c697f7fff66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: azpklFiuIAMFqTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635e22e9-58d417626a967b7625bf83ce;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 07:08:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hhXcKOdiea0HChS_SkQRtLAGXQqGktoWNDQ43L-6YzyAMNODGwbrMA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 08:03:39 GMT
age: 67856
etag: "e91ab27aeb682908cdd1a6203e4e6b57b2256f41"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11467
Md5:    be7fc1a565f4f85af041099ba5b0bdc9
Sha1:   e91ab27aeb682908cdd1a6203e4e6b57b2256f41
Sha256: 97b2ccd84247cdcfe0ab439b12c541a7fec589bf0810e8377d6cd27dd5bdfc38
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 11:00:57 GMT
age: 57218
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10462
Md5:    4e2853cc6ec6223160471401e6871f4b
Sha1:   f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F623cd169-7ed9-42a3-aa0b-e5d3053dad6c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9464
x-amzn-requestid: 63126894-cf2b-4b97-9115-4782d4418e52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a2ZVpFtqoAMFZdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f3c23-766a430e679848b74e1f7d06;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JTGuMhMakZRq-O_UQRPJ4cE5pjk-hu36b1S8miRUpsnwXM9GPLtk2A==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 04:33:38 GMT
age: 80457
etag: "f387ae7704ac36d6a3e20da098cb9f75829d1e0f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9464
Md5:    f22f82690184549a27cacc59906590bd
Sha1:   f387ae7704ac36d6a3e20da098cb9f75829d1e0f
Sha256: a9804db6a2263ed8d70634921ac39079c2a803f180a3347eeb92d7bbede66b67
                                        
                                            GET /captcha/v1/8c089cd/static/hcaptcha.html HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.18.22.122
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 03 Nov 2022 02:54:34 GMT
cf-ray: 7641d37c9d8bb503-OSL
access-control-allow-origin: *
age: 32658
cache-control: max-age=1209600
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3Jb2o-e5IgxAIrvTsTeiYsE_fk6xnOApSgYDPyxltx-z7nx2DQatow==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=y652VJTQU50yH3RValrW5T8s2Y.OBm0OnTl7JK98Dnw-1667444074-0-ARz0O8Od6QzpD3iXnmLRe5YqNOKQC4CN30L7alrvYBdxBlhFYN9VuYZ1sOtTPg0MB4nS4oY7t+KcDQue2O3H4i0=; path=/; expires=Thu, 03-Nov-22 03:24:34 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9891
Md5:    86e19c81795a75e6f76e758fd009601e
Sha1:   7dd16f8446f2de65b774867f968bdc13a7235234
Sha256: 254e68f26c2173e1036ad1110eabf94a64d22e6a92c07bc8f36f91f4c5e4dd71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7a21993-a27e-44d7-9d43-3eb02c27bc81.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5561
x-amzn-requestid: dc04f974-b8e0-4751-b922-2de7d78a1e37
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a_iCZHrEIAMFqWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6362e3a8-469b22133d751f897c7d67cd;Sampled=0
x-amzn-remapped-date: Wed, 02 Nov 2022 21:39:52 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4nMhVb_bLVjO3AfrUFgEyGQhmiFQxtHHmw3QR3YoH2PwWpJfSs_tAA==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 21:40:08 GMT
etag: "89918478062105c58569f96bf183849c27c78929"
age: 18874
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5561
Md5:    79bbed8b76cfcaab0aa9769692ab0817
Sha1:   89918478062105c58569f96bf183849c27c78929
Sha256: 56c32d16b6ce5bdef27e0413ff08ceb82b1fcd1b4fb9ad0fc04679bbd9c3df7b
                                        
                                            GET /captcha/v1/8c089cd/static/hcaptcha.html HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.18.22.122
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 03 Nov 2022 02:54:34 GMT
cf-ray: 7641d37c9d8eb503-OSL
access-control-allow-origin: *
age: 32658
cache-control: max-age=1209600
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3Jb2o-e5IgxAIrvTsTeiYsE_fk6xnOApSgYDPyxltx-z7nx2DQatow==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=HXFx4kh65K3CvYqGYxBZGOrJ_.WxQoW9uZ91B9kf9s4-1667444074-0-ARO37ClGlwDn53Gp9N9FHCorK1exb5Pi9UpFPv4TULaJAI8fhVhKVasnsC52tuaSUcrKCqFw9fZawaYvIDElWI0=; path=/; expires=Thu, 03-Nov-22 03:24:34 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /captcha/v1/8c089cd/hcaptcha.js HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
Cookie: __cf_bm=TbipXIN.EUHM6OLeb2Ej0HCeDa1W3MYITLVKXniSSO8-1667444074-0-ARvlzv667hUTqh8wzNZFF/jMl6TzJPEVfN9GKjSax7gLEs70ScLz7IavbesPT7dZbk3ai6KLVvjURN3rVoUiR3Y=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.22.122
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 03 Nov 2022 02:54:34 GMT
cf-ray: 7641d37cad94b503-OSL
access-control-allow-origin: *
age: 32659
cache-control: max-age=1209600
etag: W/"b90536c97bb07e890f4835e16aa28f70"
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: -O7QxwZYs9aGWPLLMVOFy6CDODSXAWWwvQZAMPk9_3TQpiFNMIAuqg==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /captcha/v1/8c089cd/static/hcaptcha.html HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.18.22.122
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 03 Nov 2022 02:54:34 GMT
cf-ray: 7641d37c9d8fb503-OSL
access-control-allow-origin: *
age: 32658
cache-control: max-age=1209600
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3Jb2o-e5IgxAIrvTsTeiYsE_fk6xnOApSgYDPyxltx-z7nx2DQatow==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=rHKSD1OgDL0iCmPPvGa6DYCfMECkoGTkmyNkxUVi3hc-1667444074-0-AW4zgIBZ4fdWsGFEporlthtp6gYS0fgntLzYh+OqZOEUab9SXIWhOZH4FL9Id0+9ICg6Sx5fCimia49XDYUAhz4=; path=/; expires=Thu, 03-Nov-22 03:24:34 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /captcha/v1/8c089cd/static/hcaptcha.html HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.18.22.122
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 03 Nov 2022 02:54:34 GMT
cf-ray: 7641d37c9d90b503-OSL
access-control-allow-origin: *
age: 32658
cache-control: max-age=1209600
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3Jb2o-e5IgxAIrvTsTeiYsE_fk6xnOApSgYDPyxltx-z7nx2DQatow==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=TbipXIN.EUHM6OLeb2Ej0HCeDa1W3MYITLVKXniSSO8-1667444074-0-ARvlzv667hUTqh8wzNZFF/jMl6TzJPEVfN9GKjSax7gLEs70ScLz7IavbesPT7dZbk3ai6KLVvjURN3rVoUiR3Y=; path=/; expires=Thu, 03-Nov-22 03:24:34 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /checksiteconfig?v=8c089cd&host=bom.so&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1 HTTP/1.1 
Host: cloudflare.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cf-assets.hcaptcha.com
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
TE: trailers

search
                                         104.18.18.132
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 03 Nov 2022 02:54:35 GMT
access-control-allow-origin: https://cf-assets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-chl-bypass: 2
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7641d37e1f24b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /checksiteconfig?v=8c089cd&host=bom.so&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1 HTTP/1.1 
Host: cloudflare.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cf-assets.hcaptcha.com
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
TE: trailers

search
                                         104.18.18.132
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 03 Nov 2022 02:54:35 GMT
access-control-allow-origin: https://cf-assets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-chl-bypass: 2
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7641d37e1f23b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/6f349ce4/hsw.js HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
Cookie: __cf_bm=TbipXIN.EUHM6OLeb2Ej0HCeDa1W3MYITLVKXniSSO8-1667444074-0-ARvlzv667hUTqh8wzNZFF/jMl6TzJPEVfN9GKjSax7gLEs70ScLz7IavbesPT7dZbk3ai6KLVvjURN3rVoUiR3Y=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.22.122
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 03 Nov 2022 02:54:35 GMT
cf-ray: 7641d37e3e20b503-OSL
access-control-allow-origin: *
age: 21486
cache-control: max-age=1209600
etag: W/"0589d4a7f08ca0b99adaf10f09300920"
last-modified: Wed, 02 Nov 2022 15:38:24 GMT
strict-transport-security: max-age=0
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: EzIodO--NBztXj1fIHpNoGpDt2bY9WyuGvoYNyCBMRqeHbTOgd-WWQ==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---