bom.so/x7isy1
403 Forbidden 3.7 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (816)
Hash 091e943e9db2dd4400800a4c04ae5682
495128f829e800c2e5f15329484225c62688f378
7e9544ade46f4930451d881efb4bc9447e681acd406309bfa2f123a509bdfdd2
Analyzer Verdict Alert quad9 Sinkholed
GET /x7isy1 HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Thu, 03 Nov 2022 02:54:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ix1%2BZoQq8CmFCJ7hHF3Djd0nez%2Bffj5KAidk1Pmx9q7cXw%2BeO5hosvSxFZQp9ld6RbTyNnpOjSXccYbHokmwcVOY8k8RLmEWQrvoZl%2FmEhFGaTWkG3OO%2Bwg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7641d3727fccb4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 59be8dfdd6f4ab82f394d3d5b927e065
dc8e8f1bbae495f84322e5efd0c42a39ef5be56c
7f251408f64b28bebfe96f3db5c3dde3d5ad5febbaf2964b3516c114eaa51f4d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F251408F64B28BEBFE96F3DB5C3DDE3D5AD5FEBBAF2964B3516C114EAA51F4D"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7449
Expires: Thu, 03 Nov 2022 04:58:42 GMT
Date: Thu, 03 Nov 2022 02:54:33 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 5f57d2cc1ab8bbee50dff2b2be18b9db
2c8acd2018995b9bbed8f4dbfa33c8044b293080
a25e2337dad42018caefae70e0e596a4006aa9c1fe6af7f29c93a21fda1554b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5144
Cache-Control: max-age=115336
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 02:54:33 GMT
Etag: "636238d9-1d7"
Expires: Fri, 04 Nov 2022 10:56:49 GMT
Last-Modified: Wed, 02 Nov 2022 09:31:05 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 5f57d2cc1ab8bbee50dff2b2be18b9db
2c8acd2018995b9bbed8f4dbfa33c8044b293080
a25e2337dad42018caefae70e0e596a4006aa9c1fe6af7f29c93a21fda1554b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2469
Cache-Control: max-age=112661
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 02:54:33 GMT
Etag: "636238d9-1d7"
Expires: Fri, 04 Nov 2022 10:12:14 GMT
Last-Modified: Wed, 02 Nov 2022 09:31:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43ea74d83493710eb8b64a74046ff569
74dee6d9e8b796d34f2788a472b90b3f7fc79ecd
f62eff2ad4d64d785a48e2761d7f2bda9171f1e60b0e9dc525d8f589f9ef7c60
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F62EFF2AD4D64D785A48E2761D7F2BDA9171F1E60B0E9DC525D8F589F9EF7C60"
Last-Modified: Tue, 01 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2225
Expires: Thu, 03 Nov 2022 03:31:38 GMT
Date: Thu, 03 Nov 2022 02:54:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: n41xIlP90nuqKtDX2ERHDgGsxjp1yfyhgLkzX/zJJUmPky6y68Nr7V0G+1HYLrj26ZW3c18fs7xcUFav9l1GNQ==
x-amz-request-id: 7P5GJJJXTVKNT9CG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 03 Nov 2022 02:08:59 GMT
age: 2734
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
bom.so/cdn-cgi/styles/challenges.css
200 OK 2.6 kB URL HTTP/1.1 bom.so/cdn-cgi/styles/challenges.css
IP
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 03 Nov 2022 02:54:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 14:03:59 GMT
ETag: W/"635be14f-1896"
Server: cloudflare
CF-RAY: 7641d374b8f8b524-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 03 Nov 2022 04:54:33 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
bom.so/favicon.ico
403 Forbidden 3.7 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (792)
Hash 3f1c45c4c4599b1ca862efd8d0e6bae7
70bef80f45e7b8456e6a3bc00ff18b75352daf05
107e6a047a4b9078f2d02f17d12b7f12c288846ef12c16b9f07b3da854dff912
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Thu, 03 Nov 2022 02:54:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5EEnSzN1%2Fn2eaclej0h9PenZ5KHpiYLgzXtEqrOh7Vk191gahOkUDYFbsvc5tcKNFF0%2BYdfrPAMTEALE8WfZWx0PYGzqgw%2BIZMaa%2B%2B1Lo%2B98W13jQI3MnY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7641d374cc41fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
bom.so/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7641d3727fccb4ed
200 OK 42 B URL HTTP/1.1 bom.so/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7641d3727fccb4ed
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7641d3727fccb4ed HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 03 Nov 2022 02:54:33 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 14:03:59 GMT
ETag: "635be14f-2a"
Server: cloudflare
CF-RAY: 7641d3754942b524-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Thu, 03 Nov 2022 04:54:33 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 03 Nov 2022 02:54:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bom.so/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7641d3727fccb4ed
200 OK 25 kB URL HTTP/1.1 bom.so/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7641d3727fccb4ed
IP
File type ASCII text, with very long lines (57050), with no line terminators
Hash 9a9c391fc1e3618aebf2b11cb095bc57
f6d835a14a72f2967b21a882916c54ad4c79c6b1
aeb39522e719b0efcd0637d8f0890e531c3c0613b4e4dce596ab9dc6ee87f5c2
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7641d3727fccb4ed HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1?__cf_chl_rt_tk=MDXLmsdutL5DFkIyUp4t8JSW_yjwvsUTOWqXp7so0Yw-1667444073-0-gaNycGzNAv0
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 03 Nov 2022 02:54:33 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BEioQvB6rsiPU3w%2BkIDyL6AMHOfsSJrcIuuWorT%2FtFEO%2B1PxxM7TXPIi2if8FMkZTjw5BTRPNl23XiRNyR2oknFOnX3Z8Z7kTKpHj6HKOvsmn8fFP9wm5Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7641d375694fb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
200 OK 133 kB URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP
File type Unicode text, UTF-8 text, with very long lines (57362)
Size 133 kB (132883 bytes)
Hash 0f78dae4fbac42a62ef9bd39f2bd86af
286c103c67fe57e4df91595e03f3c14de5f19af3
fd8e36a153bc6afbfb2487c4e5f9a42c99bdd6518ab6840de85a4831da743094
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:33 GMT
content-type: application/javascript
cf-ray: 7641d375fb99b4eb-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"b90536c97bb07e890f4835e16aa28f70"
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: -O7QxwZYs9aGWPLLMVOFy6CDODSXAWWwvQZAMPk9_3TQpiFNMIAuqg==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fd65439b27a0101cd831309f178fbb45
4daa9343dda0f37ba734e2b5500caf2728cf89db
37e6d155f598b5154e3ce96105c39798716b5d35e12a98b9aec172c160de5f6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1329
Cache-Control: max-age=106462
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 02:54:34 GMT
Etag: "63622518-1d7"
Expires: Fri, 04 Nov 2022 08:28:56 GMT
Last-Modified: Wed, 02 Nov 2022 08:06:48 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HeffRRtFXyc4D99N4uli4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5UyPpzowZ4Lpy7QNpr//WXwcDkU=
bom.so/cdn-cgi/challenge-platform/h/g/img/7641d3727fccb4ed/1667444074009/1vontIvLp6nfqfo
200 OK 61 B URL HTTP/1.1 bom.so/cdn-cgi/challenge-platform/h/g/img/7641d3727fccb4ed/1667444074009/1vontIvLp6nfqfo
IP
File type PNG image data, 88 x 27, 8-bit/color RGB, non-interlaced\012- data
Hash 4f66697b7fe50a0f9cdd630b89b892a7
7ba615fd4a6821552144a5a9c42a1d76214a13c4
df64ae6bc71b80ac01c0f2ceb88d4a0cc59d015b9d74fac817bb4ffc9bddcdd1
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/challenge-platform/h/g/img/7641d3727fccb4ed/1667444074009/1vontIvLp6nfqfo HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Connection: keep-alive
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Thu, 03 Nov 2022 02:54:34 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqQFDtAHT%2By1X6PKWboMAyEIZrWNnKibG9veQ0Gz0FNV1cFHExU9XPtALle2rS%2BGcFWpiuLbi%2FffRBXnUwXHSk41LtFqWTGXgn0HTEqfz%2FMbIOXYx1ymJRk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7641d37b3b8eb524-OSL
alt-svc: h2=":443"; ma=60
bom.so/cdn-cgi/challenge-platform/h/g/flow/ov1/0.8849094847248512:1667441334:MDb4NBkYTp-6NZJJtvOtWKzfEBLnNKZTgXsQhin4FCc/7641d3727fccb4ed/a167f1523f9c81d
200 OK 3.8 kB URL HTTP/1.1 bom.so/cdn-cgi/challenge-platform/h/g/flow/ov1/0.8849094847248512:1667441334:MDb4NBkYTp-6NZJJtvOtWKzfEBLnNKZTgXsQhin4FCc/7641d3727fccb4ed/a167f1523f9c81d
IP
File type ASCII text, with very long lines (5092), with no line terminators
Hash 0b91bdbedb669dee12b0c2cf9dafc176
b8e68dd42264b81b85622dfd62f8db64e0cd37cb
9aaaaa08dece5455ad97a21f2a6f20bd3e80bb88eaa09a7ab6b5d4ccc0707251
Analyzer Verdict Alert quad9 Sinkholed
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.8849094847248512:1667441334:MDb4NBkYTp-6NZJJtvOtWKzfEBLnNKZTgXsQhin4FCc/7641d3727fccb4ed/a167f1523f9c81d HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/x7isy1
Content-type: application/x-www-form-urlencoded
CF-Challenge: a167f1523f9c81d
Content-Length: 15350
Origin: http://bom.so
Connection: keep-alive
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Thu, 03 Nov 2022 02:54:34 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: ier0bDcgmyK4wB80M+gurQR+rCstlxk/LaPXdoW2t4o=$CqxWiV7n5q/XgQvNx4sxvg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6ItSTUR36kfzoG9z0qxmpIG%2FO%2BzVt6qgWi27fjCU%2F2H4yZfKxhni3NaP6AS4nBpzPpv00OQry40jSIdfG5bYnVhwxH%2F8Jge0t9p1aEfv244MvOJULV0I78%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7641d37c0bdcb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash dab408107427df72b68226190b8904e2
a64b61981f7ce62d857c86a48837e640dfb36145
b21f6ea0314fb4ade20eaa9588fce167660cc1143bc28ccf87df8ce1463ac1c7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B21F6EA0314FB4ADE20EAA9588FCE167660CC1143BC28CCF87DF8CE1463AC1C7"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3997
Expires: Thu, 03 Nov 2022 04:01:11 GMT
Date: Thu, 03 Nov 2022 02:54:34 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash dab408107427df72b68226190b8904e2
a64b61981f7ce62d857c86a48837e640dfb36145
b21f6ea0314fb4ade20eaa9588fce167660cc1143bc28ccf87df8ce1463ac1c7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B21F6EA0314FB4ADE20EAA9588FCE167660CC1143BC28CCF87DF8CE1463AC1C7"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3997
Expires: Thu, 03 Nov 2022 04:01:11 GMT
Date: Thu, 03 Nov 2022 02:54:34 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash dab408107427df72b68226190b8904e2
a64b61981f7ce62d857c86a48837e640dfb36145
b21f6ea0314fb4ade20eaa9588fce167660cc1143bc28ccf87df8ce1463ac1c7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B21F6EA0314FB4ADE20EAA9588FCE167660CC1143BC28CCF87DF8CE1463AC1C7"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3997
Expires: Thu, 03 Nov 2022 04:01:11 GMT
Date: Thu, 03 Nov 2022 02:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c18aead96956fc8de41d067a99071c73
29b784835d23ec09a11f91dda1f3ac9f9550c129
106617c550459147e0e38e15d84305ed944cbc259b78291ad0c9fc01083c182d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12232
Expires: Thu, 03 Nov 2022 06:18:27 GMT
Date: Thu, 03 Nov 2022 02:54:35 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c18aead96956fc8de41d067a99071c73
29b784835d23ec09a11f91dda1f3ac9f9550c129
106617c550459147e0e38e15d84305ed944cbc259b78291ad0c9fc01083c182d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12232
Expires: Thu, 03 Nov 2022 06:18:27 GMT
Date: Thu, 03 Nov 2022 02:54:35 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c18aead96956fc8de41d067a99071c73
29b784835d23ec09a11f91dda1f3ac9f9550c129
106617c550459147e0e38e15d84305ed944cbc259b78291ad0c9fc01083c182d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12232
Expires: Thu, 03 Nov 2022 06:18:27 GMT
Date: Thu, 03 Nov 2022 02:54:35 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c18aead96956fc8de41d067a99071c73
29b784835d23ec09a11f91dda1f3ac9f9550c129
106617c550459147e0e38e15d84305ed944cbc259b78291ad0c9fc01083c182d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12232
Expires: Thu, 03 Nov 2022 06:18:27 GMT
Date: Thu, 03 Nov 2022 02:54:35 GMT
Connection: keep-alive
cf-assets.hcaptcha.com/i/8f810a5/e
200 OK 114 kB URL HTTP/2 cf-assets.hcaptcha.com/i/8f810a5/e
IP
Size 114 kB (114206 bytes)
Hash 2745ad521baac169716b15059fe39a95
9b85a2b1de0bfde12c61778a96c1602c07c206d2
7b36a7217d78504b206aefba7712faf37bae871cf72c7740626ab9269e8d4e60
GET /i/8f810a5/e HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
Connection: keep-alive
Cookie: __cf_bm=TbipXIN.EUHM6OLeb2Ej0HCeDa1W3MYITLVKXniSSO8-1667444074-0-ARvlzv667hUTqh8wzNZFF/jMl6TzJPEVfN9GKjSax7gLEs70ScLz7IavbesPT7dZbk3ai6KLVvjURN3rVoUiR3Y=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:35 GMT
content-type: application/octet-stream
content-length: 114206
cf-ray: 7641d3800ec8b503-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 186830
cache-control: max-age=1209600
etag: "2745ad521baac169716b15059fe39a95"
last-modified: Fri, 28 Oct 2022 14:37:00 GMT
strict-transport-security: max-age=0
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3PRSaWbsA0argH6tzdDtJtPBhRL_s_k5A2QbKonpx6K2YPSZUWz1cA==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68776550-80bb-42be-9be2-eb62bcccccc1.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68776550-80bb-42be-9be2-eb62bcccccc1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fe3ed0509ad6dbbf9e911a1154a3bc0
221b2d7a48090242bffda933cfa9f7ff3932d92a
415b3782419e0157a9a522f98bfc32dd133a374546ab1b57954e2cb37ec6554d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68776550-80bb-42be-9be2-eb62bcccccc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11437
x-amzn-requestid: 52f99e39-e3f4-450c-ac61-e613cb1e7a08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a_iCaHvYoAMFRmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6362e3a8-3b8d8f595238263410e90feb;Sampled=0
x-amzn-remapped-date: Wed, 02 Nov 2022 21:39:52 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: aQKU76PrqkATLgKUwqzwHBdRusLwAnx_DmNHvtHOkkM7IzG_lopE3w==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 21:40:08 GMT
etag: "221b2d7a48090242bffda933cfa9f7ff3932d92a"
content-type: image/jpeg
age: 18867
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3235a32d-fb0b-4624-8362-0b2d8fead111.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3235a32d-fb0b-4624-8362-0b2d8fead111.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 788a6ab1a5391958811453809e08ec74
c8188247edb78ee5f3c469a612b2430bbcd513b6
e961a4412a3f73ab7da9db2da06e72528a2abded50a442741687787933e98900
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3235a32d-fb0b-4624-8362-0b2d8fead111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10255
x-amzn-requestid: 5414f7ef-f510-4666-97f4-c8cb042f6877
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: atDhDEstIAMFlAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b7fa0-76cd3cf7260dfe7c66ded970;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 07:07:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M6828PVQNpc14Dg1YQ8nGI8eIkZE7X771ZhWaAx4yrF9tk0UGeDBpg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 21:42:56 GMT
age: 18699
etag: "c8188247edb78ee5f3c469a612b2430bbcd513b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd29dc073-c468-4a6d-911c-661817b2bf58.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd29dc073-c468-4a6d-911c-661817b2bf58.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be7fc1a565f4f85af041099ba5b0bdc9
e91ab27aeb682908cdd1a6203e4e6b57b2256f41
97b2ccd84247cdcfe0ab439b12c541a7fec589bf0810e8377d6cd27dd5bdfc38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd29dc073-c468-4a6d-911c-661817b2bf58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11467
x-amzn-requestid: 39f4af84-a979-496d-b0d9-7c697f7fff66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: azpklFiuIAMFqTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635e22e9-58d417626a967b7625bf83ce;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 07:08:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hhXcKOdiea0HChS_SkQRtLAGXQqGktoWNDQ43L-6YzyAMNODGwbrMA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 08:03:39 GMT
age: 67856
etag: "e91ab27aeb682908cdd1a6203e4e6b57b2256f41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 11:00:57 GMT
age: 57218
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F623cd169-7ed9-42a3-aa0b-e5d3053dad6c.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F623cd169-7ed9-42a3-aa0b-e5d3053dad6c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f22f82690184549a27cacc59906590bd
f387ae7704ac36d6a3e20da098cb9f75829d1e0f
a9804db6a2263ed8d70634921ac39079c2a803f180a3347eeb92d7bbede66b67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F623cd169-7ed9-42a3-aa0b-e5d3053dad6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9464
x-amzn-requestid: 63126894-cf2b-4b97-9115-4782d4418e52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a2ZVpFtqoAMFZdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f3c23-766a430e679848b74e1f7d06;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JTGuMhMakZRq-O_UQRPJ4cE5pjk-hu36b1S8miRUpsnwXM9GPLtk2A==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 04:33:38 GMT
age: 80457
etag: "f387ae7704ac36d6a3e20da098cb9f75829d1e0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
200 OK 9.9 kB URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
IP
Hash 86e19c81795a75e6f76e758fd009601e
7dd16f8446f2de65b774867f968bdc13a7235234
254e68f26c2173e1036ad1110eabf94a64d22e6a92c07bc8f36f91f4c5e4dd71
GET /captcha/v1/8c089cd/static/hcaptcha.html HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:34 GMT
content-type: text/html
cf-ray: 7641d37c9d8bb503-OSL
access-control-allow-origin: *
age: 32658
cache-control: max-age=1209600
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3Jb2o-e5IgxAIrvTsTeiYsE_fk6xnOApSgYDPyxltx-z7nx2DQatow==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=y652VJTQU50yH3RValrW5T8s2Y.OBm0OnTl7JK98Dnw-1667444074-0-ARz0O8Od6QzpD3iXnmLRe5YqNOKQC4CN30L7alrvYBdxBlhFYN9VuYZ1sOtTPg0MB4nS4oY7t+KcDQue2O3H4i0=; path=/; expires=Thu, 03-Nov-22 03:24:34 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7a21993-a27e-44d7-9d43-3eb02c27bc81.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7a21993-a27e-44d7-9d43-3eb02c27bc81.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79bbed8b76cfcaab0aa9769692ab0817
89918478062105c58569f96bf183849c27c78929
56c32d16b6ce5bdef27e0413ff08ceb82b1fcd1b4fb9ad0fc04679bbd9c3df7b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7a21993-a27e-44d7-9d43-3eb02c27bc81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: dc04f974-b8e0-4751-b922-2de7d78a1e37
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a_iCZHrEIAMFqWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6362e3a8-469b22133d751f897c7d67cd;Sampled=0
x-amzn-remapped-date: Wed, 02 Nov 2022 21:39:52 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4nMhVb_bLVjO3AfrUFgEyGQhmiFQxtHHmw3QR3YoH2PwWpJfSs_tAA==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 21:40:08 GMT
etag: "89918478062105c58569f96bf183849c27c78929"
content-type: image/jpeg
age: 18874
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
IP
GET /captcha/v1/8c089cd/static/hcaptcha.html HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:34 GMT
content-type: text/html
cf-ray: 7641d37c9d8eb503-OSL
access-control-allow-origin: *
age: 32658
cache-control: max-age=1209600
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3Jb2o-e5IgxAIrvTsTeiYsE_fk6xnOApSgYDPyxltx-z7nx2DQatow==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=HXFx4kh65K3CvYqGYxBZGOrJ_.WxQoW9uZ91B9kf9s4-1667444074-0-ARO37ClGlwDn53Gp9N9FHCorK1exb5Pi9UpFPv4TULaJAI8fhVhKVasnsC52tuaSUcrKCqFw9fZawaYvIDElWI0=; path=/; expires=Thu, 03-Nov-22 03:24:34 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/8c089cd/hcaptcha.js
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/8c089cd/hcaptcha.js
IP
GET /captcha/v1/8c089cd/hcaptcha.js HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
Cookie: __cf_bm=TbipXIN.EUHM6OLeb2Ej0HCeDa1W3MYITLVKXniSSO8-1667444074-0-ARvlzv667hUTqh8wzNZFF/jMl6TzJPEVfN9GKjSax7gLEs70ScLz7IavbesPT7dZbk3ai6KLVvjURN3rVoUiR3Y=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:34 GMT
content-type: application/javascript
cf-ray: 7641d37cad94b503-OSL
access-control-allow-origin: *
age: 32659
cache-control: max-age=1209600
etag: W/"b90536c97bb07e890f4835e16aa28f70"
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: -O7QxwZYs9aGWPLLMVOFy6CDODSXAWWwvQZAMPk9_3TQpiFNMIAuqg==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
IP
GET /captcha/v1/8c089cd/static/hcaptcha.html HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:34 GMT
content-type: text/html
cf-ray: 7641d37c9d8fb503-OSL
access-control-allow-origin: *
age: 32658
cache-control: max-age=1209600
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3Jb2o-e5IgxAIrvTsTeiYsE_fk6xnOApSgYDPyxltx-z7nx2DQatow==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=rHKSD1OgDL0iCmPPvGa6DYCfMECkoGTkmyNkxUVi3hc-1667444074-0-AW4zgIBZ4fdWsGFEporlthtp6gYS0fgntLzYh+OqZOEUab9SXIWhOZH4FL9Id0+9ICg6Sx5fCimia49XDYUAhz4=; path=/; expires=Thu, 03-Nov-22 03:24:34 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
IP
GET /captcha/v1/8c089cd/static/hcaptcha.html HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:34 GMT
content-type: text/html
cf-ray: 7641d37c9d90b503-OSL
access-control-allow-origin: *
age: 32658
cache-control: max-age=1209600
last-modified: Wed, 02 Nov 2022 12:12:10 GMT
strict-transport-security: max-age=0
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 3Jb2o-e5IgxAIrvTsTeiYsE_fk6xnOApSgYDPyxltx-z7nx2DQatow==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=TbipXIN.EUHM6OLeb2Ej0HCeDa1W3MYITLVKXniSSO8-1667444074-0-ARvlzv667hUTqh8wzNZFF/jMl6TzJPEVfN9GKjSax7gLEs70ScLz7IavbesPT7dZbk3ai6KLVvjURN3rVoUiR3Y=; path=/; expires=Thu, 03-Nov-22 03:24:34 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/checksiteconfig?v=8c089cd&host=bom.so&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/checksiteconfig?v=8c089cd&host=bom.so&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
IP
POST /checksiteconfig?v=8c089cd&host=bom.so&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1 HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cf-assets.hcaptcha.com
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:35 GMT
content-type: application/json
access-control-allow-origin: https://cf-assets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-chl-bypass: 2
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7641d37e1f24b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/checksiteconfig?v=8c089cd&host=bom.so&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/checksiteconfig?v=8c089cd&host=bom.so&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
IP
POST /checksiteconfig?v=8c089cd&host=bom.so&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1 HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cf-assets.hcaptcha.com
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:35 GMT
content-type: application/json
access-control-allow-origin: https://cf-assets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-chl-bypass: 2
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7641d37e1f23b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/c/6f349ce4/hsw.js
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/c/6f349ce4/hsw.js
IP
GET /c/6f349ce4/hsw.js HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/captcha/v1/8c089cd/static/hcaptcha.html
Cookie: __cf_bm=TbipXIN.EUHM6OLeb2Ej0HCeDa1W3MYITLVKXniSSO8-1667444074-0-ARvlzv667hUTqh8wzNZFF/jMl6TzJPEVfN9GKjSax7gLEs70ScLz7IavbesPT7dZbk3ai6KLVvjURN3rVoUiR3Y=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 03 Nov 2022 02:54:35 GMT
content-type: application/javascript
cf-ray: 7641d37e3e20b503-OSL
access-control-allow-origin: *
age: 21486
cache-control: max-age=1209600
etag: W/"0589d4a7f08ca0b99adaf10f09300920"
last-modified: Wed, 02 Nov 2022 15:38:24 GMT
strict-transport-security: max-age=0
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: EzIodO--NBztXj1fIHpNoGpDt2bY9WyuGvoYNyCBMRqeHbTOgd-WWQ==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
104.26.7.214
93.184.220.29
23.36.76.226
104.18.18.132