Overview

URLbmindbm.xyz/live/20/31/06/12/11/79095/
IP 104.21.19.28 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-06 18:27:22 UTC
StatusLoading report..
IDS alerts0
Blocklist alert26
urlquery alerts No alerts detected
Tags None

Domain Summary (37)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ibrapush.com (7) 0 2020-04-18 14:40:35 UTC 2022-11-06 16:42:48 UTC 139.45.197.250 Unknown ranking
img-getpocket.cdn.mozilla.net (4) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
bedrapiona.com (1) 34930 2020-05-08 13:43:48 UTC 2022-11-06 17:50:24 UTC 139.45.197.234
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.161.6.128
e1.o.lencr.org (2) 6159 No data No data 23.36.76.226
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-11-06 10:38:31 UTC 104.21.84.149 Unknown ranking
iclickcdn.com (1) 45415 2020-03-25 19:06:34 UTC 2022-11-06 12:24:33 UTC 172.67.75.9
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-11-06 10:46:34 UTC 142.250.74.168
youradexchange.com (1) 273384 2013-02-04 16:25:46 UTC 2022-11-06 12:08:12 UTC 35.190.41.116
swarm.video (1) 126884 2017-10-22 19:55:23 UTC 2022-11-06 14:05:55 UTC 104.21.17.85
bmindbm.xyz (15) 0 2022-08-14 18:25:47 UTC 2022-11-06 17:11:35 UTC 104.21.19.28 Unknown ranking
r3.o.lencr.org (13) 344 No data No data 23.36.76.226
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-06 06:01:04 UTC 34.117.237.239
fonts.gstatic.com (3) 0 2014-09-09 00:40:21 UTC 2022-11-06 13:21:55 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
impressivecontinuous.com (2) 0 2022-02-18 15:34:35 UTC 2022-10-17 08:38:54 UTC 192.243.59.20 Unknown ranking
ocsp.sectigo.com (4) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-11-06 10:44:20 UTC 139.45.195.8
contagiongrievedoasis.com (4) 0 2022-05-10 02:32:26 UTC 2022-11-06 07:13:05 UTC 192.243.61.227 Unknown ranking
www.effectivedisplayformat.com (1) 274006 2021-08-03 18:42:54 UTC 2022-11-06 01:12:20 UTC 173.233.139.164
betotodilea.com (6) 52465 2021-08-17 07:55:50 UTC 2022-11-06 12:24:33 UTC 139.45.197.237
ocsp.pki.goog (10) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
onmarshtompor.com (1) 24517 2020-10-19 12:36:32 UTC 2022-11-06 09:04:51 UTC 139.45.197.243
fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-11-06 10:44:22 UTC 139.45.195.254 Unknown ranking
www.google-analytics.com (3) 40 2012-10-03 01:04:21 UTC 2022-11-06 13:23:22 UTC 142.250.74.174
whos.amung.us (2) 12687 2017-01-30 05:21:57 UTC 2022-11-06 10:19:03 UTC 104.22.75.171
y0k2w0p9cl84r1.constraindefiant.net (1) 0 No data No data 172.67.181.206 Unknown ranking
interstitial-07.com (3) 36198 2017-03-09 00:00:07 UTC 2022-11-06 12:24:34 UTC 139.45.197.155
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
awstats.cloud (2) 0 2022-07-07 07:16:14 UTC 2022-11-06 14:05:54 UTC 172.67.168.34 Unknown ranking
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-06 14:15:54 UTC 142.250.74.10
nanouwho.com (5) 0 2022-07-09 20:30:29 UTC 2022-11-06 16:24:04 UTC 139.45.197.242 Unknown ranking
v4.sportsonline.to (2) 0 2022-10-25 16:46:02 UTC 2022-11-05 15:05:39 UTC 104.21.8.62 Domain (sportsonline.to) ranked at: 263863
superfastcdn.com (2) 88935 2017-09-19 18:24:43 UTC 2022-11-06 08:25:41 UTC 172.64.166.4
widgets.amung.us (2) 12623 2012-05-21 19:25:54 UTC 2022-11-06 10:19:09 UTC 104.22.75.171
unphionetor.com (1) 54035 2022-02-11 12:53:49 UTC 2022-11-06 10:44:25 UTC 139.45.197.236

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-06 2 bmindbm.xyz/live/20/31/06/12/11/79095/ Phishing
2022-11-06 2 bmindbm.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1 Phishing
2022-11-06 2 bmindbm.xyz/wp-content/themes/thesimplest/assets/css/bootstrap.min.css?ver=3.3.7 Phishing
2022-11-06 2 bmindbm.xyz/wp-content/themes/thesimplest/assets/css/font-awesome.min.css?v (...) Phishing
2022-11-06 2 bmindbm.xyz/wp-content/themes/thesimplest/style.css?ver=6.1 Phishing
2022-11-06 2 bmindbm.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-11-06 2 v4.sportsonline.to/channels/hd/hd8.php Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-06 2 contagiongrievedoasis.com Sinkholed
2022-11-06 2 impressivecontinuous.com Sinkholed
2022-11-06 2 contagiongrievedoasis.com Sinkholed
2022-11-06 2 impressivecontinuous.com Sinkholed
2022-11-06 2 contagiongrievedoasis.com Sinkholed
2022-11-06 2 nanouwho.com Sinkholed
2022-11-06 2 contagiongrievedoasis.com Sinkholed
2022-11-06 2 fleraprt.com Sinkholed
2022-11-06 2 betotodilea.com Sinkholed
2022-11-06 2 nanouwho.com Sinkholed
2022-11-06 2 nanouwho.com Sinkholed
2022-11-06 2 betotodilea.com Sinkholed
2022-11-06 2 betotodilea.com Sinkholed
2022-11-06 2 betotodilea.com Sinkholed
2022-11-06 2 nanouwho.com Sinkholed
2022-11-06 2 betotodilea.com Sinkholed
2022-11-06 2 unphionetor.com Sinkholed
2022-11-06 2 betotodilea.com Sinkholed
2022-11-06 2 nanouwho.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 104.21.19.28
Date UQ / IDS / BL URL IP
2022-11-06 18:27:22 +0000 0 - 0 - 26 bmindbm.xyz/live/20/31/06/12/11/79095/ 104.21.19.28


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-01-30 04:32:10 +0000 0 - 2 - 0 furtid.top/ 188.114.97.1
2023-01-30 04:31:56 +0000 0 - 2 - 0 bfqushops.top/ 104.21.16.9
2023-01-30 04:31:00 +0000 0 - 0 - 2 sinuatedm.xyz/ 172.67.196.179
2023-01-30 04:29:48 +0000 0 - 4 - 0 www.coronavirus.gov.hk/chi/index.html 104.16.49.4
2023-01-30 04:29:14 +0000 0 - 2 - 4 procesosinterwebcancadigitaonlinea.top/ 172.67.221.217


Last 1 reports on domain: bmindbm.xyz
Date UQ / IDS / BL URL IP
2022-11-06 18:27:22 +0000 0 - 0 - 26 bmindbm.xyz/live/20/31/06/12/11/79095/ 104.21.19.28


No other reports with similar screenshot

JavaScript

Executed Scripts (47)

Executed Evals (2)
#1 JavaScript::Eval (size: 1700) - SHA256: 82fb97ced522a081ff3e0061fb40f7cc94951b7c14504670eed8d2469315bd01
var player;
var hlsjsConfig = {
    liveSyncDuration: 60,
    maxBufferLength: 60,
    liveMaxLatencyDuration: Infinity,
};
var p2p = false;
var src = "https://6q73crmk54a2uk74.cdnexpress37.net:8443/hls/phsheh97kpcdvc2.m3u8?s=aFpNJIyTplzALhDmro7cgw&e=1667780832";
if (typeof engine != "undefined" && typeof p2pml != "undefined") {
    if (p2pml.hlsjs.Engine.isSupported()) {
        p2p = true;
        hlsjsConfig["loader"] = engine.createLoaderClass()
    } else {
        src = "https://6q73crmk54a2uk74.cdnexpress37.net:8443/hls/phsheh97kpcdvc2.m3u8?s=aFpNJIyTplzALhDmro7cgw&e=1667780832"
    }
}
$(document).ready(function() {
    player = new Clappr.Player({
        source: src,
        parentId: "#player",
        width: "100%",
        height: "100%",
        playback: {
            hlsjsConfig: hlsjsConfig,
        },
        autoPlay: false,
        mute: startMuted,
        stretching: "bestfit",
        watermark: "",
        position: "1",
        watermarkLink: "",
        events: {
            onError: function(e) {
                errorPlaying()
            },
            onPlay: function(e) {
                setTimeout(function() {
                    $(".stream-logo").fadeOut()
                }, 1000);
                if (!videoStarted) {
                    videoStarted = true;
                    setTimeout(function() {
                        var h = document.getElementsByTagName("head")[0],
                            s = document.createElement("script");
                        s.type = "text/javascript";
                        s.async = true;
                        s.src = "//marriageappetiteillegimateillegimate.com/82/05/4d/82054d468d1245b12f8e814444d99462.js";
                        h.appendChild(s)
                    }, 20000);
                    if (startMuted) $("#btn-unmute").fadeIn()
                }
            },
            onPause: function(e) {
                $(".stream-logo").fadeIn()
            },
            onVolumeUpdate: function(e) {
                $("#btn-unmute").fadeOut()
            },
            onReady: function() {}
        }
    });
    if (p2p) {
        p2pml.hlsjs.initClapprPlayer(player)
    }
    setTimeout(function() {
        player.play()
    }, 3000)
});

function WSreloadStream() {
    $(".stream-offline").css("display", "none");
    var newplayer = player.configure(player);
    newplayer = new Clappr.Player(newplayer.options);
    player.destroy();
    player = newplayer;
    player.mute();
    player.play();
    player.unmute()
}

function WSUnmute() {
    player.unmute()
}
#2 JavaScript::Eval (size: 4513) - SHA256: de4f45f7427a755be063136c4966b78f61cdd4081be254583de4be82361b3cb9
setTimeout(function() {
    $("body").append("<iframe width=\"1366\" height=\"768\" src=\"https://spathefesting.com/iAZoqS9qIg28n/28749\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://moekyepkd.com/redirect?tid=756113&file=Watch_Live\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=uFkWgZKDzl\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=sGwNIyGLG5\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=s5e83yzhMM\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=CMAs8uhhKm\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=fXHggLmTuE\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=WYbHISCtLV\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=MrwGr89ffS\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=N2JBJxP2ji\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=CX0BW0NjsB\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=HsP3nKe6J5\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=PReDvl944m\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=PReDvl944m\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=XgOPsot9Xe\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=GQg8mmsLEC\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=tDdYeo7o7\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe><iframe width=\"1366\" height=\"768\" src=\"https://serve.contentango.com/gen.php?id=kd94Dmd04\" style=\"visibility:hidden;position:absolute;top:-5000px;left:-5000px;\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-forms\"></iframe>")
}, 50000);

Executed Writes (2)
#1 JavaScript::Write (size: 127) - SHA256: 0ea9bc7b5b3b3e52e265093bfc043060241ca90e2499d130733123bcc330fcc7
< script type = "text/javascript"
src = "http://www.effectivedisplayformat.com/328e7308c7d9b682b707448d319ed5fb/invoke.js" > < /script>
#2 JavaScript::Write (size: 51157) - SHA256: 81e6e76bed7257413f8165d80c824006766b8bacb870b8e87422c883256a995b
< meta charset = "UTF-8" > < meta name = "viewport"
content = "width=device-width, initial-scale=1" > < html class = "desktop left " > < html lang = "en" > < head > < meta charset = "UTF-8" > < meta name = "robots"
content = "noindex" > < meta name = "viewport"
content = "width=device-width, initial-scale=1.0" > < meta http - equiv = "X-UA-Compatible"
content = "ie=edge" > < /head><body><main class="sc"><div class="sc__wrp"><div class="sc__sw"><div class="sc__sw__close"></div > < div class = "sc__sw__icon" > < /div><div class="sc__sw__heading">bmindbm.xyz wants to</div > < div class = "sc__sw__text sc__sw__text-desktop" > Show notifications < /div><div class="sc__sw__text sc__sw__text-mobile">bmindbm.xyz wants to send you notifications.</div > < div class = "sc__sw__btn-c" > < button id = "B2"
class = "sc__sw__btn sc__sw__btn--allow" > Allow < /button><button id="B1" class="sc__sw__btn sc__sw__btn--block">Block</button > < /div></div > < /div></main > < style > html {
    line - height: 1.15; - webkit - text - size - adjust: 100 %
}
body {
    margin: 0
}
main {
    display: block
}
h1 {
    font - size: 2e m;
    margin: .67e m 0
}
hr {
    box - sizing: content - box;
    height: 0;
    overflow: visible
}
pre {
    font - family: monospace, monospace;
    font - size: 1e m
}
a {
    background - color: transparent
}
abbr[title] {
    border - bottom: none;
    text - decoration: underline;
    text - decoration: underline dotted
}
b, strong {
    font - weight: bolder
}
code, kbd, samp {
    font - family: monospace, monospace;
    font - size: 1e m
}
small {
    font - size: 80 %
}
sub, sup {
    font - size: 75 % ;
    line - height: 0;
    position: relative;
    vertical - align: baseline
}
sub {
    bottom: -.25e m
}
sup {
    top: -.5e m
}
img {
    border - style: none
}
button, input, optgroup, select, textarea {
    font - family: inherit;
    font - size: 100 % ;
    line - height: 1.15;
    margin: 0
}
button, input {
    overflow: visible
}
button, select {
    text - transform: none
}[type = button], [type = reset], [type = submit], button {
    -webkit - appearance: button
}[type = button]::-moz - focus - inner, [type = reset]::-moz - focus - inner, [type = submit]::-moz - focus - inner, button::-moz - focus - inner {
    border - style: none;
    padding: 0
}[type = button]: -moz - focusring, [type = reset]: -moz - focusring, [type = submit]: -moz - focusring, button: -moz - focusring {
    outline: 1 px dotted ButtonText
}
fieldset {
    padding: .35e m.75e m.625e m
}
legend {
    box - sizing: border - box;
    color: inherit;
    display: table;
    max - width: 100 % ;
    padding: 0;
    white - space: normal
}
progress {
    vertical - align: baseline
}
textarea {
    overflow: auto
}[type = checkbox], [type = radio] {
    box - sizing: border - box;
    padding: 0
}[type = number]::-webkit - inner - spin - button, [type = number]::-webkit - outer - spin - button {
    height: auto
}[type = search] {
    -webkit - appearance: textfield;
    outline - offset: -2 px
}[type = search]::-webkit - search - decoration {
    -webkit - appearance: none
}::-webkit - file - upload - button {
    -webkit - appearance: button;
    font: inherit
}
details {
    display: block
}
summary {
    display: list - item
}[hidden], template {
    display: none
}@
keyframes fadeIn {
    0 % {
        opacity: 0;transform: scale(.9)
    }
    to {
        opacity: 1;transform: scale(1)
    }
}.sc {
    -webkit - touch - callout: none; - webkit - user - select: none; - khtml - user - select: none; - moz - user - select: none; - ms - user - select: none;
    user - select: none;
    display: flex;
    justify - content: center;
    align - items: center
}.sc.rtl {
        direction: rtl
    }.sc__sw {
        width: 100 % ;max - width: 30 rem;font - family: Roboto,
        Segoe UI,
        Helvetica,
        sans - serif;background - color: # fff;border - radius: .3 rem;margin: 1 rem;padding: 1 rem 1.5 rem 4.5 rem;position: relative;box - shadow: 0.5 rem.5 rem rgba(0, 0, 0, .1);animation: fadeIn.4 s ease - in -out
    }.sc__sw__icon {
        height: 1.6 rem;width: 1.6 rem;float: left;background - size: contain;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTEyIDIyYzEuMSAwIDItLjkgMi0yaC00YTIgMiAwIDAgMCAyIDJ6bTYtNnYtNWMwLTMuMDctMS42NC01LjY0LTQuNS02LjMyVjRjMC0uODMtLjY3LTEuNS0xLjUtMS41cy0xLjUuNjctMS41IDEuNXYuNjhDNy42MyA1LjM2IDYgNy45MiA2IDExdjVsLTIgMnYxaDE2di0xbC0yLTJ6IiBmaWxsPSIjNDI4NWY2Ii8+PC9zdmc+")
    }.sc__sw__heading {
        display: none
    }.sc__sw__text {
        color: #666;margin-left:2.3rem;margin-top:.2rem}.sc__sw__text-desktop,.sc__sw__text-mobile{display:none}.sc__sw__btn-c{position:absolute;bottom:.2rem;right:.5rem;display:flex;flex-flow:row-reverse}.sc__sw__btn{border:none;padding:1rem;background-color:transparent;color:# 4283e f;font - weight: 400
    }.sc.sc--mobile {
        width: 100 % ;height: 100 %
    }.sc.sc--mobile__sw__text - mobile {
        display: block
    }.sc.sc--mobile.sc--android - browser, .sc.sc--mobile.sc--chrome, .sc.sc--mobile.sc--firefox {
        background - color: rgba(0, 0, 0, .3);
        position: absolute;
        top: 0;
        bottom: 0;
        left: 0;
        right: 0;
    }.sc.sc--mobile.sc--android - browser, .sc.sc--mobile.sc--chrome {
        width: 100 % ;height: 100 %
    }.sc.sc--mobile.sc--android - browser.sc__sw, .sc.sc--mobile.sc--chrome.sc__sw {
        position: absolute;margin: 0;left: 50 % ;top: 50 % ;width: 92 % ;max - width: 520 px;height: auto;padding - left: 3.8 rem;transform: translate(-50 % , -50 % )
    }.sc.sc--mobile.sc--android - browser.sc__sw__text - mobile, .sc.sc--mobile.sc--chrome.sc__sw__text - mobile {
        display: inline;color: #666;margin-left:0;margin-top:.2rem}.sc.sc--mobile.sc--android-browser .sc__sw__icon,.sc.sc--mobile.sc--chrome .sc__sw__icon{position:absolute;float:none;left:1.5rem;top:1rem}.sc.sc--mobile.sc--android-browser .sc__wrp,.sc.sc--mobile.sc--chrome .sc__wrp{position:relative;width:100%;height:100%;box-sizing:border-box}.sc.sc--mobile.sc--android-browser .sc__wrp *,.sc.sc--mobile.sc--chrome .sc__wrp *{box-sizing:border-box}.sc.sc--mobile.sc--firefox{background-color:rgba(0,0,0,.6);align-items:flex-start;margin-top:-16px}.sc.sc--mobile.sc--firefox .sc__sw{font-family:Fira Sans,Roboto,Segoe UI,Helvetica,sans-serif;background-color:# e6e6e6;font - weight: 400;padding - bottom: 4.5 rem;overflow: hidden;max - width: 66.6 % ;margin: 0 auto
    }.sc.sc--mobile.sc--firefox.sc__sw__icon {
        width: 2.5 rem;height: 2.5 rem;margin - top: .5 rem;background - repeat: no - repeat;background - position: 50 % ;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTMuMjU0IDIuMDk0Yy0xLjE0NyAwLTIuMDcuOTIyLTIuMDcgMi4wNjh2MTEuMzVjMCAxLjE0Ni45MjMgMi4wNjggMi4wNyAyLjA2OGg5LjUzbDMuNzYyIDMuNzYycy41ODguNTY0IDEuMjA3LjU2NGMuNjE4IDAgLjg2Mi0uMzQ2Ljg2Mi0uNTY0VjE3LjU4aDIuMTMxYzEuMTQ3IDAgMi4wNy0uOTIyIDIuMDctMi4wNjlWNC4xNjJhMi4wNjUgMi4wNjUgMCAwIDAtMi4wNy0yLjA2OHptOC43NzcgMi4wNDhBMS40MDggMS40MDggMCAwIDEgMTMuNDQgNS41NWExLjQwOCAxLjQwOCAwIDAgMS0xLjQwOCAxLjQwNyAxLjQwOCAxLjQwOCAwIDAgMS0xLjQwOC0xLjQwNyAxLjQwOCAxLjQwOCAwIDAgMSAxLjQwOC0xLjQwOHptLS4yMTYgNC4yNzhoLjQzMmMuNjYgMCAxLjE5Mi41MzIgMS4xOTIgMS4xOTJ2NC44NjVjMCAuNjYtLjUzMiAxLjE5Mi0xLjE5MiAxLjE5MmgtLjQzMmMtLjY2IDAtMS4xOTItLjUzMi0xLjE5Mi0xLjE5MlY5LjYxMmMwLS42Ni41MzItMS4xOTIgMS4xOTItMS4xOTJ6IiBmaWxsPSIjYTVhNWE1Ii8+PC9zdmc+")
    }.sc.sc--mobile.sc--firefox.sc__sw__text - mobile {
        font - weight: 300;
        display: block;
        margin - left: 3.5 rem;
        margin - top: .5 rem;
        margin - bottom: 1 rem
    }.sc.sc--mobile.sc--firefox.sc__sw__btn - c {
        bottom: 0;left: 0;right: 0
    }.sc.sc--mobile.sc--firefox.sc__sw__btn {
        width: 50 % ;color: #000;font-weight:400}.sc.sc--mobile.sc--firefox .sc__sw__btn--allow{background-color:# 008 bcc;color: # fff
    }.sc.sc--mobile.sc--firefox.sc__sw__btn--block {
        background - color: # d1d0d5
    }.sc.sc--mobile.sc--uc - browser {
        align - items: flex - end;
        height: 100 %
    }.sc.sc--mobile.sc--uc - browser.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px 5 px
    }.sc.sc--mobile.sc--uc - browser.sc__sw {
        box - shadow: 0 0 4 px rgba(0, 0, 0, .2);
        border - radius: 1.5 rem;
        padding - right: 2.5 rem;
        width: auto;
        margin: auto
    }.sc.sc--mobile.sc--uc - browser.sc__sw: after, .sc.sc--mobile.sc--uc - browser.sc__sw: before {
        position: absolute;right: 1.5 rem;top: 1 rem;content: " ";height: .8 rem;width: 1 px;background - color: # aaa
    }.sc.sc--mobile.sc--uc - browser.sc__sw: before {
        transform: rotate(45 deg)
    }.sc.sc--mobile.sc--uc - browser.sc__sw: after {
        transform: rotate(-45 deg)
    }.sc.sc--mobile.sc--uc - browser.sc__sw__text - mobile {
        display: block;font - weight: 700;margin - bottom: .5 rem;margin - left: 3 rem;color: #444;margin-top:.25rem}.sc.sc--mobile.sc--uc-browser .sc__sw__btn-c{flex-flow:row}.sc.sc--mobile.sc--uc-browser .sc__sw__btn--allow{color:# fdb83f
    }.sc.sc--mobile.sc--uc - browser.sc__sw__btn--block {
        font - weight: 400;
        color: # aaa
    }.sc.sc--mobile.sc--uc - browser.sc__sw__icon {
        width: 2.5 rem;height: 2.5 rem;background - repeat: no - repeat;background - image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAABQCAIAAADKqIEEAAALgUlEQVRo3u1az49k11X+vnPuq/4xM5mZWHYUOfYgga1IKAtiZUVkTCw2WbJFQmIFSxQhIbDgH4jwigVZEH5vAkIgggAhISuIADFxHGPZMxM7djyezNie6Z81XVXvvXs+Fve9qurq6Z7udpkE1Fet1z1Tr+777nfPPec75zxKwv+1YT9qAGegf5zHGegz0GegTzoCWHYk+OhBG6Al407Lxpjzi3/ir/9jvX3bIL/8KJ/+NT3+DJf6DC43jOtfn+fLfxNNhGDR0Eh3PP3L+uyvLhH3Ms2jfec/+MrXI8Moc6FKYd5K+Lc/5+2XlsjNEkGHfeuPkDMJkEYAMMJgTRDf/EMqfhSgjz5P+W6++0PBQQEhCQopRLg7tt7F8C6wHNwnZ/ow3MMdSxEpwwULIGhiglVgxfCMZhuIpeCe9x4CGkACQymTBCzCCCIAAglHnKZ7N3x1ImYiEKBCAEgYaRmDGqNbiiu0JRjkPGgCRARASjBrqbDMGKeoU0vkc9QANLqUyOlX997Te/+kH7xgazVSICRJhARCRAiTFrl66y/IXVx+Cmuf+JCg97s8ARDE7k9kWmRYwMsnqDPqiafWrcb4+/jeV/MHb3regwOiYApRkoQI5EAEBYAymlHjPawAqw/HE79kT/4KcUo3eMBPq78qgAxCtEwvh5BoE0bMd7H1XVz967x1kwCZwQBASAABgd36I5AzcrFjRoTCHIJlPvQkfuZ3cenTS2F6em1AACYxK6Cgy20Pu9/fuf733L221m5YWwuyzq0cckIFKNi2ylnFzOVhYIQ58PjP47O/A6x/SKYFAQghAwQdYCg7atgob3739tW/Wx1+bz32VhgsjBLoZ+E89nnaJUSwbrobScgkI4yPXMHnfx+4dHxjWQAdxSoENUiAkTDAkIlmdPvFzdf+8ny6sdYMmTNVTm6HbX6rDpDdrYiR2WY1rbr1mSxZ5Vxdw8/9KapHjgl6vwNSYTqHGGSQAoggEFtv169/7WG8vd5MUmvszFZHYZ0xQ5Ck4K5BUuWEEAJEZWXUu/f0778OtCcHLUBEMKLKqkJWlmDtOG59c/zfz6/HG6aGOUfntgnw+IpC3a6S1QCDiiwEBaNJUmzfaF79cj4N0wBoQRdJApBFi/ru+MY3NLzlEcjF1jUFvW/JD3waKRAkUgVPnTUqA5nB6tpf+a1/OI7oXABd9hGGMMkjku5h/HY9GlUMhIAMTeGdyssSAERiUHXRsbjX3NYY4JXf0zFmtYMzAoLEiIEmxHa981au73iXNgnU8Qz50KHCuBGDAQl1mxRJhtEdu/PtB85+HyWgEoaVoR1M3t/ZuL4Sdy0aKaQO9+x6KrIFioQ7zLtJJFANVvHqlyPH0dto83N1XlowydXC6uHdN3TnzbW8K1PRaKJkIS4hX5VRaSZ+aDIkbFzV1stHf3Ef02IUz0AYk8HavZvXV+odZ6tCLaWO4MCHxy3QHWad6BFMyC3tg385AehCtwE0UgRG2Li5YnWY+u0yyRBGEcc5Mg8cJYkEwOJBIyJ0+z+P/tK+bJzFHxkgITImt1a5y85+BbhknmlTy6ZOK9R6hgC4o21R7FIyM2zcODHTBMgAW9SbxJhFsbFju+NYi376dEMAOsc3JSKhmUDNCUD3bgGIhLaJPHVwUymn2T1LGWRv1iraVmyxfXu6qKNBa+4PQVQUfTAf/rR42xJAF3HSL6ColPp94NCgfj+mu5ERtSWyCNBpNnO0ej7FEIpm6B/OgOArRzC9UBYLoZdvBHLbiU92jGjptcQe9pR0AE7BB0dUCuY/YEhdim8AqWg5y/j7lSzh+M09slzniYZCROQjNnNRMPXHjgCVA3CBxWPMMr8PE8MXOZ5dO1+t4nl1BDf7QBuTsQIdANDQxpZIOOSQ9Ywsp+Cyn+/+zKj/h+L4TGO6YyVW0wrHBtgsBM4O5XKG9s9nAGjHZXphKrK334+4q7uATsBJmcacrHZFdEb2UY7+fExt+jRMl4iYwa62tfyuyQJJ07RC6FTDSZOAfgRJLjNeHzr2eQ/AHpTOHWEegpmSzftQLTcWzj+P0yCG6P7r0PzlMPMQaGoU0UASe/En9pFgmXauWcyFBEMG1roizP3GvjCegVA4whQA23t7TYwGgguisa8TlWBOLC009sW0rjIRgvlgFiePYLoPTkWNCu24He6KEWylTEWXInS5zdJo7rROEaWgUfIKozcQh4Ywm/suDHC4wRA57l5v29318+dpIU1Ck+AEVgdalXLCchVIL30JhJ9vXv9jcHIsm6bggkdgsnnvg1dzvekRZhQlZjALGYxShzs9voVRgneX2kLGJFW3Xsa1rxzm+/bX8soXY5x3XhvuXuN4S8ORB9yS0dCX+05YxFtA+IDPSvbSplVc/Rpyvu8yFzKXAFrk94cbL1l7c6Cx2kZZhBOOaR47K0RNoxlP9dPPQuuPXZkzHAZM+O7fakGXLIImQSKadvN6vXN1xXZgrTJVJ7WOnJQNmRKnBfQuOTIj7/vD/trdOP8npsKGZDK4TYUOBZky1/TKH3B8e6FUf4DpyJi8N7z9LY3eTxQdZi5fD78gv0BbJ1fENGsGAXCXJXiCO0rlxUxzV5jBXG4wF0100EQnnebdBltiSuLUgwkIC+XxFq4+rwNnYaGPOMpb32h3XktqTZUl+MUVqy5FWiNB1Iq6qYe8t50jC0wXHmM6RyvlWkISwZBoAEnrNrAPRSxiZkpbtMxDjrcRtdxgnLaUIAlhNPzgBT7xDs4/Pt9x2N9H5Hux8Z21essTosnwAS9doF92rAoWCFiYPlAeMsu9svOPYeU8cgsY6GCXVU8ruP2DNFeBYL/bGTA0I9VX0Y4FwhOiQXT1CUoBa+TprT/DZ57jnCDZn9iO9jjaqyyMUG7RBoZAcoRTcmRgF/VmSEgEGmxcw/pDSKvdwWLJOPoMWHlGx/zJmZ6fXGt4i+12lHs8MSS1QFdEpcEtcfPbsXeP67MO2D7zUAxSw4xgDjPlaFVv5lHOeV2U+YQYCnv0MBJkbjZsZwusVARl7wdL9jBfGsBc92C60REZalVaRuzqnmDX5VC3K0S9Zc270E/2eeAC09W57JdGk7Q2qOVmCaG9SKOwCsZsomc0YQHASdAICWo6r6f+zJTfmhcomqaqpfEy530AGSQhd+30/ghAbJtx5Z/C6idBuy/ToH1s78Lj9+7c8mZzZWVEZBgVUmrNjaSCWRaUi6SrbUqzx/Yd7gOutXcKLJVAkGZMzmL/XbsxWPK7UiITwIg8SlzLP/0lX/nYPpxzfUQJ4/Hov7D1DnfeysOb1uxWCrQWDWnJBiHfU7PbtFg5d9HTp3Tz1VxPLELITJQREmOfTTAg6+VxIECjcUBcfhjVWrQTUwMfgCtABRnMEBMQWLmMj38On/gC1h+Zs6lF0FAINqEUmuTRdohuTgwQJM2cSDU0RjsCDRjiha/i5isA0GS1gZDYJdOdnC+9lWIqBiSXmZHxyc/407+B6uPII+QJvIKvwSswAQQyIqs8Gn4wj1kwDwIrAMxW7dzF2fmZNeoJEFW/5U9+UTdep6AshcorNchd9UzldghS6cSxgiWnuz/xi1h7FEhI8/s+TVUqWHB6bg+oj/vVPTgvD6yXFgdLPsRPfJFXnopJLVkfqI3o+gR9sDbSDeZwa8k28OhTuPIMUB2Y0OY0iR0h24/xnkt5NOdn7JdvwDPPmae2bQgDnPROj5A2o8pgCfQaDjP8wm/D7UjB94B64Qlfzjn4oMHFePZLFZIil+jd9dfLQGmVkW5IUVUZX/gtpIuzZZ9qnOBlwulLDwcXwtEW/vk5vf2SGkQgSiykjHSIKaESfupZPPub+434owd9dDUiQ37zO3jz6/UbL6a7PywNR1rKDz3GK5+zJz+PR38WvpzXAJf82ub/zjh7f/oM9BnoH4NxBvoM9P830P8DWBywwp+xTnsAAAAASUVORK5CYII=")
    }.sc.sc--mobile.sc--samsung - internet -
    for -android {
        height: 100 % ;align - items: flex - end
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw {
        width: auto;margin: 1 rem auto;box - shadow: 0 0 3 px rgba(0, 0, 0, .4);border - radius: 2 rem;padding - bottom: 4.5 rem;padding - top: 1.333 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw: after, .sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw: before {
        position: absolute;right: 1.75 rem;top: 1.333 rem;content: " ";height: 1 rem;width: 1 px;background - color: #777}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw:before{transform:rotate(45deg)}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw:after{transform:rotate(-45deg)}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw__text-mobile{display:block;font-weight:700;color:# 444;margin - left: 3 rem;margin - right: 1.5 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__btn - c {
        flex - flow: row;
        display: flex;
        left: .5 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__btn {
        flex: 1;padding: .25 rem;margin - bottom: 1 rem;color: #4285f6}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw__btn--allow{border-right:1px solid # ddd
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__icon {
        width: 2 rem;position: relative;top: .33 rem;height: 2 rem;background - repeat: no - repeat
    }.sc.sc--mobile.sc--yandex - browser {
        align - items: flex - end
    }.sc.sc--mobile.sc--yandex - browser.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px
    }.sc.sc--mobile.sc--yandex - browser.sc__sw {
        width: auto;border: 1 px solid # ededed;border - radius: 1 rem;margin: .5 rem;box - shadow: 0 0 10 px 10 px # f0f0f0,
        0 50 px 20 px 40 px # f0f0f0
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__text - mobile {
        display: block;margin - left: 0;margin - right: 1 rem
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__icon {
        position: absolute;right: .5 rem;top: .5 rem;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI2NCIgaGVpZ2h0PSI2NCIgdmlld0JveD0iMCAwIDE2LjkzMyAxNi45MzMiPjxnIHRyYW5zZm9ybT0idHJhbnNsYXRlKDAgLTI4MC4wNjcpIj48Y2lyY2xlIGN4PSI4LjQ2NyIgY3k9IjI4OC41MzMiIHI9IjcuNTYiIGZpbGw9IiNkOWQ5ZDkiLz48cGF0aCBkPSJNNS42MzggMjg1LjQzM2EuMjYzLjI2MyAwIDAgMC0uMTk1LjA3Ny4yNzkuMjc5IDAgMCAwIC4wMTEuMzk0bDIuNjMgMi42My0yLjYzIDIuNjI4YS4yNzkuMjc5IDAgMCAwLS4wMTEuMzk1LjI3OS4yNzkgMCAwIDAgLjM5NS0uMDExbDIuNjI5LTIuNjMgMi42MjkgMi42M2EuMjc5LjI3OSAwIDAgMCAuMzk0LjAxLjI3OS4yNzkgMCAwIDAtLjAxLS4zOTRsLTIuNjMtMi42MjkgMi42My0yLjYyOWEuMjc5LjI3OSAwIDAgMCAuMDEtLjM5NC4yNzkuMjc5IDAgMCAwLS4zOTQuMDFsLTIuNjMgMi42My0yLjYyOC0yLjYzYS4yOTQuMjk0IDAgMCAwLS4yLS4wODd6IiBmaWxsPSIjZmZmIi8+PC9nPjwvc3ZnPg==")
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn - c {
        bottom: 0;right: 0;left: 0;display: flex;border - top: 1 px solid # cbcbcb
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn {
        flex: 1;color: #2488e0;font-weight:400}.sc.sc--mobile.sc--yandex-browser .sc__sw__btn--allow{color:# 2488e0;font - weight: 600;border - left: 1 px solid # cbcbcb
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn--block {
        color: #2488e0}.sc.sc--desktop{margin-left:21px;margin-top:-3px;width:326px;height:136px;display:flex;justify-content:center;align-items:center}.sc.sc--desktop.rtl{margin-left:0;margin-right:106px}.sc.sc--desktop .sc__sw{box-sizing:border-box;width:320px;height:130px;border-radius:2px;box-shadow:0 -1px 3px rgba(0,0,0,.3),0 2px 3px 1px rgba(0,0,0,.3);padding:16px;margin:0;font-family:Segoe UI,Helvetica,sans-serif}.sc.sc--desktop .sc__sw__close{position:absolute;display:block;height:24px;width:24px;right:5px;top:5px;border-radius:100%;background-color:transparent;transition:background-color .5s}.sc.sc--desktop .sc__sw__close:hover{background-color:rgba(0,0,0,.08)}.sc.sc--desktop .sc__sw__close:after,.sc.sc--desktop .sc__sw__close:before{content:" ";position:absolute;height:13px;width:2px;left:11px;top:5px;background-color:# 666;pointer - events: none
    }.sc.sc--desktop.sc__sw__close: before {
        transform: rotate(45 deg)
    }.sc.sc--desktop.sc__sw__close: after {
        transform: rotate(-45 deg)
    }.sc.sc--desktop.sc__sw__heading {
        display: block;position: absolute;top: 19 px;left: 16 px;right: 30 px;font - size: 15 px;white - space: nowrap;text - overflow: ellipsis;overflow: hidden
    }.sc.sc--desktop.sc__sw__icon {
        background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTEyIDIyYzEuMSAwIDItLjkgMi0yaC00YTIgMiAwIDAgMCAyIDJ6bTYtNnYtNWMwLTMuMDctMS42NC01LjY0LTQuNS02LjMyVjRjMC0uODMtLjY3LTEuNS0xLjUtMS41cy0xLjUuNjctMS41IDEuNXYuNjhDNy42MyA1LjM2IDYgNy45MiA2IDExdjVsLTIgMnYxaDE2di0xbC0yLTJ6IiBmaWxsPSIjNWY2MzY4Ii8+PC9zdmc+");
        height: 18 px;
        width: 18 px;
        position: absolute;
        top: 47 px;
        left: 16 px
    }.sc.sc--desktop.sc__sw__text {
        font - size: 12 px;
        position: absolute;
        top: 49 px;
        left: 46 px;
        color: #000;margin:0}.sc.sc--desktop .sc__sw__text-desktop{display:block}.sc.sc--desktop .sc__sw__btn-c{bottom:16px;right:16px;flex-flow:row}.sc.sc--desktop .sc__sw__btn{font-size:12px;font-weight:400;border:1px solid # ddd;
        border - radius: 2 px;
        padding: 0 16 px;
        height: 32 px;
        margin - left: 8 px;
        min - width: 64 px;
        font - weight: 500
    }.sc.sc--desktop.sc__sw__btn: hover {
        background - color: # fafafa
    }.sc.sc--desktop.sc--firefox {
        width: 380 px;height: 120 px;margin - left: 0;margin - top: 0
    }.sc.sc--desktop.sc--firefox.rtl {
        margin - left: 0;
        margin - right: 0
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw: after, .sc.sc--desktop.sc--firefox.rtl.sc__sw: before {
        left: auto;right: 7 px
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw: before {
        right: 6 px
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw__btn--block: after {
        left: 0;right: auto
    }.sc.sc--desktop.sc--firefox.sc__sw {
        width: 360 px;height: 102 px;border: 1 px solid # d0d1d1;box - shadow: 0 0 1 rem # d0d1d1;padding: 12 px 10 px;position: relative
    }.sc.sc--desktop.sc--firefox.sc__sw: after, .sc.sc--desktop.sc--firefox.sc__sw: before {
        display: none;background - color: transparent;position: absolute;left: 7 px;top: -8 px;transform: none;content: " ";display: block;width: 0;height: 0;border - color: transparent transparent # fff;border - style: solid;border - width: 0 8 px 8 px
    }.sc.sc--desktop.sc--firefox.sc__sw: before {
        top: -9 px;left: 6 px;border - width: 0 9 px 9 px;border - color: transparent transparent # d0d1d1
    }.sc.sc--desktop.sc--firefox.sc__sw * {
        position: unset
    }.sc.sc--desktop.sc--firefox.sc__sw__close {
        display: none
    }.sc.sc--desktop.sc--firefox.sc__sw__heading {
        font - family: Segoe UI, Helvetica, sans - serif;
        font - size: 12 px;
        white - space: wrap;
        margin - bottom: .5e m;
        overflow: visible;
        margin - left: 48 px
    }.sc.sc--desktop.sc--firefox.sc__sw__text {
        overflow: visible;margin - left: 48 px;line - height: .95
    }.sc.sc--desktop.sc--firefox.sc__sw__icon {
        background - image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAeCAYAAABNChwpAAABj0lEQVRIie2Wv4oyMRTFf7pWsdQyBCzUVwgznXkFwc6xthNLERbU0gew1E7wFbQbmHewG9IJgoW22WJB0PUP6IzKx3e6ZO7NOUluztyMc84BRFHEcrkkjmPShFIKYwxaawAyzjk3m80IwzBV4nP4vk+z2SQXRdHLyQHCMKRSqfBVKpW+d7vdywUAbLdbcud33u/3kVKmQmitZTAYHMdxHJM9D0qL/NrafwS8Gm8XkLsXMBqNHvYGpRS9Xu9mzOefwL0dPIvPP4H/NfDP18DnCbDWpkZ2ae3McDh0SXRBvu9Tr9cRQgCwXq+ZTqdsNpurOUopssaYp8nht8FYLBbH8T1yAGMMWa01nuclJmK1WgHcJfc8D6317zMMgoBqtZpIUzqfzykUCle/X2xKnyG01jIejzkcDse5fD7Pfr8/iZtMJhfzn36GUkra7fbJ3Dn5LSTiA+VymUaj8VBuYkZUq9UeKuZEnTAIApRS7xMA0Ol0jmb0FgFCCLrd7omIW4JS+RlJKWm1WhSLRYQQNwv0BySZkZGaX+NiAAAAAElFTkSuQmCC");
        width: 32 px;
        margin - right: 16 px;
        height: 30 px
    }.sc.sc--desktop.sc--firefox.sc__sw__btn - c {
        position: absolute;left: 0;right: 0;bottom: 0
    }.sc.sc--desktop.sc--firefox.sc__sw__btn {
        margin: 0;border: none;display: flex;flex: 1;text - align: center;justify - content: center;align - items: center;height: 39 px;color: #000;border-radius:0;box-shadow:inset 0 0 1px 1px rgba(0,0,0,.1);background-color:# ededed;position: relative
    }.sc.sc--desktop.sc--firefox.sc__sw__btn--allow {
        background - color: #0060df;color:# fff
    }.sc.sc--desktop.sc--firefox.sc__sw__btn--allow: hover {
        background - color: #003eaa}.sc.sc--desktop.sc--firefox .sc__sw__btn--block{padding-right:55px}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:before{display:block;content:"";position:absolute;left:0;top:0;bottom:0;right:0;z-index:1}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:hover:before{background-color:rgba(0,0,0,.045)}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:after{content:"";display:block;position:absolute;right:0;background-image:url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA4AAAAHCAYAAAA4R3wZAAAAhUlEQVQYlXXQyw2EMAyE4Z9tAMpwSkn6BUoJt3QwUioYDitWLA8fPf4s2YMkl1LovbMsC+M48lS9d0opTNPEPM98jqDWyrHgDdVasf1tSnJrzRFhwCklt9YsyUeWUjLgiPhlnAeu+A39wSf8hiR5kOTrPTlntm0DICJY1/X2tBs8Y+ARAezFmqaAOZvAjAAAAABJRU5ErkJggg= = ");background-repeat:no-repeat;background-position:12px 11px;border-left:1px solid #cecece;height:26px;width:39px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw{border-radius:4px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn-c{overflow:hidden;border-radius:0 0 4px 4px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn{box-shadow:none}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--allow{background-color:#0896f8;border-top:1px solid #0c84d8}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--allow:hover{background-color:#0c84d8}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--block{border-top:1px solid #ccc}.sc.sc--desktop.sc--yandex-browser{width:460px;height:180px;overflow:hidden;align-items:flex-start;position:absolute;right:17px;margin:0}.sc.sc--desktop.sc--yandex-browser *{position:unset}.sc.sc--desktop.sc--yandex-browser.rtl{right:auto;left:17px}.sc.sc--desktop.sc--yandex-browser.rtl .sc__sw__btn-c:before{left:auto;right:0}.sc.sc--desktop.sc--yandex-browser .sc__sw{width:435px;height:150px;border-radius:3px;border:1px solid #d1d1d1;box-shadow:0 10px 20px rgba(0,0,0,.1);margin-top:13px;overflow:visible;padding:20px 25px;position:relative}.sc.sc--desktop.sc--yandex-browser .sc__sw:after,.sc.sc--desktop.sc--yandex-browser .sc__sw:before{width:1px;background-color:#d1d1d1}.sc.sc--desktop.sc--yandex-browser .sc__sw__close{content:"
        ";display:block;width:16px;height:16px;background-image:url("
        data: image / png;
        base64, iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8 / 9 hAAABj0lEQVQ4ja2TzYrqQBCFv5b8qdABI26MUSGLvIRrn1XwNeYRBNGsTMgiYCDZxG4XfRcSb2bUCwP3LLvrVJ06VSWMMYYe2rbler3SNA1aawAcx0FKSRAEDIfDfjiiS2CMIc9zqqpiNpvh + z6u6wKglKKua8qyZDKZEIYhQoi / CYwxpGkKQBRFT + JPKKW4XC4AxHGMEIIBQJ7nz8dPZADXdYnjmD7HatuWqqpIkuQpC + B0OnE4HBBCkCQJSZI8JAtBFEUcj0em0ylkWWaKojB9FEVhdrud0VobrbXZ7 / cmy7KXmCzLzKBpGnzf / yZVSsl2u8W2bWzbRkr5nEgH3 / dpmgZLa / 3 S93g8ppvM19cXnuexXq9f / NBaP0z8hPP5zP1 + Z7PZfPOnD8txHJRSjEajl8 / lcslqtXpLVErhOA4DKSV1XX9U0O3HT9R1jZSSQRAElGWJUupVnmVhWdbb6mVZEgTBYxOzLON2uz2361 / ottbzPBaLxcPE + XwOQJqmb5X0K3cthWEI / K9j6lf57Tn / Aa0MA10JheTaAAAAAElFTkSuQmCC ");background-size:contain;background-repeat:no-repeat;background-color:red;position:absolute;left:25px;bottom:25px;top:auto}.sc.sc--desktop.sc--yandex-browser .sc__sw__close:after,.sc.sc--desktop.sc--yandex-browser .sc__sw__close:before{display:none}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon{background-image:url("
        data: image / png;
        base64, iVBORw0KGgoAAAANSUhEUgAAABwAAAAaCAYAAACkVDyJAAABP0lEQVRIie3VMW6DMBTG8T8oYyaba4SNOdnJARhYmMlx8BoWJDhAjpGJXAMzsb8Olau0TVKUGKlDvvHpwU / Y5jkQEbHWUtc1fd8zjiM + o5QijmOKokBrTTAMg5RlyTRNXqGfWa / XGGNYHY9HpmkiSRLKsiSKIq / QMAxUVcX5fKaua8LL5QKwCAYQRRGHwwGAvu8J3Z4tgV2jAOM4Ei6m3MkbfINv8B + ASingc + YtFfdupRThZrMBwBiDtdY7Zq2lqioA4jh + 7 XrK85wsy77V9vv9zV53PYVaa4wxbLdb3PLOTdM0dF33sEcpxW63wxiD1hrkybRtK2maSpqm0rbtV93V7uXpU5plGXmez / 5 Sl9WzoEMd2DTNrGcCEZFXUICu636Bp9PpZq + XH / 96e f + Kt0kzF / U62uagLx2ae + ijfAAz9t9V2rINEgAAAABJRU5ErkJggg == ");width:28px;height:26px}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:after,.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:before{display:none;background-color:transparent;position:absolute;left:295px;top:-12px;transform:none;content:"
        ";display:block;width:0;height:0;border-color:transparent transparent #fff;border-style:solid;border-width:0 12px 12px}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:before{top:-13px;left:294px;z-index:-1;border-width:0 13px 13px;border-color:transparent transparent #d0d1d1}.sc.sc--desktop.sc--yandex-browser .sc__sw__heading,.sc.sc--desktop.sc--yandex-browser .sc__sw__text{margin-left:45px}.sc.sc--desktop.sc--yandex-browser .sc__sw__heading{font-weight:700;font-size:16px;margin-top:-3px;width:330px;white-space:normal;margin-bottom:8px;direction:auto}.sc.sc--desktop.sc--yandex-browser .sc__sw__text{font-size:13px;line-height:1.333}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn-c{position:absolute;right:25px;bottom:20px;justify-content:flex-end}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn{color:#000;font-weight:400;border:none;background-color:#e6e6e6}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn:hover{background-color:#ccc}.sc.sc--desktop.sc--macos .sc__sw{border-top:0;border-right:1px solid #ccc;border-bottom:1px solid #c1c1c1;border-left:1px solid #ccc;box-shadow:0 0 15px 0 #c6c6c6;border-radius:4px}.sc.sc--desktop.sc--macos .sc__sw__text-desktop{top:50px}.sc.sc--desktop.sc--macos .sc__sw__close{transform:scale(.9)}.sc.sc--desktop.sc--macos .sc__sw__btn{border-color:#eee;border-radius:3px}.sc.sc--desktop.sc--macos .sc__sw__btn-c{display:flex;flex-flow:row-reverse}.sc.sc--tablet .sc__sw__text-mobile{display:block}</style><script>parcelRequire=function(e,r,t,n){var i,o="
        function "==typeof parcelRequire&&parcelRequire,u="
        function "==typeof require&&require;function f(t,n){if(!r[t]){if(!e[t]){var i="
        function "==typeof parcelRequire&&parcelRequire;if(!n&&i)return i(t,!0);if(o)return o(t,!0);if(u&&"
        string "==typeof t)return u(t);var c=new Error("
        Cannot find module ");throw c.code="
        MODULE_NOT_FOUND ",c}p.resolve=function(r){return e[t][1][r]||r},p.cache={};var l=r[t]=new f.Module(t);e[t][0].call(l.exports,p,l,l.exports,this)}return r[t].exports;function p(e){return f(p.resolve(e))}}f.isParcelRequire=!0,f.Module=function(e){this.id=e,this.bundle=f,this.exports={}},f.modules=e,f.cache=r,f.parent=o,f.register=function(r,t){e[r]=[function(e,r){r.exports=t},{}]};for(var c=0;c<t.length;c++)try{f(t[c])}catch(e){i||(i=e)}if(t.length){var l=f(t[t.length-1]);"
        object "==typeof exports&&"
        undefined "!=typeof module?module.exports=l:"
        function "==typeof define&&define.amd?define(function(){return l}):n&&(this[n]=l)}if(parcelRequire=f,i)throw i;return f}({"
        9 KIJ ":[function(require,module,exports) {},{}],"
        JSid ":[function(require,module,exports) {var define;var e;!function(t,r){"
        object "==typeof exports&&"
        object "==typeof module?module.exports=r():"
        function "==typeof e&&e.amd?e([],r):"
        object "==typeof exports?exports.bowser=r():t.bowser=r()}(this,function(){return function(e){var t={};function r(n){if(t[n])return t[n].exports;var i=t[n]={i:n,l:!1,exports:{}};return e[n].call(i.exports,i,i.exports,r),i.l=!0,i.exports}return r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"
        undefined "!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"
        Module "}),Object.defineProperty(e,"
        __esModule ",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"
        object "==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"
        default ",{enumerable:!0,value:e}),2&t&&"
        string "!=typeof e)for(var i in e)r.d(n,i,function(t){return e[t]}.bind(null,i));return n},r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,"
        a ",t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="
        ",r(r.s=86)}({17:function(e,t,r){var n,i,s;i=[t,r(89)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";function i(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0;var s=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e)}return t=e,r=[{key:"
        getFirstMatch ",value:function(e,t){var r=t.match(e);return r&&r.length>0&&r[1]||"
        "}},{key:"
        getSecondMatch ",value:function(e,t){var r=t.match(e);return r&&r.length>1&&r[2]||"
        "}},{key:"
        matchAndReturnConst ",value:function(e,t,r){if(e.test(t))return r}},{key:"
        getWindowsVersionName ",value:function(e){switch(e){case"
        NT ":return"
        NT ";case"
        XP ":return"
        XP ";case"
        NT 5.0 ":return"
        2000 ";case"
        NT 5.1 ":return"
        XP ";case"
        NT 5.2 ":return"
        2003 ";case"
        NT 6.0 ":return"
        Vista ";case"
        NT 6.1 ":return"
        7 ";case"
        NT 6.2 ":return"
        8 ";case"
        NT 6.3 ":return"
        8.1 ";case"
        NT 10.0 ":return"
        10 ";default:return}}},{key:"
        getAndroidVersionName ",value:function(e){var t=e.split(".
        ").splice(0,2).map(function(e){return parseInt(e,10)||0});if(t.push(0),!(1===t[0]&&t[1]<5))return 1===t[0]&&t[1]<6?"
        Cupcake ":1===t[0]&&t[1]>=6?"
        Donut ":2===t[0]&&t[1]<2?"
        Eclair ":2===t[0]&&2===t[1]?"
        Froyo ":2===t[0]&&t[1]>2?"
        Gingerbread ":3===t[0]?"
        Honeycomb ":4===t[0]&&t[1]<1?"
        Ice Cream Sandwich ":4===t[0]&&t[1]<4?"
        Jelly Bean ":4===t[0]&&t[1]>=4?"
        KitKat ":5===t[0]?"
        Lollipop ":6===t[0]?"
        Marshmallow ":7===t[0]?"
        Nougat ":8===t[0]?"
        Oreo ":void 0}},{key:"
        getVersionPrecision ",value:function(e){return e.split(".
        ").length}},{key:"
        compareVersions ",value:function(t,r){var n=arguments.length>2&&void 0!==arguments[2]&&arguments[2],i=e.getVersionPrecision(t),s=e.getVersionPrecision(r),a=Math.max(i,s),o=0,u=e.map([t,r],function(t){var r=a-e.getVersionPrecision(t),n=t+new Array(r+1).join(".0 ");return e.map(n.split(".
        "),function(e){return new Array(20-e.length).join("
        0 ")+e}).reverse()});for(n&&(o=a-Math.min(i,s)),a-=1;a>=o;){if(u[0][a]>u[1][a])return 1;if(u[0][a]===u[1][a]){if(a===o)return 0;a-=1}else if(u[0][a]<u[1][a])return-1}}},{key:"
        map ",value:function(e,t){var r,n=[];if(Array.prototype.map)return Array.prototype.map.call(e,t);for(r=0;r<e.length;r+=1)n.push(t(e[r]));return n}},{key:"
        getBrowserAlias ",value:function(e){return n.BROWSER_ALIASES_MAP[e]}}],null&&i(t.prototype,null),r&&i(t,r),e;var t,r}();r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},86:function(e,t,r){var n,i,s;i=[t,r(87)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";function i(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}var s;Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=(s=n)&&s.__esModule?s:{default:s};var a=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e)}return t=e,r=[{key:"
        getParser ",value:function(e){var t=arguments.length>1&&void 0!==arguments[1]&&arguments[1];if("
        string "!=typeof e)throw new Error("
        UserAgent should be a string ");return new n.default(e,t)}},{key:"
        parse ",value:function(e){return new n.default(e).getResult()}}],null&&i(t.prototype,null),r&&i(t,r),e;var t,r}();r.default=a,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},87:function(e,t,r){var n,i,s;i=[t,r(88),r(90),r(91),r(92),r(17)],void 0===(s="
        function "==typeof(n=function(r,n,i,s,a,o){"
        use strict ";function u(e){return e&&e.__esModule?e:{default:e}}function c(e){return(c="
        function "==typeof Symbol&&"
        symbol "==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"
        function "==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"
        symbol ":typeof e})(e)}function d(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=u(n),i=u(i),s=u(s),a=u(a),o=u(o);var f=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]&&arguments[1];if(function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e),null==t||"
        "===t)throw new Error("
        UserAgent parameter cant be empty ");this._ua=t,this.parsedResult={},!0!==r&&this.parse()}return t=e,(r=[{key:"
        getUA ",value:function(){return this._ua}},{key:"
        test ",value:function(e){return e.test(this._ua)}},{key:"
        parseBrowser ",value:function(){var e=this;this.parsedResult.browser={};var t=n.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.browser=t.describe(this.getUA())),this.parsedResult.browser}},{key:"
        getBrowser ",value:function(){return this.parsedResult.browser?this.parsedResult.browser:this.parseBrowser()}},{key:"
        getBrowserName ",value:function(e){return e?String(this.getBrowser().name).toLowerCase()||"
        ":this.getBrowser().name||"
        "}},{key:"
        getBrowserVersion ",value:function(){return this.getBrowser().version}},{key:"
        getOS ",value:function(){return this.parsedResult.os?this.parsedResult.os:this.parseOS()}},{key:"
        parseOS ",value:function(){var e=this;this.parsedResult.os={};var t=i.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.os=t.describe(this.getUA())),this.parsedResult.os}},{key:"
        getOSName ",value:function(e){var t=this.getOS().name;return e?String(t).toLowerCase()||"
        ":t||"
        "}},{key:"
        getOSVersion ",value:function(){return this.getOS().version}},{key:"
        getPlatform ",value:function(){return this.parsedResult.platform?this.parsedResult.platform:this.parsePlatform()}},{key:"
        getPlatformType ",value:function(){var e=arguments.length>0&&void 0!==arguments[0]&&arguments[0],t=this.getPlatform().type;return e?String(t).toLowerCase()||"
        ":t||"
        "}},{key:"
        parsePlatform ",value:function(){var e=this;this.parsedResult.platform={};var t=s.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.platform=t.describe(this.getUA())),this.parsedResult.platform}},{key:"
        getEngine ",value:function(){return this.parsedResult.engine?this.parsedResult.engine:this.parseEngine()}},{key:"
        getEngineName ",value:function(e){return e?String(this.getEngine().name).toLowerCase()||"
        ":this.getEngine().name||"
        "}},{key:"
        parseEngine ",value:function(){var e=this;this.parsedResult.engine={};var t=a.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.engine=t.describe(this.getUA())),this.parsedResult.engine}},{key:"
        parse ",value:function(){return this.parseBrowser(),this.parseOS(),this.parsePlatform(),this.parseEngine(),this}},{key:"
        getResult ",value:function(){return Object.assign({},this.parsedResult)}},{key:"
        satisfies ",value:function(e){var t=this,r={},n=0,i={},s=0;if(Object.keys(e).forEach(function(t){var a=e[t];"
        string "==typeof a?(i[t]=a,s+=1):"
        object "===c(a)&&(r[t]=a,n+=1)}),n>0){var a=Object.keys(r),o=a.find(function(e){return t.isOS(e)});if(o){var u=this.satisfies(r[o]);if(void 0!==u)return u}var d=a.find(function(e){return t.isPlatform(e)});if(d){var f=this.satisfies(r[d]);if(void 0!==f)return f}}if(s>0){var l=Object.keys(i).find(function(e){return t.isBrowser(e,!0)});if(void 0!==l)return this.compareVersion(i[l])}}},{key:"
        isBrowser ",value:function(e){var t=arguments.length>1&&void 0!==arguments[1]&&arguments[1],r=this.getBrowserName(),n=[r.toLowerCase()],i=o.default.getBrowserAlias(r);return t&&void 0!==i&&n.push(i.toLowerCase()),-1!==n.indexOf(e.toLowerCase())}},{key:"
        compareVersion ",value:function(e){var t=[0],r=e,n=!1,i=this.getBrowserVersion();if("
        string "==typeof i)return" > "===e[0]||" < "===e[0]?(r=e.substr(1)," = "===e[1]?(n=!0,r=e.substr(2)):t=[]," > "===e[0]?t.push(1):t.push(-1)):" = "===e[0]?r=e.substr(1):"~"===e[0]&&(n=!0,r=e.substr(1)),t.indexOf(o.default.compareVersions(i,r,n))>-1}},{key:"
        isOS ",value:function(e){return this.getOSName(!0)===String(e).toLowerCase()}},{key:"
        isPlatform ",value:function(e){return this.getPlatformType(!0)===String(e).toLowerCase()}},{key:"
        isEngine ",value:function(e){return this.getEngineName(!0)===String(e).toLowerCase()}},{key:"
        is ",value:function(e){return this.isBrowser(e)||this.isOS(e)||this.isPlatform(e)}},{key:"
        some ",value:function(){var e=this;return(arguments.length>0&&void 0!==arguments[0]?arguments[0]:[]).some(function(t){return e.is(t)})}}])&&d(t.prototype,r),e;var t,r}();r.default=f,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},88:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";var i;Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=/version\/(\d+(\.?_?\d+)+)/i,a=[{test:[/googlebot/i],describe:function(e){var t={name:"
        Googlebot "},r=n.default.getFirstMatch(/googlebot\/(\d+(\.\d+))/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/opera/i],describe:function(e){var t={name:"
        Opera "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:opera)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/opr\/|opios/i],describe:function(e){var t={name:"
        Opera "},r=n.default.getFirstMatch(/(?:opr|opios)[\s\/](\S+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/SamsungBrowser/i],describe:function(e){var t={name:"
        Samsung Internet
        for Android "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:SamsungBrowser)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/Whale/i],describe:function(e){var t={name:"
        NAVER Whale Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:whale)[\s\/](\d+(?:\.\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/MZBrowser/i],describe:function(e){var t={name:"
        MZ Browser "},r=n.default.getFirstMatch(/(?:MZBrowser)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/focus/i],describe:function(e){var t={name:"
        Focus "},r=n.default.getFirstMatch(/(?:focus)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/swing/i],describe:function(e){var t={name:"
        Swing "},r=n.default.getFirstMatch(/(?:swing)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/coast/i],describe:function(e){var t={name:"
        Opera Coast "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:coast)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/yabrowser/i],describe:function(e){var t={name:"
        Yandex Browser "},r=n.default.getFirstMatch(/(?:yabrowser)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/ucbrowser/i],describe:function(e){var t={name:"
        UC Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:ucbrowser)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/Maxthon|mxios/i],describe:function(e){var t={name:"
        Maxthon "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:Maxthon|mxios)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/epiphany/i],describe:function(e){var t={name:"
        Epiphany "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:epiphany)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/puffin/i],describe:function(e){var t={name:"
        Puffin "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:puffin)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/sleipnir/i],describe:function(e){var t={name:"
        Sleipnir "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:sleipnir)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/k-meleon/i],describe:function(e){var t={name:"
        K - Meleon "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:k-meleon)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/micromessenger/i],describe:function(e){var t={name:"
        WeChat "},r=n.default.getFirstMatch(/(?:micromessenger)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/msie|trident/i],describe:function(e){var t={name:"
        Internet Explorer "},r=n.default.getFirstMatch(/(?:msie |rv:)(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/\sedg\//i],describe:function(e){var t={name:"
        Microsoft Edge "},r=n.default.getFirstMatch(/\sedg\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/edg([ea]|ios)/i],describe:function(e){var t={name:"
        Microsoft Edge "},r=n.default.getSecondMatch(/edg([ea]|ios)\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/vivaldi/i],describe:function(e){var t={name:"
        Vivaldi "},r=n.default.getFirstMatch(/vivaldi\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/seamonkey/i],describe:function(e){var t={name:"
        SeaMonkey "},r=n.default.getFirstMatch(/seamonkey\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/sailfish/i],describe:function(e){var t={name:"
        Sailfish "},r=n.default.getFirstMatch(/sailfish\s?browser\/(\d+(\.\d+)?)/i,e);return r&&(t.version=r),t}},{test:[/silk/i],describe:function(e){var t={name:"
        Amazon Silk "},r=n.default.getFirstMatch(/silk\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/phantom/i],describe:function(e){var t={name:"
        PhantomJS "},r=n.default.getFirstMatch(/phantomjs\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/slimerjs/i],describe:function(e){var t={name:"
        SlimerJS "},r=n.default.getFirstMatch(/slimerjs\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/blackberry|\bbb\d+/i,/rim\stablet/i],describe:function(e){var t={name:"
        BlackBerry "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/blackberry[\d]+\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/(web|hpw)[o0]s/i],describe:function(e){var t={name:"
        WebOS Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/w(?:eb)?[o0]sbrowser\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/bada/i],describe:function(e){var t={name:"
        Bada "},r=n.default.getFirstMatch(/dolfin\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/tizen/i],describe:function(e){var t={name:"
        Tizen "},r=n.default.getFirstMatch(/(?:tizen\s?)?browser\/(\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/qupzilla/i],describe:function(e){var t={name:"
        QupZilla "},r=n.default.getFirstMatch(/(?:qupzilla)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/firefox|iceweasel|fxios/i],describe:function(e){var t={name:"
        Firefox "},r=n.default.getFirstMatch(/(?:firefox|iceweasel|fxios)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/chromium/i],describe:function(e){var t={name:"
        Chromium "},r=n.default.getFirstMatch(/(?:chromium)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/chrome|crios|crmo/i],describe:function(e){var t={name:"
        Chrome "},r=n.default.getFirstMatch(/(?:chrome|crios|crmo)\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){var t=!e.test(/like android/i),r=e.test(/android/i);return t&&r},describe:function(e){var t={name:"
        Android Browser "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/playstation 4/i],describe:function(e){var t={name:"
        PlayStation 4 "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/safari|applewebkit/i],describe:function(e){var t={name:"
        Safari "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/.*/i],describe:function(e){var t=-1!==e.search("\\ (")?/^(.*)\/(.*)[ \t]\((.*)/:/^(.*)\/(.*) /;return{name:n.default.getFirstMatch(t,e),version:n.default.getSecondMatch(t,e)}}}];r.default=a,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},89:function(e,t,r){var n,i;void 0===(i="function "==typeof(n=function(e){"
                use strict ";Object.defineProperty(e,"
                __esModule ",{value:!0}),e.BROWSER_ALIASES_MAP=void 0,e.BROWSER_ALIASES_MAP={"
                Amazon Silk ":"
                amazon_silk ","
                Android Browser ":"
                android ",Bada:"
                bada ",BlackBerry:"
                blackberry ",Chrome:"
                chrome ",Chromium:"
                chromium ",Epiphany:"
                epiphany ",Firefox:"
                firefox ",Focus:"
                focus ",Generic:"
                generic ",Googlebot:"
                googlebot ","
                Internet Explorer ":"
                ie ","
                K - Meleon ":"
                k_meleon ",Maxthon:"
                maxthon ","
                Microsoft Edge ":"
                edge ","
                MZ Browser ":"
                mz ","
                NAVER Whale Browser ":"
                naver ",Opera:"
                opera ","
                Opera Coast ":"
                opera_coast ",PhantomJS:"
                phantomjs ",Puffin:"
                puffin ",QupZilla:"
                qupzilla ",Safari:"
                safari ",Sailfish:"
                sailfish ","
                Samsung Internet
                for Android ":"
                samsung_internet ",SeaMonkey:"
                seamonkey ",Sleipnir:"
                sleipnir ",Swing:"
                swing ",Tizen:"
                tizen ","
                UC Browser ":"
                uc ",Vivaldi:"
                vivaldi ","
                WebOS Browser ":"
                webos ",WeChat:"
                wechat ","
                Yandex Browser ":"
                yandex "}})?n.apply(t,[t]):n)||(e.exports=i)},90:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=[{test:[/windows phone/i],describe:function(e){return{name:"
                Windows Phone ",version:n.default.getFirstMatch(/windows phone (?:os)?\s?(\d+(\.\d+)*)/i,e)}}},{test:[/windows/i],describe:function(e){var t=n.default.getFirstMatch(/Windows ((NT|XP)( \d\d?.\d)?)/i,e);return{name:"
                Windows ",version:t,versionName:n.default.getWindowsVersionName(t)}}},{test:[/macintosh/i],describe:function(e){return{name:"
                macOS ",version:n.default.getFirstMatch(/mac os x (\d+(\.?_?\d+)+)/i,e).replace(/[_\s]/g,".
                ")}}},{test:[/(ipod|iphone|ipad)/i],describe:function(e){return{name:"
                iOS ",version:n.default.getFirstMatch(/os (\d+([_\s]\d+)*) like mac os x/i,e).replace(/[_\s]/g,".
                ")}}},{test:function(e){var t=!e.test(/like android/i),r=e.test(/android/i);return t&&r},describe:function(e){var t=n.default.getFirstMatch(/android[\s\/-](\d+(\.\d+)*)/i,e),r=n.default.getAndroidVersionName(t),i={name:"
                Android ",version:t};return r&&(i.versionName=r),i}},{test:[/(web|hpw)[o0]s/i],describe:function(e){var t=n.default.getFirstMatch(/(?:web|hpw)[o0]s\/(\d+(\.\d+)*)/i,e),r={name:"
                WebOS "};return t&&t.length&&(r.version=t),r}},{test:[/blackberry|\bbb\d+/i,/rim\stablet/i],describe:function(e){return{name:"
                BlackBerry ",version:n.default.getFirstMatch(/rim\stablet\sos\s(\d+(\.\d+)*)/i,e)||n.default.getFirstMatch(/blackberry\d+\/(\d+([_\s]\d+)*)/i,e)||n.default.getFirstMatch(/\bbb(\d+)/i,e)}}},{test:[/bada/i],describe:function(e){return{name:"
                Bada ",version:n.default.getFirstMatch(/bada\/(\d+(\.\d+)*)/i,e)}}},{test:[/tizen/i],describe:function(e){return{name:"
                Tizen ",version:n.default.getFirstMatch(/tizen[\/\s](\d+(\.\d+)*)/i,e)}}},{test:[/linux/i],describe:function(){return{name:"
                Linux "}}},{test:[/CrOS/],describe:function(){return{name:"
                Chrome OS "}}},{test:[/PlayStation 4/],describe:function(e){return{name:"
                PlayStation 4 ",version:n.default.getFirstMatch(/PlayStation 4[\/\s](\d+(\.\d+)*)/i,e)}}}];r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},91:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s="
                tablet ",a="
                mobile ",o="
                desktop ",u="
                tv ",c=[{test:[/googlebot/i],describe:function(){return{type:"
                bot ",vendor:"
                Google "}}},{test:[/huawei/i],describe:function(e){var t=n.default.getFirstMatch(/(can-l01)/i,e)&&"
                Nova ",r={type:a,vendor:"
                Huawei "};return t&&(r.model=t),r}},{test:[/nexus\s*(?:7|8|9|10).*/i],describe:function(){return{type:s,vendor:"
                Nexus "}}},{test:[/ipad/i],describe:function(){return{type:s,vendor:"
                Apple ",model:"
                iPad "}}},{test:[/kftt build/i],describe:function(){return{type:s,vendor:"
                Amazon ",model:"
                Kindle Fire HD 7 "}}},{test:[/silk/i],describe:function(){return{type:s,vendor:"
                Amazon "}}},{test:[/tablet/i],describe:function(){return{type:s}}},{test:function(e){var t=e.test(/ipod|iphone/i),r=e.test(/like (ipod|iphone)/i);return t&&!r},describe:function(e){var t=n.default.getFirstMatch(/(ipod|iphone)/i,e);return{type:a,vendor:"
                Apple ",model:t}}},{test:[/nexus\s*[0-6].*/i,/galaxy nexus/i],describe:function(){return{type:a,vendor:"
                Nexus "}}},{test:[/[^-]mobi/i],describe:function(){return{type:a}}},{test:function(e){return"
                blackberry "===e.getBrowserName(!0)},describe:function(){return{type:a,vendor:"
                BlackBerry "}}},{test:function(e){return"
                bada "===e.getBrowserName(!0)},describe:function(){return{type:a}}},{test:function(e){return"
                windows phone "===e.getBrowserName()},describe:function(){return{type:a,vendor:"
                Microsoft "}}},{test:function(e){var t=Number(String(e.getOSVersion()).split(".
                ")[0]);return"
                android "===e.getOSName(!0)&&t>=3},describe:function(){return{type:s}}},{test:function(e){return"
                android "===e.getOSName(!0)},describe:function(){return{type:a}}},{test:function(e){return"
                macos "===e.getOSName(!0)},describe:function(){return{type:o,vendor:"
                Apple "}}},{test:function(e){return"
                windows "===e.getOSName(!0)},describe:function(){return{type:o}}},{test:function(e){return"
                linux "===e.getOSName(!0)},describe:function(){return{type:o}}},{test:function(e){return"
                playstation 4 "===e.getOSName(!0)},describe:function(){return{type:u}}}];r.default=c,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},92:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=[{test:function(e){return"
                microsoft edge "===e.getBrowserName(!0)},describe:function(e){return/\sedg\//i.test(e)?{name:"
                Blink "}:{name:"
                EdgeHTML ",version:n.default.getFirstMatch(/edge\/(\d+(\.?_?\d+)+)/i,e)}}},{test:[/trident/i],describe:function(e){var t={name:"
                Trident "},r=n.default.getFirstMatch(/trident\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){return e.test(/presto/i)},describe:function(e){var t={name:"
                Presto "},r=n.default.getFirstMatch(/presto\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){var t=e.test(/gecko/i),r=e.test(/like gecko/i);return t&&!r},describe:function(e){var t={name:"
                Gecko "},r=n.default.getFirstMatch(/gecko\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/(apple)?webkit\/537\.36/i],describe:function(){return{name:"
                Blink "}}},{test:[/(apple)?webkit/i],describe:function(e){var t={name:"
                WebKit "},r=n.default.getFirstMatch(/webkit\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}}];r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)}})});},{}],"
                H99C ":[function(require,module,exports) {"
                use strict ";require("
                normalize.css "),require(". / style.scss ");var e=t(require("
                bowser "));function t(e){return e&&e.__esModule?e:{default:e}}var s=e.default.parse(window.navigator.userAgent),a="
                firefox "==s.browser.name.toLowerCase().replace(/\s/g," - "),r="
                yandex - browser "==s.browser.name.toLowerCase().replace(/\s/g," - "),o=document.querySelector(".sc "),i=(window.navigator.language||window.navigator.languages[0]).slice(0,2),n=-1!=["
                ar ","
                dv ","
                he ","
                ku ","
                fa ","
                ur "].indexOf(i)?"
                rtl ":"
                ltr ";o.classList.add(i),o.classList.add(n),o.classList.add("
                sc--".concat(s.platform.type)),o.classList.add("
                sc--".concat(s.os.name.toLowerCase())),o.classList.add("
                sc--".concat(s.browser.name.toLowerCase().replace(/\s/g," - ")));var l={};"
                desktop "==s.platform.type?("
                macos "==s.os.name.toLowerCase()&&(l.height=150),"
                rtl "==n?(l.left="
                auto ",l.right=0,a?l.right=262:r&&(l.left=17,l.right="
                auto ")):(l.left=85,l.right="
                auto ",a?l.left=262:r&&(l.left="
                auto ",l.right=17))):l.left=0,void 0===window.setStyle&&(console.error("
                window.setStyle is not a
                function "),window.setStyle=function(){}),window.setStyle(l);},{"
                normalize.css ":"
                9 KIJ ",". / style.scss ":"
                9 KIJ ","
                bowser ":"
                JSid "}]},{},["
                H99C "], null)</script></body></html></html>


HTTP Transactions (118)


Request Response
                                        
                                            GET /live/20/31/06/12/11/79095/ HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Pingback: http://bmindbm.xyz/xmlrpc.php
Link: <http://bmindbm.xyz/wp-json/>; rel="https://api.w.org/", <http://bmindbm.xyz/wp-json/wp/v2/posts/79095>; rel="alternate"; type="application/json", <http://bmindbm.xyz/?p=79095>; rel=shortlink
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDUVVsdGA647ge%2F5qdDtXKfZJDQlYjEfM2%2Fm2wXo9QdlQBoh%2Ftz%2BdcNS86RgCro%2BD52GQqPXYmZgP%2BjhvVX2hA7ZujYF3qigw7Yh3ytUiAT%2FSUc95QMYYi1pVFRbeg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 765fe1b56b440b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Size:   5012
Md5:    c295f06a34488b35758ce1439ccfb398
Sha1:   306b2f41c769eb0fa24405069125063f1776eda3
Sha256: 5a9d308c8c603552ca9d2c84ed144e36d6896fc293aa4c60fefe6537675a9563

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21329
Expires: Mon, 07 Nov 2022 00:22:39 GMT
Date: Sun, 06 Nov 2022 18:27:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2990
Cache-Control: max-age=147223
Date: Sun, 06 Nov 2022 18:27:10 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:20:53 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13948
Expires: Sun, 06 Nov 2022 22:19:38 GMT
Date: Sun, 06 Nov 2022 18:27:10 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 2p2dSpeMV7ljhFzRt0/cvcfz3TwGUxM0rZwqdt116mc2agMq/zF8UxWUfEfpIoXad8ZuE+FNxsw=
x-amz-request-id: AS77TCP61J9EGM58
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 18:10:33 GMT
age: 997
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT
ETag: W/"63622cd2-17265"
Expires: Fri, 02 Dec 2022 12:28:00 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 367150
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5%2FFtCIVNW8TGAJIeXI5hn8L2kTa9nH691mwsftPS3GIG8DSUxcxuNbvcZ%2FyTjIUif2DYJmxQaX5d7FDZU0%2F1PTYRztl6AINd7dwUDqhrFb2nPK4mDGeMMQdR8Wbgg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7ade40b02-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   16093
Md5:    437cbb59360f25850815ea2cb4e08ad4
Sha1:   26ec6e5faca8cbc81f7d38d8cdd0e05f577be065
Sha256: c0d648b05833951a23877fd7f479c310b2ef027352ff396a8d6cdfebd0efcbf4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT
ETag: W/"63622cd2-d9"
Expires: Fri, 02 Dec 2022 12:28:00 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
CF-Cache-Status: HIT
Age: 367150
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omMBK0BtB2ZBB0aFYBnWoHdag6DZHAiWd7L0g4Ak74X6eLY6%2FGrKhCZMrS14VrGmoDHKkASIypD53IzTTLZC9e5GejGikrX8p4aMGXMhhnjD25h59dW1%2F0UZbVXzqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7bfceb503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   188
Md5:    8ac085745a5bcc97c54f8088973df029
Sha1:   4e065566e82d4623d0f5b4d9275d3ee29e15acd1
Sha256: a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
                                        
                                            GET /wp-content/themes/thesimplest/assets/css/bootstrap.min.css?ver=3.3.7 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT
ETag: W/"62f93e74-1d958"
Expires: Tue, 29 Nov 2022 18:07:45 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 605965
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLXD0zUGV2FjOXUXQuVjbffZnl39IsuWNU%2B8HjUapaXhe0vk6jKJudvqEqNZKZMT0GNx%2FFPWNXWrTDBG4f8OGTMHzT9Nzb%2BEk7IluDK%2FWmr%2F5VLXLFg3lKPJRQk%2Feg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7bc89fac4-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (65367), with CRLF line terminators
Size:   25204
Md5:    6cd040e53cbf5323fd187b9fa72a8e8a
Sha1:   df82b021aed0d857770cfdebbfcf179d799cc172
Sha256: 0d0270a2d03002beece63c71cd30b3dc995c941f2584cf78fee66ff94026686e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT
ETag: W/"63622cd2-15e54"
Expires: Fri, 02 Dec 2022 12:28:00 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 367150
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbrdls3yqFPfteT9WWuY02Buw9Te8%2Fvk%2F3LLocPYDek%2BXvNNaRuq9PV%2FqdLBXutb%2B%2F5%2Ba68HylBG%2BYfQ14k0EKs6mb4SYCAB4SAbQYemC%2FOa1w339A8XAhtJuCqpUA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7ce120b02-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   36096
Md5:    3799a6be94d7facfc78f066e18773e22
Sha1:   5d97b0e2565712331b1d73be1581159bf282cd4f
Sha256: e208eb0b972a9d1bdd741669ae120b4555f33ea138d69d012f99de9aaec1c9be
                                        
                                            GET /wp-content/themes/thesimplest/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Bgj: minify
Cf-Polished: origSize=1280
ETag: W/"62f93e74-500"
Expires: Tue, 29 Nov 2022 18:07:45 GMT
Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT
Pragma: public
CF-Cache-Status: HIT
Age: 605965
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqnYGklpUGVi%2B%2BWL2McJeQGH3YM6VrmuGk%2F3zueLNrGBB4JGeFKF7zQQw4uOJ%2BGTLIL07ZBbYhWjSGkMp98cBUfMfkeuf0F34pjtSQq2C7QpbQ4NR99buvhcDfON2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7c803b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (410)
Size:   342
Md5:    811f33af7d382c6845878f57a43ae019
Sha1:   8a70a1c3eca6cdd27e07f1f93ca5bbdec327f554
Sha256: b07c724b9ea75eb1467a3e8c28dbe8c295d68997c000de9de6c2d5e944924966
                                        
                                            GET /wp-content/themes/thesimplest/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT
ETag: W/"62f93e74-791c"
Expires: Tue, 29 Nov 2022 18:07:45 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 605965
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbBO3rtwd8ZIg2Rh6LgLth9VeceS0%2Fk7AQeQntqZAcVZO46mWNP5AorFhRG2tvICG%2FrdXM%2B79LSuFjmd8jw30lfEppj1weWR46rNXpY57kIfktkTtCHLbJjHdTpBFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7cc8b1c06-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837), with CRLF line terminators
Size:   7954
Md5:    eaad6409dc92a75212f78c94f8cd235e
Sha1:   80cf8a363b2f0956dc8485f1c5365c44311a6d6d
Sha256: 9420ca89d597890836440ecfa4e9f9fe3a5e92a0c0cb8f15aac2302794d916ed

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thesimplest/style.css?ver=6.1 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Bgj: minify
Cf-Polished: origSize=37090
ETag: W/"62f93e74-90e2"
Expires: Fri, 02 Dec 2022 12:28:00 GMT
Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT
Pragma: public
CF-Cache-Status: HIT
Age: 367150
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1im0Ixuf%2BR53%2BiFbI2DKeiXb%2FziGundOyHEmLj%2F%2BanTQkIamW54kKVlhFpWdNgIO1tOx%2FqsyGQ3RdsWWPeGu%2BXEQ8rV1AYVegf6Q0l2TiP7KQ3hPgdXX8bGOHywf1A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7c9c80b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (26617), with no line terminators
Size:   5924
Md5:    03f9f78060c65b5eef626789fa2b1090
Sha1:   c2fb1503f82681f6967e175f2137d5ac2495b147
Sha256: 789dbee53d0771f4b5d02c212a3ce184b0fa9c74e635fc980b0e28b190e33a66

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/comment-reply.min.js?ver=6.1 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT
ETag: W/"62f93e6c-ba5"
Expires: Fri, 02 Dec 2022 12:28:00 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 367150
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iz2BJaOB5saaHin2d1lWhCdrAFXXeZ9LS0GemGH%2BkIqvUOvx51YUpPdCIS2QcO53t%2F6DqqUKoOPwboBIDGN8%2BHmPJ6eqVNipsvLxgABoE8IWw6kjo%2BU7%2FQkvyljIkA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7de3a0b02-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (2946)
Size:   1400
Md5:    6282991ad99635e986f4bebf83d5901b
Sha1:   7f648e27d58531016bf668335f123795df7d0cd7
Sha256: a81bf134e4dafa239d0dbe5c6126798016d73c70391f64eb542296a4e95164f8
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT
ETag: W/"62f93e6c-2bd8"
Expires: Mon, 28 Nov 2022 11:21:01 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 716769
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgAAF%2FPAvZlpDGKfovc6d4QJQeaiqehxgRDR8EwMfg70EaaTsjmFuLEkiL9uaVUe%2Bh18oB2aR7GkPrFlDprLFF90PdOlWNui0GUiMDEyLS%2FEZ8zY%2Fung5jZs8FaszQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7ce31b515-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4565
Md5:    413654fdfa9b24fbd3d747482e3971c9
Sha1:   c23c501d5f668cd83443a4847197717536d55ab8
Sha256: 48470f972b6a6afef4cdb0177dae59d5c891353d995e76c47c9cb142fe45766e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thesimplest/assets/js/bootstrap.min.js?ver=3.3.7 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT
ETag: W/"62f93e74-90bb"
Expires: Thu, 17 Nov 2022 18:30:03 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1641427
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyEJlePD0OtZfa2u12Dr%2FCyykyE0gEo5JtBrlEoJ9BMUVsDwswrlKgRW%2FBN5gCWOmJX7oOWxrYJHMCDeD5l5r4ton2JtLFgj16L%2B%2BrW5%2BgJRcsmAFbfYS8DlUpbf%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7dcaefac4-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033), with CRLF line terminators
Size:   11896
Md5:    2b6818935cd109cfffeef9c1be632358
Sha1:   1794f2fbc5b5a99dccdc95a5f4b8ba5d90c805e6
Sha256: ece4c79978657a26246a87ccf53f02c93c19a2418eb0429bec6364d5a8027164
                                        
                                            GET /wp-content/themes/thesimplest/assets/js/main.js?ver=1.0 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Cf-Bgj: minify
Cf-Polished: origSize=9874
ETag: W/"62f93e74-2692"
Expires: Tue, 29 Nov 2022 18:07:45 GMT
Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT
Pragma: public
CF-Cache-Status: HIT
Age: 605965
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y522mDNW9flw9xZ8P5yMhqKq3gNbdxj9Yy8D25pr9BV0yy4Qi3bVx2Kclv9bgQNDyArfvyzKb9xjVjWU3ryqs7bW38nGeGRudIvKJPFu7Cz5SUxlv98LHANGwCzbLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b7d81fb503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1068)
Size:   2044
Md5:    bbe8fa1069e339a40a4991556cad0ffa
Sha1:   6eeaf6e13312703fc3f803a9fcd054d41ebe77b7
Sha256: 967207e4171f4d99060ea3d708786034ccf542e678a5800c7843350d0507469d
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:10 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT
ETag: W/"62f93e6c-48b9"
Expires: Fri, 02 Dec 2022 13:24:20 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 363770
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6TsKT%2BwlsWK%2Fjf%2BgRpF5qvI5xr%2Bv8q5UFiB0l0%2FjV8qKIkeOW0ZcGMtFs5WiDcXzIj4CWv3r2lK6COLYMA3eLNHk2CjvgZdBNeIWHPRHlgpvyniretUFcvB7xIvEA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1b85d24fac4-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5806
Md5:    9821563af79d0fbd798c5a96f11cb775
Sha1:   d7ad769f21b6cdbd3602ba2512449e5febe7a2ee
Sha256: 3a372dc0de21ae3d1a2e8d08c2d38599823eb332d06f35ec1eefd1afbbbe9f12
                                        
                                            GET /gtag/js?id=UA-3299888-6 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 18:27:10 GMT
expires: Sun, 06 Nov 2022 18:27:10 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43587
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43587
Md5:    ff1757d91239f47107c3240fc28f15eb
Sha1:   df7006ee09b577337cc17cf568272811956eec9b
Sha256: 908a91aca8681b1aca894e326478838ae368c73d3d88678157d4f12e7c51e4bb
                                        
                                            GET /gtag/js?id=UA-195874698-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 18:27:10 GMT
expires: Sun, 06 Nov 2022 18:27:10 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43608
Md5:    5aee71665cb4856f4b116960846e3236
Sha1:   38ca1b20c6281065d42b06246ab2008c70a9e3e1
Sha256: 374a7443a2ee93646eeb5e9ac2e9b68e8c5619492c7cdb740b8c99c70948b962
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:30:59 GMT
expires: Thu, 02 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 341771
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size:   7816
Md5:    25b0e113ca7cce3770d542736db26368
Sha1:   cb726212d5d525021752a1d8470a0fb593e0c49e
Sha256: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
                                        
                                            GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:45:18 GMT
expires: Thu, 02 Nov 2023 19:45:18 GMT
cache-control: public, max-age=31536000
age: 340912
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data
Size:   32900
Md5:    fda3323314d895ae39de612559f6fad9
Sha1:   644dbb14f599920fdc8f8260b6e67bd1f8770e89
Sha256: d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25EF7CEF2934DE8422A9F441A8BBA27548D43DD2383ABA06232EF3E18E72EB1C"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14653
Expires: Sun, 06 Nov 2022 22:31:24 GMT
Date: Sun, 06 Nov 2022 18:27:11 GMT
Connection: keep-alive

                                        
                                            GET /75/76/d6/7576d6897cb0ae20fcfc0ef1a1c7ef78.js HTTP/1.1 
Host: contagiongrievedoasis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/

search
                                         192.243.61.227
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Sun, 06 Nov 2022 18:27:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /02/98/98/029898a3cf43e37661f8287ca0e4ce9a.js HTTP/1.1 
Host: impressivecontinuous.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/

search
                                         192.243.59.20
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 18:27:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /58/18/a5/5818a5b2a8f68aedb1a7d80e9b60472c.js HTTP/1.1 
Host: contagiongrievedoasis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/

search
                                         192.243.61.227
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Sun, 06 Nov 2022 18:27:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /328e7308c7d9b682b707448d319ed5fb/invoke.js HTTP/1.1 
Host: www.effectivedisplayformat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/

search
                                         173.233.139.164
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Sun, 06 Nov 2022 18:27:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8ACB704495076DE54CE6C49088626135A87035D0C8F70B20EB916895541C2B6A"
Last-Modified: Fri, 04 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14529
Expires: Sun, 06 Nov 2022 22:29:20 GMT
Date: Sun, 06 Nov 2022 18:27:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6F2FEE2FA39121115E2588E38139D01470718C3E88244F51906C739D6ADA92F5"
Last-Modified: Sat, 05 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12221
Expires: Sun, 06 Nov 2022 21:50:52 GMT
Date: Sun, 06 Nov 2022 18:27:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C44C9FBC0D69987774F67EFF9279A1E71669E7619B8F8EFB817D0F79C9F3BF5B"
Last-Modified: Sun, 06 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14458
Expires: Sun, 06 Nov 2022 22:28:09 GMT
Date: Sun, 06 Nov 2022 18:27:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6462
Cache-Control: max-age=145642
Date: Sun, 06 Nov 2022 18:27:11 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:54:33 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /02/98/98/029898a3cf43e37661f8287ca0e4ce9a.js HTTP/1.1 
Host: impressivecontinuous.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/

search
                                         192.243.59.20
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Sun, 06 Nov 2022 18:27:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /zone?pub=0&zone_id=4018039&is_mobile=false&domain=bmindbm.xyz&var=&ymid=&var_3= HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bmindbm.xyz/
Origin: http://bmindbm.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
content-length: 664
x-trace-id: 8d7665f7181a67d543eff21f4befd7d6
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (663)
Size:   664
Md5:    5444871228d2777e91ff0b277c00a8ad
Sha1:   0c84e7b034e3a75c632ce5096747eecb75a1573a
Sha256: 6088bfc314da81c6b3cedf06e986dfe1c22d866f973cf57a716c73f12d33ebe4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4745
Cache-Control: max-age=141048
Date: Sun, 06 Nov 2022 18:27:11 GMT
Etag: "63676dee-117"
Expires: Tue, 08 Nov 2022 09:37:59 GMT
Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:11 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT
Expires: Thu, 10 Nov 2022 18:25:19 GMT
Etag: "c5588f7f402a41c39405d7459367eadb893fafaf"
Cache-Control: max-age=344887,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765fe1bbeeeab4e8-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4745
Cache-Control: max-age=141048
Date: Sun, 06 Nov 2022 18:27:11 GMT
Etag: "63676dee-117"
Expires: Tue, 08 Nov 2022 09:37:59 GMT
Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /gid.js?userId=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
content-length: 65
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    bbf8eb01a95f47b5fdd57e2c711f8b4f
Sha1:   81147c4d10829c13c6d03438cf6556e74fda380f
Sha256: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743
                                        
                                            GET /58/18/a5/5818a5b2a8f68aedb1a7d80e9b60472c.js HTTP/1.1 
Host: contagiongrievedoasis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/

search
                                         192.243.61.227
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Sun, 06 Nov 2022 18:27:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bS5lXJh5NSDjxMEAXzdBQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.161.6.128
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: coT22y1RG9jyE1U8HrXOowe9qgc=

                                        
                                            OPTIONS /9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://bmindbm.xyz/
Origin: http://bmindbm.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /75/76/d6/7576d6897cb0ae20fcfc0ef1a1c7ef78.js HTTP/1.1 
Host: contagiongrievedoasis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/

search
                                         192.243.61.227
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Sun, 06 Nov 2022 18:27:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:11 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 12:52:20 GMT
Expires: Thu, 10 Nov 2022 12:52:19 GMT
Etag: "8fd4984046851a3fbd44b60e5449652a5e35d831"
Cache-Control: max-age=324907,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765fe1be4b44b4e8-OSL

                                        
                                            GET /?rb=nr4vHIg5nk6-rYVGjLpl2K8USddLKv84A1xWzn2M5u3XDTNhxH0xMPrAkfQ4fJjwCui45wsDKv44vSljQXcr8XfyxOTjmDAC-hvg6sHA3ePbDTZ9_ZmyfFYQmxUW3o2WHwOG8v_5L2rEKf-1kbzQGDjpsDlbCKxRJOTjZqgh5ZlGE07WuTqp1MCSL1omkqAomcIe8OgBfgC53JgFk5qmSP-uurl5iBr316za-A%3D%3D&request_ab2=0&zoneid=3710289&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=533e8dab-6f5d-4d5b-a654-56dd5084d8b0&userId=bbf81df1bd4b44eba4cd1d096c889c63&m=link HTTP/1.1 
Host: onmarshtompor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bmindbm.xyz/
Origin: http://bmindbm.xyz
Connection: keep-alive

search
                                         139.45.197.243
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Sun, 06 Nov 2022 18:27:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 2fff0691fce4cd2f88d32b42f8ee130b
Access-Control-Allow-Origin: http://bmindbm.xyz
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/ oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/ syncedCookie=true; expires=Sun, 13 Nov 2022 18:27:11 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2411), with no line terminators
Size:   1862
Md5:    73693b8c9c743d85e47e26483233c590
Sha1:   93f489a5cfe8d36f21986194140547c02a0997a5
Sha256: 3771a7d61bef1cfb869e71df919c9b15cf5ba52bcad14982d124cd13c634950a
                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: fleraprt.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 915
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.254
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Sun, 06 Nov 2022 18:27:14 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://bmindbm.xyz
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://bmindbm.xyz/
Origin: http://bmindbm.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
content-length: 0
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            GET /gid.js?pub=0&userId=b2183cd79d3145cf9c8ea616db8aadf0&zoneId=4018039&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bmindbm.xyz/
Origin: http://bmindbm.xyz
Connection: keep-alive
Cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
content-length: 65
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    bbf8eb01a95f47b5fdd57e2c711f8b4f
Sha1:   81147c4d10829c13c6d03438cf6556e74fda380f
Sha256: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743
                                        
                                            POST /custom HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bmindbm.xyz/
Content-Type: application/json
Origin: http://bmindbm.xyz
Content-Length: 384
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
content-length: 39
x-trace-id: 885966ebbef40352123000351bf82f34
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            OPTIONS /500/3710287?excludes=&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://bmindbm.xyz/
Origin: http://bmindbm.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /channels/hd/SCCfwxq.png HTTP/1.1 
Host: v4.sportsonline.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v4.sportsonline.to/channels/hd/hd8.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.8.62
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 06 Nov 2022 18:27:11 GMT
content-length: 1220
last-modified: Tue, 07 Dec 2021 14:48:18 GMT
etag: "61af7432-4c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2009
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YjyYI%2BtvFnYF%2F0h%2BNvpIs4kHor5r1WV5TVnz0aSkeYTKmCOzXV9hJSZPKcOR771P8BvSFA5USrBd8uneKaBqEbvJ2GmqBFKmO7XQFM4QrNsAtP13aEkKpiIpZ8QmmF7Zzv2LYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765fe1bf38e8b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 588 x 454, 8-bit colormap, non-interlaced\012- data
Size:   1220
Md5:    613678c01b1604d5cd1e515517e095a1
Sha1:   cb306e19705d9e1da2aa1487283b7f9f69ad330a
Sha256: ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
                                        
                                            GET /channels/hd/hd8.php HTTP/1.1 
Host: v4.sportsonline.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.21.8.62
HTTP/2 200 OK
content-type: text/html
                                        
date: Sun, 06 Nov 2022 18:27:11 GMT
x-powered-by: PHP/5.4.16
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtaGQUN8j1wu%2BIK9nsxwO4oTmhOBBiriwii%2BGGGQP22GtdtgluviTsw%2FWY9l4eKNyf%2Fb%2Fr5LS0yKgMPfyILiLw92Y31kIAwPbAKfd7aGVdCY0PkcJgG8GkjR9ArsTmXJfkwdP4E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765fe1bddeadb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (822), with CRLF, LF line terminators
Size:   44829
Md5:    f5cb3b67a01e111d5457d6a6755d567c
Sha1:   154b140eeb7d78576172dfb403088da080f1a253
Sha256: a1d70dffce2da0ff14b649281a607986f50c1e20234ec601d6ba2a18a08b2e96

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B1D2591120CC8DCFA875CEAB5051E309732C91F48D14813FB2C27C97EFBFBEA5"
Last-Modified: Fri, 04 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16424
Expires: Sun, 06 Nov 2022 23:00:55 GMT
Date: Sun, 06 Nov 2022 18:27:11 GMT
Connection: keep-alive

                                        
                                            GET /11?rnd=752090860&z=3710288&b=15546894&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=RgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6&ruid=ee5dc45b-72b4-42be-a647-3abe15f0f0c9&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=202 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: http://bmindbm.xyz/
Cookie: scm=1; OAID=bbf81df1bd4b44eba4cd1d096c889c63; oaidts=1667759231
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: b3580227fcabb9be992e99522e275f0e
access-control-expose-headers: X-Sc
set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F305998AE454490CDC7D7EC0EB2E37AA8FAF7D3906EDE594D2E4D4992B842089"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5077
Expires: Sun, 06 Nov 2022 19:51:49 GMT
Date: Sun, 06 Nov 2022 18:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B1D2591120CC8DCFA875CEAB5051E309732C91F48D14813FB2C27C97EFBFBEA5"
Last-Modified: Fri, 04 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16423
Expires: Sun, 06 Nov 2022 23:00:55 GMT
Date: Sun, 06 Nov 2022 18:27:12 GMT
Connection: keep-alive

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 16:41:09 GMT
expires: Sun, 06 Nov 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 6363
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /j/collect?v=1&_v=j98&a=1064186128&t=pageview&_s=1&dl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&ul=en-us&de=UTF-8&dt=Live%20Streams&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=911986759&gjid=254733466&cid=951940522.1667759230&tid=UA-195874698-1&_gid=822534487.1667759230&_r=1&gtm=2oub20&z=100589385 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://bmindbm.xyz
date: Sun, 06 Nov 2022 18:27:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /j/collect?v=1&_v=j98&a=1064186128&t=pageview&_s=1&dl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&ul=en-us&de=UTF-8&dt=Live%20Streams&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=289599453&gjid=413045313&cid=951940522.1667759230&tid=UA-3299888-6&_gid=822534487.1667759230&_r=1&gtm=2oub20&z=667681429 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://bmindbm.xyz
date: Sun, 06 Nov 2022 18:27:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/
Cookie: prefetchAd_3710289=true

search
                                         104.21.19.28
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 06 Nov 2022 18:27:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://bmindbm.xyz/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://bmindbm.xyz/wp-includes/images/w-logo-blue-white-bg.png
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bH8rz29mjWwSNx3Y1o1XYEElRJ6%2F%2FNzAYaDs3SmgzX5BlaxC7ctNxcNb%2FX%2FZfh844BIcRESd8S0Jhn%2FOyolVLGmbgwhMrypXo7wG4Qkc3Esw1AQVfUZajPJoL145Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1c03ba1fac4-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 
Host: bmindbm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/
Connection: keep-alive
Cookie: prefetchAd_3710289=true; _ga=GA1.2.951940522.1667759230; _gid=GA1.2.822534487.1667759230; _gat_gtag_UA_195874698_1=1; _gat_gtag_UA_3299888_6=1

search
                                         104.21.19.28
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 06 Nov 2022 18:27:12 GMT
Content-Length: 4119
Connection: keep-alive
Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT
ETag: "62f93e6c-1017"
Expires: Fri, 02 Dec 2022 17:37:48 GMT
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate
Pragma: public
CF-Cache-Status: HIT
Age: 348564
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzDlu0w%2FH%2BhFC0Nq6pKsRDQ%2FxY1xg2eKWQIuv%2B2EcWgqFHRmKid3A9hltPjUthA3g0Zry%2FfmNrHV4Ds%2F6SLrZzfWrusn0kjFfDbyaVYKC5mBkDlmRafVMf31%2BD96BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765fe1c0dc11fac4-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   4119
Md5:    000bf649cc8f6bf27cfb04d1bcdcd3c7
Sha1:   d73d2f6d74ec6cdcbae07955592962e77d8ae814
Sha256: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
                                        
                                            GET /contents/s/8f/25/bf/cd54db1f16f90ef0c18d8e5b25/01459783680084.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.155
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:12 GMT
content-length: 13048
last-modified: Tue, 24 May 2022 07:29:00 GMT
etag: "628c893c-32f8"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   13048
Md5:    8f25bfcd54db1f16f90ef0c18d8e5b25
Sha1:   1f4688ac5f49c88996b19a53f52b5baa4f45d27d
Sha256: f00d8792dc35cf10580800aa00ebea0307bb01e092fe8c7b3778ef3cec8b4319
                                        
                                            POST /custom HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bmindbm.xyz/
Content-Type: application/json
Origin: http://bmindbm.xyz
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:12 GMT
content-length: 39
x-trace-id: e3fe838dbf2ebf4134261b9c46031c5c
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST /s/gts1p5/5UFbpcA-Z6Q HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1B2F8BD8D4B8BF78BFD6B06130ECBF660615CE661D707E2FFBC47FDF5E412713"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14550
Expires: Sun, 06 Nov 2022 22:29:42 GMT
Date: Sun, 06 Nov 2022 18:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:12 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 17:22:25 GMT
Expires: Sat, 12 Nov 2022 17:22:24 GMT
Etag: "46f025a99cc797a410a3411ae82fb96d943d01c2"
Cache-Control: max-age=513911,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765fe1c05f1bb4e8-OSL

                                        
                                            GET /contents/s/54/dd/f5/e95e60ab935e545b50ffa002ca/0975276558731.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.155
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:12 GMT
content-length: 54176
last-modified: Thu, 16 Dec 2021 06:39:29 GMT
etag: "61badf21-d3a0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size:   54176
Md5:    54ddf5e95e60ab935e545b50ffa002ca
Sha1:   4285c9c5481ad2d0cc0f87cc05d3e0810d29573a
Sha256: ea65923ca842ba0f5c9f6cf90659f8ebc651275dc24de3c061ea60e78ca1714f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4344
Cache-Control: max-age=111122
Date: Sun, 06 Nov 2022 18:27:12 GMT
Etag: "6366fa9a-118"
Expires: Tue, 08 Nov 2022 01:19:14 GMT
Last-Modified: Sun, 06 Nov 2022 00:06:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /script/bootstrap.js HTTP/1.1 
Host: superfastcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v4.sportsonline.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.64.166.4
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 06 Nov 2022 18:27:11 GMT
x-guploader-uploadid: ADPycdvD2aV0vhAfm60SW0Z3KK4sh4pPps0G-9mhbxVaxUs84UEQMhHFmvZkfDWNnm8gCTW04hmXAsP8_nRKiXjgYv8rNQ
x-goog-generation: 1662626315119008
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100523
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sun, 06 Nov 2022 18:36:50 GMT
cache-control: public, max-age=14400
last-modified: Thu, 08 Sep 2022 08:38:35 GMT
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
age: 2676
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn%2FdR7W59LwhIAcYfFfwRNc7tGXILcwCG%2Fu8YScYPzdOI4CsX5nBRNq2OvWRQ0RKtsNEeo0vNnhqFJo1doSOkpgRHvXXU3Q23gYJD56qE3Sbug3eB7QPA%2Fke2qedu9r2O5Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765fe1bfcb457756-LHR
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Size:   43790
Md5:    86862f00fabac54f7ee1a6b5059b6460
Sha1:   b3c01213fa48750a92ff7401ab9b15001e1048bb
Sha256: ad8ce50a4860bae5b6a35fed5cc785246ba918ef59d857c654da4010b1834d6d
                                        
                                            GET /1?z=3710288 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2d134030be568a09da9310b03c90adcd
access-control-expose-headers: X-Sc
x-sc: Z51PlDrEfVAjxhL89zugYYTTOmdAVgxRe4OrCrYAd-3LLNdDBiX5xQWKhrdiDnxNSt0BO_dZ9tUdmw0Kb0La0Z1O02w=
set-cookie: scm=1; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None OAID=dee55ce7c87b4c8e9ed45322bbce0a90; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (52034)
Size:   22887
Md5:    396bd35732123ac1de829b4bc2daf998
Sha1:   a749d1626ac6a4d3515350db579becd376c4d931
Sha256: 6089746af3519c66903567f449ccacc4a082cad225c5dafb48075c60f2f1e68c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4848
Cache-Control: max-age=144376
Date: Sun, 06 Nov 2022 18:27:12 GMT
Etag: "63677a88-117"
Expires: Tue, 08 Nov 2022 10:33:28 GMT
Last-Modified: Sun, 06 Nov 2022 09:12:40 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://y0k2w0p9cl84r1.constraindefiant.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 17:10:21 GMT
expires: Wed, 01 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 436611
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   23948
Md5:    813a509ab98f1261d5397479dea5867d
Sha1:   2e212243ed3d87e260cbd5ba3e226806c926ce17
Sha256: 579063c6a41623745b26ac24092d6b0583d09f4cce70fbb9a163311a3ca7723c
                                        
                                            GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 18:27:12 GMT
age: 8144
x-served-by: cache-fra19182-FRA, cache-bma1645-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141142
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   141142
Md5:    7e7fdfacdb1943ea810449001d165a53
Sha1:   fc230e8b4a933497a2da4a783574a5b07b889a7e
Sha256: d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6398
Cache-Control: max-age=133702
Date: Sun, 06 Nov 2022 18:27:12 GMT
Etag: "63674ac8-117"
Expires: Tue, 08 Nov 2022 07:35:34 GMT
Last-Modified: Sun, 06 Nov 2022 05:48:56 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /s/gts1p5/5UFbpcA-Z6Q HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4848
Cache-Control: max-age=144376
Date: Sun, 06 Nov 2022 18:27:12 GMT
Etag: "63677a88-117"
Expires: Tue, 08 Nov 2022 10:33:28 GMT
Last-Modified: Sun, 06 Nov 2022 09:12:40 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /js/plausible.js HTTP/1.1 
Host: awstats.cloud
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.168.34
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 06 Nov 2022 18:27:12 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jkIlpIjwQ4%2BZ8%2FS%2BU7yJ%2Fad18s2KH%2BchMH3J9uguvXy9EyWRw1Js3qPBJhBGAqj%2BdcFXS6QPevRToRBHPiLKym5bOLD3zHbVYpT5eHqBEJmTpSIVl4IIgJJMc%2FO9Yt2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765fe1c24bb4b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1332), with no line terminators
Size:   697
Md5:    ec64ae3b22c7f1ecc262349f5d4f46fd
Sha1:   bc6cb0caa60c0df8f837da905de991e61a6d07ee
Sha256: 4df4d373e066c6e8f08b3639e95047af25e344c2204f321c5f41e22b0df42b5c
                                        
                                            GET /draw/?w=colored&n=68600&c=000000ffffff&p=left HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://v4.sportsonline.to/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.75.171
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 06 Nov 2022 18:27:12 GMT
content-disposition: filename=wau-widget.png
expires: Sun, 06 Nov 2022 15:05:06 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 98526
last-modified: Sat, 05 Nov 2022 15:05:06 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 765fe1c28b1398ea-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size:   1801
Md5:    ee72972ca6daf251213b7c8157d743f6
Sha1:   6447b1e6580131c50d0a1b1fb2bf1f29f0769d2e
Sha256: 3195f43661dc876aa5f8b41c8f7b3d12787bb613c07036009a7eb717cfaa15d9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 06 Nov 2022 18:27:12 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 17:22:25 GMT
Expires: Sat, 12 Nov 2022 17:22:24 GMT
Etag: "46f025a99cc797a410a3411ae82fb96d943d01c2"
Cache-Control: max-age=513911,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765fe1c2fbfbb4e8-OSL

                                        
                                            POST /api/event HTTP/1.1 
Host: awstats.cloud
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 142
Origin: https://y0k2w0p9cl84r1.constraindefiant.net
Connection: keep-alive
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.67.168.34
HTTP/2 202 Accepted
content-type: text/plain; charset=utf-8
                                        
date: Sun, 06 Nov 2022 18:27:12 GMT
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: FyUSL5ouFgwhmqEJyu8C
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwZC%2BgONa9JwW9Kg4K3M4S%2Bcwicf0F0BmuSmSiJvJ8YMuANqCgy%2Bt%2BCGKjeBkd9q1bvf9IvpNkfiGFkEs5kZKBigBw3UHrlclnCJsVNSFUCN9gpf%2Bsw494mBCfQJdg%2BO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765fe1c3fc7efab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14368
Expires: Sun, 06 Nov 2022 22:26:40 GMT
Date: Sun, 06 Nov 2022 18:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14368
Expires: Sun, 06 Nov 2022 22:26:40 GMT
Date: Sun, 06 Nov 2022 18:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14368
Expires: Sun, 06 Nov 2022 22:26:40 GMT
Date: Sun, 06 Nov 2022 18:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14368
Expires: Sun, 06 Nov 2022 22:26:40 GMT
Date: Sun, 06 Nov 2022 18:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14368
Expires: Sun, 06 Nov 2022 22:26:40 GMT
Date: Sun, 06 Nov 2022 18:27:12 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 43153
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   35713
Md5:    57ed505edc17c291483ad0ff920922aa
Sha1:   80d44ca67ea33354b43158a52c0cd430467fc967
Sha256: c5ab703f075f9db9886de7291febcc97660c04ac26f52274ef658906dff3a161
                                        
                                            GET /?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         139.45.197.155
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:12 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=g3oUi_oOoT0layDpNOcY58i_2EXeLZlLYqX6Aw4tYw8; expires=Sun, 06-Nov-2022 19:27:12 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   43124
Md5:    9979d5b925cfc1cb055d2aa654fae572
Sha1:   4ad9bfab769e830af5af5d8251993d0ea36a9c2c
Sha256: 696ba2a279691495a13e763b6adb8ad9327a1b2e9a6fc141793bc889d4b4579e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JK-yLq7PeMFrcv4opjTjHprEUQ8IIBuHPzhz0ttxQx9GYdBY1EauBA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:07 GMT
age: 72605
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8309
Md5:    3929fb3c2f0dad9409e9b247ab891518
Sha1:   b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
Sha256: 64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
                                        
                                            GET /5/3710289/?oo=1&js_build=iclick-v1.447.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
x-trace-id: 105419385caf46a5d91457f0709c1d26
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13471
Md5:    4c67f200a2fcbb3ef1b94cfe64a0db3e
Sha1:   84931bf1de03349b356bcecc74fc3cc7f0227bae
Sha256: 3d427e2b7e4c139e60c0f6f0d6fffd0b4b737c3511b3212c16abfc35015eb6c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 72874
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14415
Md5:    fa77f05b1af971db287607d9d9a30e0f
Sha1:   276f1493d6da74c8fa3ef83dee77bf48850ff4b4
Sha256: 005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 46529
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7573
Md5:    b18a8c9f5539ce33476f843f5811e01d
Sha1:   11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
Sha256: fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
                                        
                                            POST /custom HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bmindbm.xyz/
Content-Type: application/json
Origin: http://bmindbm.xyz
Content-Length: 620
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:13 GMT
content-length: 39
x-trace-id: 5bf90ebcca75c768fe897aa9a9750f88
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            GET /impression/nHUZ_oJdrxxAQy65hv3sc2mbxfQTp55HPF9v9oXIw12fhVAPQQ65dUiZ4PEXBAkwGizFkJD3lUGRIRsxu1Nx0soBYpwchu2HAGdzYI4xcYOptEwHzjqCiyrqi5qeiG79Uh89z1PuflRksUIlQASzEfpRPlzbnB44EAyZjNA7mcVFjqMQ_d_30UzWpt15SGaCOfVRe9Ftx1YLJohC-D7A99W-tfQfdJYsDAnJT62yjCDA76aGfoLssbRFw1Z8m6NRKoIIZlMs2-EAy1-LIL4aATakMlGy3_XLZE5QHQfy8UhBvHjpwIr8p52jNXJ7SQyrb_Y22x0IKtE-vM6rWkOaqrjukGn5bnLUXX4BkzK5Ea0oK9Lb7dbPAkifRJucFNjXHRFi3gW1HKfMihRLk3dnT8EQgp5joXUAiyyYyU9JYhC3cBVfq9bqhs28mS_f9GMOblhc4WROCystdhweXGGbO8FgO7xLG3NFMdAu2tfDABSpvXWg94Z4PuZ2f7AcACI0aLUZ1RycUYTFZvdu0OOk8ngvLFO9LiULqUYkR8oxD4tcfm3iHwAn92ScAAzWZj2fXaybJ9rnyEmHHUQSMoyaAK3SVUw=?_z=3710287&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:16 GMT
content-length: 43
x-trace-id: a9c9cfccf409ef7158cef7286d8cca21
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /500/3710287?excludes=15561156&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://bmindbm.xyz/
Origin: http://bmindbm.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:16 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /500/3710287?excludes=15561156&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: http://bmindbm.xyz/
Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:17 GMT
x-trace-id: 07d5a7512b992a4350df72581e5fab64
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://bmindbm.xyz
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:16 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   44323
Md5:    4d58b3534284bf776db66b7ace3548f2
Sha1:   f91db3d9d217e466d99766253873c6ee1397143b
Sha256: 98e528698516dbc7064d30f7aa05cf7ae6206307a37b532be32631c20349bd05

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /draw/?w=colored&n=279000&c=000000ffffff&p=left HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.75.171
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 06 Nov 2022 18:27:13 GMT
content-disposition: filename=wau-widget.png
expires: Mon, 07 Nov 2022 17:39:00 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 2893
last-modified: Sun, 06 Nov 2022 17:39:00 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 765fe1c6581e98ea-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /27/b10314e887d309db18535b2593bd9514 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Cookie: scm=1; OAID=dee55ce7c87b4c8e9ed45322bbce0a90; oaidts=1667759231
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 20 Oct 2022 04:50:21 GMT
expires: Thu, 19 Nov 2082 04:50:21 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.84.149
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 06 Nov 2022 18:27:11 GMT
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3854
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6ONRmUF%2FqufrRabeiu2MZ3HQXaFvS5Nvy844yGYBDbCDfJ6ZRkOYyMtJvC64CdjME7APVzrarN2fG7j%2FaFV%2FSQ2JFpFKvG57uwk2XI5i2ZcpLliopD%2BcW7QgglWyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765fe1bd1f36b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /script/ut.js?cb=1667759229947 HTTP/1.1 
Host: superfastcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v4.sportsonline.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.166.4
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 06 Nov 2022 18:27:12 GMT
x-guploader-uploadid: ADPycdtFnFq0IpkUVAE5SrdZa5cGQWFIoqseVyW0OBmFQzAuA3ZCV591ohcfeoZHkpEBuU2AsJp9EcJWpXpVgN26osLrqQ
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sun, 06 Nov 2022 18:58:51 GMT
cache-control: public, max-age=14400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxmuiOdhWCM1X%2F%2B1Jf4cATIazRD5OiAI3H%2F5NYaE%2BJtoHA%2B4J6bCzE1W7M4c3wMKWwky0G8eGRbV0%2FHiCQlCgOkCLQ%2FjMpyqUuVud3zMuWdQJnxJg052oeQ5ZLWRC8nznOUw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765fe1c03c5f7756-LHR
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.402 HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bmindbm.xyz/
Origin: http://bmindbm.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
last-modified: Wed, 02 Nov 2022 13:02:53 GMT
etag: W/"63626a7d-180b9"
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /script/suurl4.php?r=5954546&cbur=0.16872860422351021&cbiframe=1&cbWidth=640&cbHeight=360&cbtitle=&cbpage=https%3A%2F%2Fv4.sportsonline.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0 HTTP/1.1 
Host: youradexchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/
Origin: https://y0k2w0p9cl84r1.constraindefiant.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.190.41.116
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: openresty
date: Sun, 06 Nov 2022 18:27:12 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /500/3710287?excludes=&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: http://bmindbm.xyz/
Cookie: OAID=3b2047f958b34ad4957e1bcc4f54074d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:12 GMT
x-trace-id: 3bb6d47f34ce7e426c2faab11be4ead2
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://bmindbm.xyz
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /tag.min.js HTTP/1.1 
Host: iclickcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.75.9
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Sun, 06 Nov 2022 18:27:10 GMT
x-trace-id: 7d63e326dccd5693720cb6272e342f32
cache-control: max-age=86400
last-modified: Thu, 03 Nov 2022 15:00:30 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 07 Nov 2022 05:41:06 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 45964
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYgVoB95TfGZ0g3VyDCfUYdSHIuUAlSUaR8ym4vZyHDBUgbmf%2BRSGfXE0vu91t6Uu%2BfUFYL2XNYq3SwGaCZgmrLPjV4OiyBLIXNIA2IwPjGy%2FXjfCZo5N%2Btc4uKguso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765fe1b90c99b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cwidget/h6qfsjssi5/000000ffffff.png HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.75.171
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
date: Sun, 06 Nov 2022 18:27:13 GMT
location: https://widgets.amung.us/draw/?w=colored&n=279000&c=000000ffffff&p=left
cache-control: max-age=295
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765fe1c58f0998ea-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fv.js?t=72747&cb=1989890367 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.236
HTTP/2 200 OK
content-type: text/javascript; charset=utf8
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:12 GMT
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f5c84718bd5aac943ffd9edbda9fcd3a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=6.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 18:27:10 GMT
date: Sun, 06 Nov 2022 18:27:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/tag.min.js?z=4018039 HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
last-modified: Wed, 02 Nov 2022 13:02:53 GMT
etag: W/"63626a7d-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /400/3710287 HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bmindbm.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
x-trace-id: 104bb7dd5b04657185010a445bbd51ae
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3b2047f958b34ad4957e1bcc4f54074d; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 55
Origin: http://bmindbm.xyz
Connection: keep-alive
Referer: http://bmindbm.xyz/
Cookie: scm=1; OAID=dee55ce7c87b4c8e9ed45322bbce0a90; oaidts=1667759231
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 06 Nov 2022 18:27:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://bmindbm.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 9ed9844e1c2b73abd160083f6ab05d7f
access-control-expose-headers: X-Sc
set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /embed/phsheh97kpcdvc2 HTTP/1.1 
Host: y0k2w0p9cl84r1.constraindefiant.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v4.sportsonline.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.67.181.206
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 06 Nov 2022 18:27:12 GMT
set-cookie: hf1=1; expires=Mon, 07-Nov-2022 06:27:12 GMT; Max-Age=43200; path=/; secure; HttpOnly; SameSite=None hf5=1; expires=Mon, 07-Nov-2022 18:27:12 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TNBOH%2FKMnvK9LekI8RyEQS2hCw0%2BKqntym418hfpLR8Ng3YHWm5T03w%2F%2FyPe6XVU2vbbLGVwxHEEtqvwQIGu%2BWwWazSTDk0TqvBD3zgOCc05GEL31lxclN%2FaxfNUKEfeSzT7HJmTLDZ6UwZ5GiDjKrn56VK4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765fe1c17f6db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cwidget/sportsonline/000000ffffff.png HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v4.sportsonline.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.75.171
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
date: Sun, 06 Nov 2022 18:27:12 GMT
location: https://widgets.amung.us/draw/?w=colored&n=68600&c=000000ffffff&p=left
cache-control: max-age=295
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765fe1c1ba3198ea-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /nsns.js HTTP/1.1 
Host: swarm.video
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.17.85
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Sun, 06 Nov 2022 18:27:12 GMT
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=519718
etag: W/"7ee26-183e189fff7"
last-modified: Sun, 16 Oct 2022 16:04:21 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 179651
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lE0oLO8vjovd2U5n2Tn6sTaHMlLRieKyrXeH%2BJnevwIJqc2digtyp8Xa0oVPMOqqLtLAdmEoyRBEfbaQN%2FVWPhdSE%2BWnD7gduxj%2FufIdNsaLi%2BwNkd4CflC9luC0AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765fe1c2babc1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---