urlquery - report: bmindbm.xyz/live/20/31/06/12/11/79095/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
ibrapush.com (7)	0	2020-04-18 14:40:35 UTC	2022-11-06 16:42:48 UTC	139.45.197.250	Unknown ranking
img-getpocket.cdn.mozilla.net (4)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
bedrapiona.com (1)	34930	2020-05-08 13:43:48 UTC	2022-11-06 17:50:24 UTC	139.45.197.234
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	35.161.6.128
e1.o.lencr.org (2)	6159	No data	No data	23.36.76.226
tzegilo.com (1)	0	2022-01-14 15:27:15 UTC	2022-11-06 10:38:31 UTC	104.21.84.149	Unknown ranking
iclickcdn.com (1)	45415	2020-03-25 19:06:34 UTC	2022-11-06 12:24:33 UTC	172.67.75.9
ocsp.digicert.com (8)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
www.googletagmanager.com (2)	75	2012-12-25 14:52:06 UTC	2022-11-06 10:46:34 UTC	142.250.74.168
youradexchange.com (1)	273384	2013-02-04 16:25:46 UTC	2022-11-06 12:08:12 UTC	35.190.41.116
swarm.video (1)	126884	2017-10-22 19:55:23 UTC	2022-11-06 14:05:55 UTC	104.21.17.85
bmindbm.xyz (15)	0	2022-08-14 18:25:47 UTC	2022-11-06 17:11:35 UTC	104.21.19.28	Unknown ranking
r3.o.lencr.org (13)	344	No data	No data	23.36.76.226
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-06 06:01:04 UTC	34.117.237.239
fonts.gstatic.com (3)	0	2014-09-09 00:40:21 UTC	2022-11-06 13:21:55 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
impressivecontinuous.com (2)	0	2022-02-18 15:34:35 UTC	2022-10-17 08:38:54 UTC	192.243.59.20	Unknown ranking
ocsp.sectigo.com (4)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	104.18.32.68
my.rtmark.net (2)	9054	2017-08-22 14:11:49 UTC	2022-11-06 10:44:20 UTC	139.45.195.8
contagiongrievedoasis.com (4)	0	2022-05-10 02:32:26 UTC	2022-11-06 07:13:05 UTC	192.243.61.227	Unknown ranking
www.effectivedisplayformat.com (1)	274006	2021-08-03 18:42:54 UTC	2022-11-06 01:12:20 UTC	173.233.139.164
betotodilea.com (6)	52465	2021-08-17 07:55:50 UTC	2022-11-06 12:24:33 UTC	139.45.197.237
ocsp.pki.goog (10)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.35
onmarshtompor.com (1)	24517	2020-10-19 12:36:32 UTC	2022-11-06 09:04:51 UTC	139.45.197.243
fleraprt.com (1)	0	2022-01-14 22:55:14 UTC	2022-11-06 10:44:22 UTC	139.45.195.254	Unknown ranking
www.google-analytics.com (3)	40	2012-10-03 01:04:21 UTC	2022-11-06 13:23:22 UTC	142.250.74.174
whos.amung.us (2)	12687	2017-01-30 05:21:57 UTC	2022-11-06 10:19:03 UTC	104.22.75.171
y0k2w0p9cl84r1.constraindefiant.net (1)	0	No data	No data	172.67.181.206	Unknown ranking
interstitial-07.com (3)	36198	2017-03-09 00:00:07 UTC	2022-11-06 12:24:34 UTC	139.45.197.155
cdn.jsdelivr.net (1)	439	2012-09-30 00:15:09 UTC	2020-08-10 12:12:39 UTC	151.101.85.229
awstats.cloud (2)	0	2022-07-07 07:16:14 UTC	2022-11-06 14:05:54 UTC	172.67.168.34	Unknown ranking
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-11-06 14:15:54 UTC	142.250.74.10
nanouwho.com (5)	0	2022-07-09 20:30:29 UTC	2022-11-06 16:24:04 UTC	139.45.197.242	Unknown ranking
v4.sportsonline.to (2)	0	2022-10-25 16:46:02 UTC	2022-11-05 15:05:39 UTC	104.21.8.62	Domain (sportsonline.to) ranked at: 263863
superfastcdn.com (2)	88935	2017-09-19 18:24:43 UTC	2022-11-06 08:25:41 UTC	172.64.166.4
widgets.amung.us (2)	12623	2012-05-21 19:25:54 UTC	2022-11-06 10:19:09 UTC	104.22.75.171
unphionetor.com (1)	54035	2022-02-11 12:53:49 UTC	2022-11-06 10:44:25 UTC	139.45.197.236

Scan Date	Severity	Indicator	Comment
2022-11-06	2	bmindbm.xyz/live/20/31/06/12/11/79095/	Phishing
2022-11-06	2	bmindbm.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1	Phishing
2022-11-06	2	bmindbm.xyz/wp-content/themes/thesimplest/assets/css/bootstrap.min.css?ver=3.3.7	Phishing
2022-11-06	2	bmindbm.xyz/wp-content/themes/thesimplest/assets/css/font-awesome.min.css?v (...)	Phishing
2022-11-06	2	bmindbm.xyz/wp-content/themes/thesimplest/style.css?ver=6.1	Phishing
2022-11-06	2	bmindbm.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-11-06	2	v4.sportsonline.to/channels/hd/hd8.php	Malware

Scan Date	Severity	Indicator	Comment
2022-11-06	2	contagiongrievedoasis.com	Sinkholed
2022-11-06	2	impressivecontinuous.com	Sinkholed
2022-11-06	2	contagiongrievedoasis.com	Sinkholed
2022-11-06	2	impressivecontinuous.com	Sinkholed
2022-11-06	2	contagiongrievedoasis.com	Sinkholed
2022-11-06	2	nanouwho.com	Sinkholed
2022-11-06	2	contagiongrievedoasis.com	Sinkholed
2022-11-06	2	fleraprt.com	Sinkholed
2022-11-06	2	betotodilea.com	Sinkholed
2022-11-06	2	nanouwho.com	Sinkholed
2022-11-06	2	nanouwho.com	Sinkholed
2022-11-06	2	betotodilea.com	Sinkholed
2022-11-06	2	betotodilea.com	Sinkholed
2022-11-06	2	betotodilea.com	Sinkholed
2022-11-06	2	nanouwho.com	Sinkholed
2022-11-06	2	betotodilea.com	Sinkholed
2022-11-06	2	unphionetor.com	Sinkholed
2022-11-06	2	betotodilea.com	Sinkholed
2022-11-06	2	nanouwho.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-11-06 18:27:22 +0000	0 - 0 - 26	bmindbm.xyz/live/20/31/06/12/11/79095/	104.21.19.28

Date	UQ / IDS / BL	URL	IP
2023-01-30 04:32:10 +0000	0 - 2 - 0	furtid.top/	188.114.97.1
2023-01-30 04:31:56 +0000	0 - 2 - 0	bfqushops.top/	104.21.16.9
2023-01-30 04:31:00 +0000	0 - 0 - 2	sinuatedm.xyz/	172.67.196.179
2023-01-30 04:29:48 +0000	0 - 4 - 0	www.coronavirus.gov.hk/chi/index.html	104.16.49.4
2023-01-30 04:29:14 +0000	0 - 2 - 4	procesosinterwebcancadigitaonlinea.top/	172.67.221.217

Date	UQ / IDS / BL	URL	IP
2022-11-06 18:27:22 +0000	0 - 0 - 26	bmindbm.xyz/live/20/31/06/12/11/79095/	104.21.19.28

Request	Response
GET /live/20/31/06/12/11/79095/ HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: bmindbm.xyz/live/20/31/06/12/11/79095/ FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 5a9d308c8c603552ca9d2c84ed144e36d6896fc293aa4c60fefe6537675a9563 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive X-Pingback: http://bmindbm.xyz/xmlrpc.php Link: <http://bmindbm.xyz/wp-json/>; rel="https://api.w.org/", <http://bmindbm.xyz/wp-json/wp/v2/posts/79095>; rel="alternate"; type="application/json", <http://bmindbm.xyz/?p=79095>; rel=shortlink X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDUVVsdGA647ge%2F5qdDtXKfZJDQlYjEfM2%2Fm2wXo9QdlQBoh%2Ftz%2BdcNS86RgCro%2BD52GQqPXYmZgP%2BjhvVX2hA7ZujYF3qigw7Yh3ytUiAT%2FSUc95QMYYi1pVFRbeg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 765fe1b56b440b02-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators Size: 5012 Md5: c295f06a34488b35758ce1439ccfb398 Sha1: 306b2f41c769eb0fa24405069125063f1776eda3 Sha256: 5a9d308c8c603552ca9d2c84ed144e36d6896fc293aa4c60fefe6537675a9563 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4" Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21329 Expires: Mon, 07 Nov 2022 00:22:39 GMT Date: Sun, 06 Nov 2022 18:27:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9e164a845d32db8fa51fdb5b1aa218d9 Sha1: 169099b4d2f8e119ab6cf6fca279b6fb535b1759 Sha256: 402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2990 Cache-Control: max-age=147223 Date: Sun, 06 Nov 2022 18:27:10 GMT Etag: "63678ce7-1d7" Expires: Tue, 08 Nov 2022 11:20:53 GMT Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 05978511215be8462d0b69e33b3a91a3 Sha1: 61535ba131d547f1c5108d9e7763ee3fc8d8c824 Sha256: cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F" Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13948 Expires: Sun, 06 Nov 2022 22:19:38 GMT Date: Sun, 06 Nov 2022 18:27:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d8c32b2fb818533a5b3fe5c69157bde9 Sha1: 93594fd3fc50d9d444c28660eabba1edbe4f0588 Sha256: df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 2p2dSpeMV7ljhFzRt0/cvcfz3TwGUxM0rZwqdt116mc2agMq/zF8UxWUfEfpIoXad8ZuE+FNxsw= x-amz-request-id: AS77TCP61J9EGM58 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 06 Nov 2022 18:10:33 GMT age: 997 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/css/dist/block-library/style.mi (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: c0d648b05833951a23877fd7f479c310b2ef027352ff396a8d6cdfebd0efcbf4 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT ETag: W/"63622cd2-17265" Expires: Fri, 02 Dec 2022 12:28:00 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5%2FFtCIVNW8TGAJIeXI5hn8L2kTa9nH691mwsftPS3GIG8DSUxcxuNbvcZ%2FyTjIUif2DYJmxQaX5d7FDZU0%2F1PTYRztl6AINd7dwUDqhrFb2nPK4mDGeMMQdR8Wbgg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7ade40b02-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (47826) Size: 16093 Md5: 437cbb59360f25850815ea2cb4e08ad4 Sha1: 26ec6e5faca8cbc81f7d38d8cdd0e05f577be065 Sha256: c0d648b05833951a23877fd7f479c310b2ef027352ff396a8d6cdfebd0efcbf4 Alerts: Blocklists: - fortinet: Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/css/classic-themes.min.css?ver=1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT ETag: W/"63622cd2-d9" Expires: Fri, 02 Dec 2022 12:28:00 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omMBK0BtB2ZBB0aFYBnWoHdag6DZHAiWd7L0g4Ak74X6eLY6%2FGrKhCZMrS14VrGmoDHKkASIypD53IzTTLZC9e5GejGikrX8p4aMGXMhhnjD25h59dW1%2F0UZbVXzqw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7bfceb503-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text Size: 188 Md5: 8ac085745a5bcc97c54f8088973df029 Sha1: 4e065566e82d4623d0f5b4d9275d3ee29e15acd1 Sha256: a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
GET /wp-content/themes/thesimplest/assets/css/bootstrap.min.css?ver=3.3.7 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/css/bo (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 0d0270a2d03002beece63c71cd30b3dc995c941f2584cf78fee66ff94026686e 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT ETag: W/"62f93e74-1d958" Expires: Tue, 29 Nov 2022 18:07:45 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 605965 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLXD0zUGV2FjOXUXQuVjbffZnl39IsuWNU%2B8HjUapaXhe0vk6jKJudvqEqNZKZMT0GNx%2FFPWNXWrTDBG4f8OGTMHzT9Nzb%2BEk7IluDK%2FWmr%2F5VLXLFg3lKPJRQk%2Feg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7bc89fac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (65367), with CRLF line terminators Size: 25204 Md5: 6cd040e53cbf5323fd187b9fa72a8e8a Sha1: df82b021aed0d857770cfdebbfcf179d799cc172 Sha256: 0d0270a2d03002beece63c71cd30b3dc995c941f2584cf78fee66ff94026686e Alerts: Blocklists: - fortinet: Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: e208eb0b972a9d1bdd741669ae120b4555f33ea138d69d012f99de9aaec1c9be 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT ETag: W/"63622cd2-15e54" Expires: Fri, 02 Dec 2022 12:28:00 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbrdls3yqFPfteT9WWuY02Buw9Te8%2Fvk%2F3LLocPYDek%2BXvNNaRuq9PV%2FqdLBXutb%2B%2F5%2Ba68HylBG%2BYfQ14k0EKs6mb4SYCAB4SAbQYemC%2FOa1w339A8XAhtJuCqpUA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7ce120b02-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (65447) Size: 36096 Md5: 3799a6be94d7facfc78f066e18773e22 Sha1: 5d97b0e2565712331b1d73be1581159bf282cd4f Sha256: e208eb0b972a9d1bdd741669ae120b4555f33ea138d69d012f99de9aaec1c9be
GET /wp-content/themes/thesimplest/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/js/ski (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: b07c724b9ea75eb1467a3e8c28dbe8c295d68997c000de9de6c2d5e944924966 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Cf-Bgj: minify Cf-Polished: origSize=1280 ETag: W/"62f93e74-500" Expires: Tue, 29 Nov 2022 18:07:45 GMT Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT Pragma: public CF-Cache-Status: HIT Age: 605965 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqnYGklpUGVi%2B%2BWL2McJeQGH3YM6VrmuGk%2F3zueLNrGBB4JGeFKF7zQQw4uOJ%2BGTLIL07ZBbYhWjSGkMp98cBUfMfkeuf0F34pjtSQq2C7QpbQ4NR99buvhcDfON2Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7c803b503-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (410) Size: 342 Md5: 811f33af7d382c6845878f57a43ae019 Sha1: 8a70a1c3eca6cdd27e07f1f93ca5bbdec327f554 Sha256: b07c724b9ea75eb1467a3e8c28dbe8c295d68997c000de9de6c2d5e944924966
GET /wp-content/themes/thesimplest/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/css/fo (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 9420ca89d597890836440ecfa4e9f9fe3a5e92a0c0cb8f15aac2302794d916ed 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT ETag: W/"62f93e74-791c" Expires: Tue, 29 Nov 2022 18:07:45 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 605965 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbBO3rtwd8ZIg2Rh6LgLth9VeceS0%2Fk7AQeQntqZAcVZO46mWNP5AorFhRG2tvICG%2FrdXM%2B79LSuFjmd8jw30lfEppj1weWR46rNXpY57kIfktkTtCHLbJjHdTpBFg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7cc8b1c06-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (30837), with CRLF line terminators Size: 7954 Md5: eaad6409dc92a75212f78c94f8cd235e Sha1: 80cf8a363b2f0956dc8485f1c5365c44311a6d6d Sha256: 9420ca89d597890836440ecfa4e9f9fe3a5e92a0c0cb8f15aac2302794d916ed Alerts: Blocklists: - fortinet: Phishing
GET /wp-content/themes/thesimplest/style.css?ver=6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/style.css?ver=6.1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 789dbee53d0771f4b5d02c212a3ce184b0fa9c74e635fc980b0e28b190e33a66 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Cf-Bgj: minify Cf-Polished: origSize=37090 ETag: W/"62f93e74-90e2" Expires: Fri, 02 Dec 2022 12:28:00 GMT Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT Pragma: public CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1im0Ixuf%2BR53%2BiFbI2DKeiXb%2FziGundOyHEmLj%2F%2BanTQkIamW54kKVlhFpWdNgIO1tOx%2FqsyGQ3RdsWWPeGu%2BXEQ8rV1AYVegf6Q0l2TiP7KQ3hPgdXX8bGOHywf1A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7c9c80b61-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (26617), with no line terminators Size: 5924 Md5: 03f9f78060c65b5eef626789fa2b1090 Sha1: c2fb1503f82681f6967e175f2137d5ac2495b147 Sha256: 789dbee53d0771f4b5d02c212a3ce184b0fa9c74e635fc980b0e28b190e33a66 Alerts: Blocklists: - fortinet: Phishing
GET /wp-includes/js/comment-reply.min.js?ver=6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/js/comment-reply.min.js?ver=6.1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: a81bf134e4dafa239d0dbe5c6126798016d73c70391f64eb542296a4e95164f8 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT ETag: W/"62f93e6c-ba5" Expires: Fri, 02 Dec 2022 12:28:00 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iz2BJaOB5saaHin2d1lWhCdrAFXXeZ9LS0GemGH%2BkIqvUOvx51YUpPdCIS2QcO53t%2F6DqqUKoOPwboBIDGN8%2BHmPJ6eqVNipsvLxgABoE8IWw6kjo%2BU7%2FQkvyljIkA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7de3a0b02-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (2946) Size: 1400 Md5: 6282991ad99635e986f4bebf83d5901b Sha1: 7f648e27d58531016bf668335f123795df7d0cd7 Sha256: a81bf134e4dafa239d0dbe5c6126798016d73c70391f64eb542296a4e95164f8
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/js/jquery/jquery-migrate.min.js (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 48470f972b6a6afef4cdb0177dae59d5c891353d995e76c47c9cb142fe45766e 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT ETag: W/"62f93e6c-2bd8" Expires: Mon, 28 Nov 2022 11:21:01 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 716769 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgAAF%2FPAvZlpDGKfovc6d4QJQeaiqehxgRDR8EwMfg70EaaTsjmFuLEkiL9uaVUe%2Bh18oB2aR7GkPrFlDprLFF90PdOlWNui0GUiMDEyLS%2FEZ8zY%2Fung5jZs8FaszQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7ce31b515-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (11126) Size: 4565 Md5: 413654fdfa9b24fbd3d747482e3971c9 Sha1: c23c501d5f668cd83443a4847197717536d55ab8 Sha256: 48470f972b6a6afef4cdb0177dae59d5c891353d995e76c47c9cb142fe45766e Alerts: Blocklists: - fortinet: Phishing
GET /wp-content/themes/thesimplest/assets/js/bootstrap.min.js?ver=3.3.7 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/js/boo (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: ece4c79978657a26246a87ccf53f02c93c19a2418eb0429bec6364d5a8027164 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT ETag: W/"62f93e74-90bb" Expires: Thu, 17 Nov 2022 18:30:03 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 1641427 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyEJlePD0OtZfa2u12Dr%2FCyykyE0gEo5JtBrlEoJ9BMUVsDwswrlKgRW%2FBN5gCWOmJX7oOWxrYJHMCDeD5l5r4ton2JtLFgj16L%2B%2BrW5%2BgJRcsmAFbfYS8DlUpbf%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7dcaefac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (32033), with CRLF line terminators Size: 11896 Md5: 2b6818935cd109cfffeef9c1be632358 Sha1: 1794f2fbc5b5a99dccdc95a5f4b8ba5d90c805e6 Sha256: ece4c79978657a26246a87ccf53f02c93c19a2418eb0429bec6364d5a8027164
GET /wp-content/themes/thesimplest/assets/js/main.js?ver=1.0 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/js/mai (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 967207e4171f4d99060ea3d708786034ccf542e678a5800c7843350d0507469d 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Cf-Bgj: minify Cf-Polished: origSize=9874 ETag: W/"62f93e74-2692" Expires: Tue, 29 Nov 2022 18:07:45 GMT Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT Pragma: public CF-Cache-Status: HIT Age: 605965 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y522mDNW9flw9xZ8P5yMhqKq3gNbdxj9Yy8D25pr9BV0yy4Qi3bVx2Kclv9bgQNDyArfvyzKb9xjVjWU3ryqs7bW38nGeGRudIvKJPFu7Cz5SUxlv98LHANGwCzbLQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7d81fb503-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (1068) Size: 2044 Md5: bbe8fa1069e339a40a4991556cad0ffa Sha1: 6eeaf6e13312703fc3f803a9fcd054d41ebe77b7 Sha256: 967207e4171f4d99060ea3d708786034ccf542e678a5800c7843350d0507469d
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 06 Nov 2022 18:27:10 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 3ebbd65a2bdd5c6f3dea5a6b99b25f0d Sha1: 484be27b25b736a7e7e2b1d5ef9760aecdcec01b Sha256: 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 12a1f191d3251cadd0fce23ca14e1a5d Sha1: a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864 Sha256: 95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 12a1f191d3251cadd0fce23ca14e1a5d Sha1: a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864 Sha256: 95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 3a372dc0de21ae3d1a2e8d08c2d38599823eb332d06f35ec1eefd1afbbbe9f12 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT ETag: W/"62f93e6c-48b9" Expires: Fri, 02 Dec 2022 13:24:20 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 363770 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6TsKT%2BwlsWK%2Fjf%2BgRpF5qvI5xr%2Bv8q5UFiB0l0%2FjV8qKIkeOW0ZcGMtFs5WiDcXzIj4CWv3r2lK6COLYMA3eLNHk2CjvgZdBNeIWHPRHlgpvyniretUFcvB7xIvEA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b85d24fac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (15660) Size: 5806 Md5: 9821563af79d0fbd798c5a96f11cb775 Sha1: d7ad769f21b6cdbd3602ba2512449e5febe7a2ee Sha256: 3a372dc0de21ae3d1a2e8d08c2d38599823eb332d06f35ec1eefd1afbbbe9f12
GET /gtag/js?id=UA-3299888-6 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtag/js?id=UA-3299888-6 FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 908a91aca8681b1aca894e326478838ae368c73d3d88678157d4f12e7c51e4bb 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 06 Nov 2022 18:27:10 GMT expires: Sun, 06 Nov 2022 18:27:10 GMT cache-control: private, max-age=900 last-modified: Sun, 06 Nov 2022 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 43587 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1921) Size: 43587 Md5: ff1757d91239f47107c3240fc28f15eb Sha1: df7006ee09b577337cc17cf568272811956eec9b Sha256: 908a91aca8681b1aca894e326478838ae368c73d3d88678157d4f12e7c51e4bb
GET /gtag/js?id=UA-195874698-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtag/js?id=UA-195874698-1 FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 374a7443a2ee93646eeb5e9ac2e9b68e8c5619492c7cdb740b8c99c70948b962 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 06 Nov 2022 18:27:10 GMT expires: Sun, 06 Nov 2022 18:27:10 GMT cache-control: private, max-age=900 last-modified: Sun, 06 Nov 2022 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 43608 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1921) Size: 43608 Md5: 5aee71665cb4856f4b116960846e3236 Sha1: 38ca1b20c6281065d42b06246ab2008c70a9e3e1 Sha256: 374a7443a2ee93646eeb5e9ac2e9b68e8c5619492c7cdb740b8c99c70948b962
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 3ebbd65a2bdd5c6f3dea5a6b99b25f0d Sha1: 484be27b25b736a7e7e2b1d5ef9760aecdcec01b Sha256: 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e13e65ad7f6f12300b12d6cd6936d621 Sha1: 575faf606b5c5e39e0fbbef59998bcd3625aa141 Sha256: 10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 62a8ce6a2338913103618edb2f4a9dbe Sha1: 0e0850b1aef6ed524d119a41145112b84c257687 Sha256: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 62a8ce6a2338913103618edb2f4a9dbe Sha1: 0e0850b1aef6ed524d119a41145112b84c257687 Sha256: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://bmindbm.xyz Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1x (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7816 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 02 Nov 2022 19:30:59 GMT expires: Thu, 02 Nov 2023 19:30:59 GMT cache-control: public, max-age=31536000 age: 341771 last-modified: Wed, 27 Apr 2022 16:11:40 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Size: 7816 Md5: 25b0e113ca7cce3770d542736db26368 Sha1: cb726212d5d525021752a1d8470a0fb593e0c49e Sha256: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://bmindbm.xyz Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 32900 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 02 Nov 2022 19:45:18 GMT expires: Thu, 02 Nov 2023 19:45:18 GMT cache-control: public, max-age=31536000 age: 340912 last-modified: Wed, 27 Apr 2022 15:44:11 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data Size: 32900 Md5: fda3323314d895ae39de612559f6fad9 Sha1: 644dbb14f599920fdc8f8260b6e67bd1f8770e89 Sha256: d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 62a8ce6a2338913103618edb2f4a9dbe Sha1: 0e0850b1aef6ed524d119a41145112b84c257687 Sha256: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 25ef7cef2934de8422a9f441a8bba27548d43dd2383aba06232ef3e18e72eb1c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "25EF7CEF2934DE8422A9F441A8BBA27548D43DD2383ABA06232EF3E18E72EB1C" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14653 Expires: Sun, 06 Nov 2022 22:31:24 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d829ae70aa185df7e830d8ccc36db992 Sha1: 98be9407beddb9e0cc7fb294eb5be1576ad3ccb0 Sha256: 25ef7cef2934de8422a9f441a8bba27548d43dd2383aba06232ef3e18e72eb1c
GET /75/76/d6/7576d6897cb0ae20fcfc0ef1a1c7ef78.js HTTP/1.1 Host: contagiongrievedoasis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: contagiongrievedoasis.com/75/76/d6/7576d6897cb0ae20fcfc (...) FQDN: contagiongrievedoasis.com IP: 192.243.61.227 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.61.227 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.22.0 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /02/98/98/029898a3cf43e37661f8287ca0e4ce9a.js HTTP/1.1 Host: impressivecontinuous.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: impressivecontinuous.com/02/98/98/029898a3cf43e37661f82 (...) FQDN: impressivecontinuous.com IP: 192.243.59.20 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.59.20 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.17.9 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /58/18/a5/5818a5b2a8f68aedb1a7d80e9b60472c.js HTTP/1.1 Host: contagiongrievedoasis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: contagiongrievedoasis.com/58/18/a5/5818a5b2a8f68aedb1a7 (...) FQDN: contagiongrievedoasis.com IP: 192.243.61.227 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.61.227 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.22.0 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /328e7308c7d9b682b707448d319ed5fb/invoke.js HTTP/1.1 Host: www.effectivedisplayformat.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: www.effectivedisplayformat.com/328e7308c7d9b682b707448d (...) FQDN: www.effectivedisplayformat.com IP: 173.233.139.164 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.233.139.164 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.19.5 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8acb704495076de54ce6c49088626135a87035d0c8f70b20eb916895541c2b6a 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8ACB704495076DE54CE6C49088626135A87035D0C8F70B20EB916895541C2B6A" Last-Modified: Fri, 04 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14529 Expires: Sun, 06 Nov 2022 22:29:20 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: fa2722fe9c3162d9980047430301ffd8 Sha1: 5569a649d00bb941333c2ce64c67b53e5f1a2328 Sha256: 8acb704495076de54ce6c49088626135a87035d0c8f70b20eb916895541c2b6a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 6f2fee2fa39121115e2588e38139d01470718c3e88244f51906c739d6ada92f5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6F2FEE2FA39121115E2588E38139D01470718C3E88244F51906C739D6ADA92F5" Last-Modified: Sat, 05 Nov 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12221 Expires: Sun, 06 Nov 2022 21:50:52 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c3e4b006b7d1b802e50f752c6b307478 Sha1: 381f891ba02032af92f545f871e0021d7a0b3328 Sha256: 6f2fee2fa39121115e2588e38139d01470718c3e88244f51906c739d6ada92f5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c44c9fbc0d69987774f67eff9279a1e71669e7619b8f8efb817d0f79c9f3bf5b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C44C9FBC0D69987774F67EFF9279A1E71669E7619B8F8EFB817D0F79C9F3BF5B" Last-Modified: Sun, 06 Nov 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14458 Expires: Sun, 06 Nov 2022 22:28:09 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a4f66666b1151f9c364ca64a4b2a3054 Sha1: a8ce8e8c4416ddbee20ffb8fbdae88e27adc6f79 Sha256: c44c9fbc0d69987774f67eff9279a1e71669e7619b8f8efb817d0f79c9f3bf5b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6462 Cache-Control: max-age=145642 Date: Sun, 06 Nov 2022 18:27:11 GMT Etag: "6367792b-1d7" Expires: Tue, 08 Nov 2022 10:54:33 GMT Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d862f992e9902530594e7aca425f129b Sha1: 25b414fe833d30b52928535d659a1ee281b82e3a Sha256: 0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
GET /02/98/98/029898a3cf43e37661f8287ca0e4ce9a.js HTTP/1.1 Host: impressivecontinuous.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: impressivecontinuous.com/02/98/98/029898a3cf43e37661f82 (...) FQDN: impressivecontinuous.com IP: 192.243.59.20 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.59.20 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.17.9 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /zone?pub=0&zone_id=4018039&is_mobile=false&domain=bmindbm.xyz&var=&ymid=&var_3= HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/zone?pub=0&zone_id=4018039&is_mobile=false (...) FQDN: ibrapush.com IP: 139.45.197.250 HASH: 6088bfc314da81c6b3cedf06e986dfe1c22d866f973cf57a716c73f12d33ebe4 139.45.197.250 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 664 x-trace-id: 8d7665f7181a67d543eff21f4befd7d6 access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (663) Size: 664 Md5: 5444871228d2777e91ff0b277c00a8ad Sha1: 0c84e7b034e3a75c632ce5096747eecb75a1573a Sha256: 6088bfc314da81c6b3cedf06e986dfe1c22d866f973cf57a716c73f12d33ebe4
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4745 Cache-Control: max-age=141048 Date: Sun, 06 Nov 2022 18:27:11 GMT Etag: "63676dee-117" Expires: Tue, 08 Nov 2022 09:37:59 GMT Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: ba5d09c54b98bfc2c7b5f15103e025c4 Sha1: 4aa7eb9e5615c168c0cd80234a6c96836b6024c1 Sha256: d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT Expires: Thu, 10 Nov 2022 18:25:19 GMT Etag: "c5588f7f402a41c39405d7459367eadb893fafaf" Cache-Control: max-age=344887,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 765fe1bbeeeab4e8-OSL --- Additional Info --- Magic: data Size: 471 Md5: 4410e0283900e769c122cfbcbdbed143 Sha1: c5588f7f402a41c39405d7459367eadb893fafaf Sha256: c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4745 Cache-Control: max-age=141048 Date: Sun, 06 Nov 2022 18:27:11 GMT Etag: "63676dee-117" Expires: Tue, 08 Nov 2022 09:37:59 GMT Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: ba5d09c54b98bfc2c7b5f15103e025c4 Sha1: 4aa7eb9e5615c168c0cd80234a6c96836b6024c1 Sha256: d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7
GET /gid.js?userId=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/gid.js?userId=bbf81df1bd4b44eba4cd1d096c889c63 FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743 139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 65 access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: bbf8eb01a95f47b5fdd57e2c711f8b4f Sha1: 81147c4d10829c13c6d03438cf6556e74fda380f Sha256: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743
GET /58/18/a5/5818a5b2a8f68aedb1a7d80e9b60472c.js HTTP/1.1 Host: contagiongrievedoasis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: contagiongrievedoasis.com/58/18/a5/5818a5b2a8f68aedb1a7 (...) FQDN: contagiongrievedoasis.com IP: 192.243.61.227 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.61.227 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.22.0 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: bS5lXJh5NSDjxMEAXzdBQA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.161.6.128 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.161.6.128 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: coT22y1RG9jyE1U8HrXOowe9qgc= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: nanouwho.com/9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=- (...) FQDN: nanouwho.com IP: 139.45.197.242 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.242 HTTP/2 204 No Content server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT access-control-allow-credentials: true access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Mon, 26 Jul 1997 05:00:00 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /75/76/d6/7576d6897cb0ae20fcfc0ef1a1c7ef78.js HTTP/1.1 Host: contagiongrievedoasis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: contagiongrievedoasis.com/75/76/d6/7576d6897cb0ae20fcfc (...) FQDN: contagiongrievedoasis.com IP: 192.243.61.227 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.61.227 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.22.0 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 3b524ec5ba4cdb23f5859fa31bc06ecd94546bfd31545db0f262355503d95088 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Thu, 03 Nov 2022 12:52:20 GMT Expires: Thu, 10 Nov 2022 12:52:19 GMT Etag: "8fd4984046851a3fbd44b60e5449652a5e35d831" Cache-Control: max-age=324907,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 765fe1be4b44b4e8-OSL --- Additional Info --- Magic: data Size: 472 Md5: 4a071aba7e415d8fef076431afd5cf35 Sha1: 8fd4984046851a3fbd44b60e5449652a5e35d831 Sha256: 3b524ec5ba4cdb23f5859fa31bc06ecd94546bfd31545db0f262355503d95088
GET /?rb=nr4vHIg5nk6-rYVGjLpl2K8USddLKv84A1xWzn2M5u3XDTNhxH0xMPrAkfQ4fJjwCui45wsDKv44vSljQXcr8XfyxOTjmDAC-hvg6sHA3ePbDTZ9_ZmyfFYQmxUW3o2WHwOG8v_5L2rEKf-1kbzQGDjpsDlbCKxRJOTjZqgh5ZlGE07WuTqp1MCSL1omkqAomcIe8OgBfgC53JgFk5qmSP-uurl5iBr316za-A%3D%3D&request_ab2=0&zoneid=3710289&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=533e8dab-6f5d-4d5b-a654-56dd5084d8b0&userId=bbf81df1bd4b44eba4cd1d096c889c63&m=link HTTP/1.1 Host: onmarshtompor.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive	URL: onmarshtompor.com/?rb=nr4vHIg5nk6-rYVGjLpl2K8USddLKv84A (...) FQDN: onmarshtompor.com IP: 139.45.197.243 HASH: 3771a7d61bef1cfb869e71df919c9b15cf5ba52bcad14982d124cd13c634950a 139.45.197.243 HTTP/1.1 200 OK Content-Type: application/json Server: nginx Date: Sun, 06 Nov 2022 18:27:11 GMT Transfer-Encoding: chunked Connection: keep-alive X-Trace-Id: 2fff0691fce4cd2f88d32b42f8ee130b Access-Control-Allow-Origin: http://bmindbm.xyz Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding Access-Control-Max-Age: 86400 Pragma: no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT Set-Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/ oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/ syncedCookie=true; expires=Sun, 13 Nov 2022 18:27:11 GMT; path=/ Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff Timing-Allow-Origin: , Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (2411), with no line terminators Size: 1862 Md5: 73693b8c9c743d85e47e26483233c590 Sha1: 93f489a5cfe8d36f21986194140547c02a0997a5 Sha256: 3771a7d61bef1cfb869e71df919c9b15cf5ba52bcad14982d124cd13c634950a
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 Host: fleraprt.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 915 Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aa (...) FQDN: fleraprt.com IP: 139.45.195.254 HASH: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed 139.45.195.254 HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Server: nginx/1.19.10 Date: Sun, 06 Nov 2022 18:27:14 GMT Content-Length: 12 Connection: keep-alive Access-Control-Allow-Origin: http://bmindbm.xyz Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Access-Control-Allow-Credentials: true --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: adb4650bfc9d2a73d4dd69583b0ceb14 Sha1: 1ce399d6e936232aaf2192cd7903a279c5015f22 Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed Alerts: Blocklists: - quad9: Sinkholed
OPTIONS /custom HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/custom FQDN: ibrapush.com IP: 139.45.197.250 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.250 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 0 access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gid.js?pub=0&userId=b2183cd79d3145cf9c8ea616db8aadf0&zoneId=4018039&checkDuplicate=true&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: my.rtmark.net/gid.js?pub=0&userId=b2183cd79d3145cf9c8ea (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743 139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 65 access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: bbf8eb01a95f47b5fdd57e2c711f8b4f Sha1: 81147c4d10829c13c6d03438cf6556e74fda380f Sha256: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743
POST /custom HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Content-Type: application/json Origin: http://bmindbm.xyz Content-Length: 384 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/custom FQDN: ibrapush.com IP: 139.45.197.250 HASH: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 139.45.197.250 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 39 x-trace-id: 885966ebbef40352123000351bf82f34 access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 39 Md5: 058b158c2be925f556454ef762d93538 Sha1: cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
OPTIONS /500/3710287?excludes=&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: content-type Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: betotodilea.com/500/3710287?excludes=&oaid=bbf81df1bd4b (...) FQDN: betotodilea.com IP: 139.45.197.237 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.237 HTTP/2 200 OK server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 0 allow: GET, OPTIONS vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-allow-credentials: true access-control-max-age: 600 strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /channels/hd/SCCfwxq.png HTTP/1.1 Host: v4.sportsonline.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/channels/hd/hd8.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: v4.sportsonline.to/channels/hd/SCCfwxq.png FQDN: v4.sportsonline.to IP: 104.21.8.62 HASH: ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7 104.21.8.62 HTTP/2 200 OK content-type: image/png date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 1220 last-modified: Tue, 07 Dec 2021 14:48:18 GMT etag: "61af7432-4c4" cache-control: max-age=14400 cf-cache-status: HIT age: 2009 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YjyYI%2BtvFnYF%2F0h%2BNvpIs4kHor5r1WV5TVnz0aSkeYTKmCOzXV9hJSZPKcOR771P8BvSFA5USrBd8uneKaBqEbvJ2GmqBFKmO7XQFM4QrNsAtP13aEkKpiIpZ8QmmF7Zzv2LYo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1bf38e8b4fa-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 588 x 454, 8-bit colormap, non-interlaced\012- data Size: 1220 Md5: 613678c01b1604d5cd1e515517e095a1 Sha1: cb306e19705d9e1da2aa1487283b7f9f69ad330a Sha256: ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
GET /channels/hd/hd8.php HTTP/1.1 Host: v4.sportsonline.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: v4.sportsonline.to/channels/hd/hd8.php FQDN: v4.sportsonline.to IP: 104.21.8.62 HASH: a1d70dffce2da0ff14b649281a607986f50c1e20234ec601d6ba2a18a08b2e96 104.21.8.62 HTTP/2 200 OK content-type: text/html date: Sun, 06 Nov 2022 18:27:11 GMT x-powered-by: PHP/5.4.16 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtaGQUN8j1wu%2BIK9nsxwO4oTmhOBBiriwii%2BGGGQP22GtdtgluviTsw%2FWY9l4eKNyf%2Fb%2Fr5LS0yKgMPfyILiLw92Y31kIAwPbAKfd7aGVdCY0PkcJgG8GkjR9ArsTmXJfkwdP4E%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 765fe1bddeadb4fa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (822), with CRLF, LF line terminators Size: 44829 Md5: f5cb3b67a01e111d5457d6a6755d567c Sha1: 154b140eeb7d78576172dfb403088da080f1a253 Sha256: a1d70dffce2da0ff14b649281a607986f50c1e20234ec601d6ba2a18a08b2e96 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: b1d2591120cc8dcfa875ceab5051e309732c91f48d14813fb2c27c97efbfbea5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "B1D2591120CC8DCFA875CEAB5051E309732C91F48D14813FB2C27C97EFBFBEA5" Last-Modified: Fri, 04 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16424 Expires: Sun, 06 Nov 2022 23:00:55 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 38a5093645f105281de3d64902cd14f1 Sha1: 068ce21260b149ed9dd7874e2722504f8e5fce66 Sha256: b1d2591120cc8dcfa875ceab5051e309732c91f48d14813fb2c27c97efbfbea5
GET /11?rnd=752090860&z=3710288&b=15546894&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=RgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6&ruid=ee5dc45b-72b4-42be-a647-3abe15f0f0c9&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=202 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: scm=1; OAID=bbf81df1bd4b44eba4cd1d096c889c63; oaidts=1667759231 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: nanouwho.com/11?rnd=752090860&z=3710288&b=15546894&var= (...) FQDN: nanouwho.com IP: 139.45.197.242 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.242 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 0 access-control-allow-credentials: true access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION x-trace-id: b3580227fcabb9be992e99522e275f0e access-control-expose-headers: X-Sc set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Mon, 26 Jul 1997 05:00:00 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f305998ae454490cdc7d7ec0eb2e37aa8faf7d3906ede594d2e4d4992b842089 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F305998AE454490CDC7D7EC0EB2E37AA8FAF7D3906EDE594D2E4D4992B842089" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5077 Expires: Sun, 06 Nov 2022 19:51:49 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 44c33f02caf3a658625634ab910d6ad5 Sha1: 0920255a89a3ac5300a9dbef97dc5067f1349548 Sha256: f305998ae454490cdc7d7ec0eb2e37aa8faf7d3906ede594d2e4d4992b842089
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: b1d2591120cc8dcfa875ceab5051e309732c91f48d14813fb2c27c97efbfbea5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "B1D2591120CC8DCFA875CEAB5051E309732C91F48D14813FB2C27C97EFBFBEA5" Last-Modified: Fri, 04 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16423 Expires: Sun, 06 Nov 2022 23:00:55 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 38a5093645f105281de3d64902cd14f1 Sha1: 068ce21260b149ed9dd7874e2722504f8e5fce66 Sha256: b1d2591120cc8dcfa875ceab5051e309732c91f48d14813fb2c27c97efbfbea5
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 142.250.74.174 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Sun, 06 Nov 2022 16:41:09 GMT expires: Sun, 06 Nov 2022 18:41:09 GMT cache-control: public, max-age=7200 age: 6363 last-modified: Tue, 27 Sep 2022 22:01:05 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
POST /j/collect?v=1&_v=j98&a=1064186128&t=pageview&_s=1&dl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&ul=en-us&de=UTF-8&dt=Live%20Streams&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=911986759&gjid=254733466&cid=951940522.1667759230&tid=UA-195874698-1&_gid=822534487.1667759230&_r=1&gtm=2oub20&z=100589385 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.google-analytics.com/j/collect?v=1&_v=j98&a=1064186 (...) FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b 142.250.74.174 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: http://bmindbm.xyz date: Sun, 06 Nov 2022 18:27:12 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: very short file (no magic) Size: 1 Md5: c4ca4238a0b923820dcc509a6f75849b Sha1: 356a192b7913b04c54574d18c28d46e6395428ab Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1064186128&t=pageview&_s=1&dl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&ul=en-us&de=UTF-8&dt=Live%20Streams&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=289599453&gjid=413045313&cid=951940522.1667759230&tid=UA-3299888-6&_gid=822534487.1667759230&_r=1&gtm=2oub20&z=667681429 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.google-analytics.com/j/collect?v=1&_v=j98&a=1064186 (...) FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b 142.250.74.174 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: http://bmindbm.xyz date: Sun, 06 Nov 2022 18:27:12 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: very short file (no magic) Size: 1 Md5: c4ca4238a0b923820dcc509a6f75849b Sha1: 356a192b7913b04c54574d18c28d46e6395428ab Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /favicon.ico HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/ Cookie: prefetchAd_3710289=true	URL: bmindbm.xyz/favicon.ico FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.19.28 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Date: Sun, 06 Nov 2022 18:27:12 GMT Transfer-Encoding: chunked Connection: keep-alive Link: <http://bmindbm.xyz/wp-json/>; rel="https://api.w.org/" X-Redirect-By: WordPress Location: http://bmindbm.xyz/wp-includes/images/w-logo-blue-white-bg.png X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN CF-Cache-Status: BYPASS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bH8rz29mjWwSNx3Y1o1XYEElRJ6%2F%2FNzAYaDs3SmgzX5BlaxC7ctNxcNb%2FX%2FZfh844BIcRESd8S0Jhn%2FOyolVLGmbgwhMrypXo7wG4Qkc3Esw1AQVfUZajPJoL145Cw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1c03ba1fac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/ Connection: keep-alive Cookie: prefetchAd_3710289=true; _ga=GA1.2.951940522.1667759230; _gid=GA1.2.822534487.1667759230; _gat_gtag_UA_195874698_1=1; _gat_gtag_UA_3299888_6=1	URL: bmindbm.xyz/wp-includes/images/w-logo-blue-white-bg.png FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0 104.21.19.28 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 06 Nov 2022 18:27:12 GMT Content-Length: 4119 Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT ETag: "62f93e6c-1017" Expires: Fri, 02 Dec 2022 17:37:48 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public CF-Cache-Status: HIT Age: 348564 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzDlu0w%2FH%2BhFC0Nq6pKsRDQ%2FxY1xg2eKWQIuv%2B2EcWgqFHRmKid3A9hltPjUthA3g0Zry%2FfmNrHV4Ds%2F6SLrZzfWrusn0kjFfDbyaVYKC5mBkDlmRafVMf31%2BD96BA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1c0dc11fac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data Size: 4119 Md5: 000bf649cc8f6bf27cfb04d1bcdcd3c7 Sha1: d73d2f6d74ec6cdcbae07955592962e77d8ae814 Sha256: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /contents/s/8f/25/bf/cd54db1f16f90ef0c18d8e5b25/01459783680084.jpeg HTTP/1.1 Host: interstitial-07.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://interstitial-07.com/?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: interstitial-07.com/contents/s/8f/25/bf/cd54db1f16f90ef (...) FQDN: interstitial-07.com IP: 139.45.197.155 HASH: f00d8792dc35cf10580800aa00ebea0307bb01e092fe8c7b3778ef3cec8b4319 139.45.197.155 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT content-length: 13048 last-modified: Tue, 24 May 2022 07:29:00 GMT etag: "628c893c-32f8" access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS, HEAD access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Size: 13048 Md5: 8f25bfcd54db1f16f90ef0c18d8e5b25 Sha1: 1f4688ac5f49c88996b19a53f52b5baa4f45d27d Sha256: f00d8792dc35cf10580800aa00ebea0307bb01e092fe8c7b3778ef3cec8b4319
POST /custom HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Content-Type: application/json Origin: http://bmindbm.xyz Content-Length: 381 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/custom FQDN: ibrapush.com IP: 139.45.197.250 HASH: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 139.45.197.250 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT content-length: 39 x-trace-id: e3fe838dbf2ebf4134261b9c46031c5c access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 39 Md5: 058b158c2be925f556454ef762d93538 Sha1: cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /s/gts1p5/5UFbpcA-Z6Q HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/5UFbpcA-Z6Q FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: fa02565d8acd352c734cae98e973bfb85e375ed52ee8e973f5d1330795bf2560 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:12 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 886e15ec7a7808bc00138c509146fe5a Sha1: 9a42ef2fbcc2c74d86780423e65a30490ce40d58 Sha256: fa02565d8acd352c734cae98e973bfb85e375ed52ee8e973f5d1330795bf2560
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 1b2f8bd8d4b8bf78bfd6b06130ecbf660615ce661d707e2ffbc47fdf5e412713 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1B2F8BD8D4B8BF78BFD6B06130ECBF660615CE661D707E2FFBC47FDF5E412713" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14550 Expires: Sun, 06 Nov 2022 22:29:42 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 713632026d35f2489cfe21c67fb93853 Sha1: 85b9a635baaf233646da5475f57f57ee890e6c10 Sha256: 1b2f8bd8d4b8bf78bfd6b06130ecbf660615ce661d707e2ffbc47fdf5e412713
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 0b3670f73de693ca96230e12e55b0d6e9e0b39f15732628f408ac878ec34a912 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:12 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 05 Nov 2022 17:22:25 GMT Expires: Sat, 12 Nov 2022 17:22:24 GMT Etag: "46f025a99cc797a410a3411ae82fb96d943d01c2" Cache-Control: max-age=513911,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 765fe1c05f1bb4e8-OSL --- Additional Info --- Magic: data Size: 471 Md5: bed0bea1351b333b8f15b0dfcdee2334 Sha1: 46f025a99cc797a410a3411ae82fb96d943d01c2 Sha256: 0b3670f73de693ca96230e12e55b0d6e9e0b39f15732628f408ac878ec34a912
GET /contents/s/54/dd/f5/e95e60ab935e545b50ffa002ca/0975276558731.jpeg HTTP/1.1 Host: interstitial-07.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://interstitial-07.com/?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: interstitial-07.com/contents/s/54/dd/f5/e95e60ab935e545 (...) FQDN: interstitial-07.com IP: 139.45.197.155 HASH: ea65923ca842ba0f5c9f6cf90659f8ebc651275dc24de3c061ea60e78ca1714f 139.45.197.155 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT content-length: 54176 last-modified: Thu, 16 Dec 2021 06:39:29 GMT etag: "61badf21-d3a0" access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS, HEAD access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data Size: 54176 Md5: 54ddf5e95e60ab935e545b50ffa002ca Sha1: 4285c9c5481ad2d0cc0f87cc05d3e0810d29573a Sha256: ea65923ca842ba0f5c9f6cf90659f8ebc651275dc24de3c061ea60e78ca1714f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 1e2b21e78097bc07ca4fb3a1318bd36d7bc2a58e811b21956c83f4dfe31ec32e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4344 Cache-Control: max-age=111122 Date: Sun, 06 Nov 2022 18:27:12 GMT Etag: "6366fa9a-118" Expires: Tue, 08 Nov 2022 01:19:14 GMT Last-Modified: Sun, 06 Nov 2022 00:06:50 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 267a98361564c46b0f733ce567024f33 Sha1: 4bbd52ee36fcf08cc0b13a18443e67d9700d0d61 Sha256: 1e2b21e78097bc07ca4fb3a1318bd36d7bc2a58e811b21956c83f4dfe31ec32e
GET /script/bootstrap.js HTTP/1.1 Host: superfastcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: superfastcdn.com/script/bootstrap.js FQDN: superfastcdn.com IP: 172.64.166.4 HASH: ad8ce50a4860bae5b6a35fed5cc785246ba918ef59d857c654da4010b1834d6d 172.64.166.4 HTTP/2 200 OK content-type: application/javascript date: Sun, 06 Nov 2022 18:27:11 GMT x-guploader-uploadid: ADPycdvD2aV0vhAfm60SW0Z3KK4sh4pPps0G-9mhbxVaxUs84UEQMhHFmvZkfDWNnm8gCTW04hmXAsP8_nRKiXjgYv8rNQ x-goog-generation: 1662626315119008 x-goog-metageneration: 2 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 100523 x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA== x-goog-storage-class: MULTI_REGIONAL access-control-allow-origin: * expires: Sun, 06 Nov 2022 18:36:50 GMT cache-control: public, max-age=14400 last-modified: Thu, 08 Sep 2022 08:38:35 GMT etag: W/"90a406e7c114cb9cbdbd171d8282e224" age: 2676 alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: HIT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn%2FdR7W59LwhIAcYfFfwRNc7tGXILcwCG%2Fu8YScYPzdOI4CsX5nBRNq2OvWRQ0RKtsNEeo0vNnhqFJo1doSOkpgRHvXXU3Q23gYJD56qE3Sbug3eB7QPA%2Fke2qedu9r2O5Fn"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1bfcb457756-LHR content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators Size: 43790 Md5: 86862f00fabac54f7ee1a6b5059b6460 Sha1: b3c01213fa48750a92ff7401ab9b15001e1048bb Sha256: ad8ce50a4860bae5b6a35fed5cc785246ba918ef59d857c654da4010b1834d6d
GET /1?z=3710288 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: nanouwho.com/1?z=3710288 FQDN: nanouwho.com IP: 139.45.197.242 HASH: 6089746af3519c66903567f449ccacc4a082cad225c5dafb48075c60f2f1e68c 139.45.197.242 HTTP/2 200 OK content-type: text/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT access-control-allow-credentials: true access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION x-trace-id: 2d134030be568a09da9310b03c90adcd access-control-expose-headers: X-Sc x-sc: Z51PlDrEfVAjxhL89zugYYTTOmdAVgxRe4OrCrYAd-3LLNdDBiX5xQWKhrdiDnxNSt0BO_dZ9tUdmw0Kb0La0Z1O02w= set-cookie: scm=1; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None OAID=dee55ce7c87b4c8e9ed45322bbce0a90; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (52034) Size: 22887 Md5: 396bd35732123ac1de829b4bc2daf998 Sha1: a749d1626ac6a4d3515350db579becd376c4d931 Sha256: 6089746af3519c66903567f449ccacc4a082cad225c5dafb48075c60f2f1e68c Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 53b3098394c77dc3d70a8cfe8ad8ea212cf53f23d86ee05bdbb4e23ef89d8a4b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4848 Cache-Control: max-age=144376 Date: Sun, 06 Nov 2022 18:27:12 GMT Etag: "63677a88-117" Expires: Tue, 08 Nov 2022 10:33:28 GMT Last-Modified: Sun, 06 Nov 2022 09:12:40 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 906ad6633e4cacb1290bee346a14b796 Sha1: 096cf59525697fa79410c0bc0a69bbc64267bcca Sha256: 53b3098394c77dc3d70a8cfe8ad8ea212cf53f23d86ee05bdbb4e23ef89d8a4b
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://y0k2w0p9cl84r1.constraindefiant.net Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 579063c6a41623745b26ac24092d6b0583d09f4cce70fbb9a163311a3ca7723c 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23580 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 01 Nov 2022 17:10:21 GMT expires: Wed, 01 Nov 2023 17:10:21 GMT cache-control: public, max-age=31536000 age: 436611 last-modified: Tue, 26 Apr 2022 15:48:56 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: gzip compressed data, max compression\012- data Size: 23948 Md5: 813a509ab98f1261d5397479dea5867d Sha1: 2e212243ed3d87e260cbd5ba3e226806c926ce17 Sha256: 579063c6a41623745b26ac24092d6b0583d09f4cce70fbb9a163311a3ca7723c
GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js FQDN: cdn.jsdelivr.net IP: 151.101.85.229 HASH: d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf 151.101.85.229 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=604800, s-maxage=43200 cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload x-jsd-version: 0.3.13 x-jsd-version-type: version etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk" content-encoding: gzip accept-ranges: bytes date: Sun, 06 Nov 2022 18:27:12 GMT age: 8144 x-served-by: cache-fra19182-FRA, cache-bma1645-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 141142 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 141142 Md5: 7e7fdfacdb1943ea810449001d165a53 Sha1: fc230e8b4a933497a2da4a783574a5b07b889a7e Sha256: d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b25e903d88c0be0ee2385f8dcaf9819a90e6871f1aa4f3ebfe892904a91a788f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6398 Cache-Control: max-age=133702 Date: Sun, 06 Nov 2022 18:27:12 GMT Etag: "63674ac8-117" Expires: Tue, 08 Nov 2022 07:35:34 GMT Last-Modified: Sun, 06 Nov 2022 05:48:56 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: ff160c83fab10ace82563deed6b5d497 Sha1: f9d318d9e09ab98dbf478887321cc8cb704cfbee Sha256: b25e903d88c0be0ee2385f8dcaf9819a90e6871f1aa4f3ebfe892904a91a788f
POST /s/gts1p5/5UFbpcA-Z6Q HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/5UFbpcA-Z6Q FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: fa02565d8acd352c734cae98e973bfb85e375ed52ee8e973f5d1330795bf2560 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:12 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 886e15ec7a7808bc00138c509146fe5a Sha1: 9a42ef2fbcc2c74d86780423e65a30490ce40d58 Sha256: fa02565d8acd352c734cae98e973bfb85e375ed52ee8e973f5d1330795bf2560
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 53b3098394c77dc3d70a8cfe8ad8ea212cf53f23d86ee05bdbb4e23ef89d8a4b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4848 Cache-Control: max-age=144376 Date: Sun, 06 Nov 2022 18:27:12 GMT Etag: "63677a88-117" Expires: Tue, 08 Nov 2022 10:33:28 GMT Last-Modified: Sun, 06 Nov 2022 09:12:40 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 906ad6633e4cacb1290bee346a14b796 Sha1: 096cf59525697fa79410c0bc0a69bbc64267bcca Sha256: 53b3098394c77dc3d70a8cfe8ad8ea212cf53f23d86ee05bdbb4e23ef89d8a4b
GET /js/plausible.js HTTP/1.1 Host: awstats.cloud User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: awstats.cloud/js/plausible.js FQDN: awstats.cloud IP: 172.67.168.34 HASH: 4df4d373e066c6e8f08b3639e95047af25e344c2204f321c5f41e22b0df42b5c 172.67.168.34 HTTP/2 200 OK content-type: application/javascript date: Sun, 06 Nov 2022 18:27:12 GMT access-control-allow-origin: * cache-control: max-age=0, private, must-revalidate cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cf-cache-status: BYPASS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jkIlpIjwQ4%2BZ8%2FS%2BU7yJ%2Fad18s2KH%2BchMH3J9uguvXy9EyWRw1Js3qPBJhBGAqj%2BdcFXS6QPevRToRBHPiLKym5bOLD3zHbVYpT5eHqBEJmTpSIVl4IIgJJMc%2FO9Yt2"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c24bb4b51e-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1332), with no line terminators Size: 697 Md5: ec64ae3b22c7f1ecc262349f5d4f46fd Sha1: bc6cb0caa60c0df8f837da905de991e61a6d07ee Sha256: 4df4d373e066c6e8f08b3639e95047af25e344c2204f321c5f41e22b0df42b5c
GET /draw/?w=colored&n=68600&c=000000ffffff&p=left HTTP/1.1 Host: widgets.amung.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://v4.sportsonline.to/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: widgets.amung.us/draw/?w=colored&n=68600&c=000000ffffff (...) FQDN: widgets.amung.us IP: 104.22.75.171 HASH: 3195f43661dc876aa5f8b41c8f7b3d12787bb613c07036009a7eb717cfaa15d9 104.22.75.171 HTTP/2 200 OK content-type: image/png date: Sun, 06 Nov 2022 18:27:12 GMT content-disposition: filename=wau-widget.png expires: Sun, 06 Nov 2022 15:05:06 GMT cache-control: max-age=2678400 access-control-allow-origin: * cf-cache-status: HIT age: 98526 last-modified: Sat, 05 Nov 2022 15:05:06 GMT vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c28b1398ea-ARN X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data Size: 1801 Md5: ee72972ca6daf251213b7c8157d743f6 Sha1: 6447b1e6580131c50d0a1b1fb2bf1f29f0769d2e Sha256: 3195f43661dc876aa5f8b41c8f7b3d12787bb613c07036009a7eb717cfaa15d9
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 0b3670f73de693ca96230e12e55b0d6e9e0b39f15732628f408ac878ec34a912 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:12 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 05 Nov 2022 17:22:25 GMT Expires: Sat, 12 Nov 2022 17:22:24 GMT Etag: "46f025a99cc797a410a3411ae82fb96d943d01c2" Cache-Control: max-age=513911,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 765fe1c2fbfbb4e8-OSL --- Additional Info --- Magic: data Size: 471 Md5: bed0bea1351b333b8f15b0dfcdee2334 Sha1: 46f025a99cc797a410a3411ae82fb96d943d01c2 Sha256: 0b3670f73de693ca96230e12e55b0d6e9e0b39f15732628f408ac878ec34a912
POST /api/event HTTP/1.1 Host: awstats.cloud User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 142 Origin: https://y0k2w0p9cl84r1.constraindefiant.net Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: awstats.cloud/api/event FQDN: awstats.cloud IP: 172.67.168.34 HASH: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df 172.67.168.34 HTTP/2 202 Accepted content-type: text/plain; charset=utf-8 date: Sun, 06 Nov 2022 18:27:12 GMT content-length: 2 access-control-allow-credentials: true access-control-allow-origin: * access-control-expose-headers: cache-control: max-age=0, private, must-revalidate x-request-id: FyUSL5ouFgwhmqEJyu8C cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwZC%2BgONa9JwW9Kg4K3M4S%2Bcwicf0F0BmuSmSiJvJ8YMuANqCgy%2Bt%2BCGKjeBkd9q1bvf9IvpNkfiGFkEs5kZKBigBw3UHrlclnCJsVNSFUCN9gpf%2Bsw494mBCfQJdg%2BO"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 765fe1c3fc7efab4-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 2 Md5: 444bcb3a3fcf8389296c49467f27e1d6 Sha1: 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c5ab703f075f9db9886de7291febcc97660c04ac26f52274ef658906dff3a161 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10462 x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bF_38GKXoAMFwSA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0 x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Sun, 06 Nov 2022 06:27:59 GMT age: 43153 etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 35713 Md5: 57ed505edc17c291483ad0ff920922aa Sha1: 80d44ca67ea33354b43158a52c0cd430467fc967 Sha256: c5ab703f075f9db9886de7291febcc97660c04ac26f52274ef658906dff3a161
GET /?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 HTTP/1.1 Host: interstitial-07.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: interstitial-07.com/?l=71sWHexfeDo0wps&cd_meta_crid=505 (...) FQDN: interstitial-07.com IP: 139.45.197.155 HASH: 696ba2a279691495a13e763b6adb8ad9327a1b2e9a6fc141793bc889d4b4579e 139.45.197.155 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT vary: Accept-Encoding x-powered-by: PHP/7.4.27 set-cookie: reverse=g3oUi_oOoT0layDpNOcY58i_2EXeLZlLYqX6Aw4tYw8; expires=Sun, 06-Nov-2022 19:27:12 GMT; Max-Age=3600; path=/ access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS, HEAD access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 43124 Md5: 9979d5b925cfc1cb055d2aa654fae572 Sha1: 4ad9bfab769e830af5af5d8251993d0ea36a9c2c Sha256: 696ba2a279691495a13e763b6adb8ad9327a1b2e9a6fc141793bc889d4b4579e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8309 x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bJbgwH23IAMF3kA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0 x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: JK-yLq7PeMFrcv4opjTjHprEUQ8IIBuHPzhz0ttxQx9GYdBY1EauBA== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Sat, 05 Nov 2022 22:17:07 GMT age: 72605 etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8309 Md5: 3929fb3c2f0dad9409e9b247ab891518 Sha1: b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28 Sha256: 64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /5/3710289/?oo=1&js_build=iclick-v1.447.0 HTTP/1.1 Host: bedrapiona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: bedrapiona.com/5/3710289/?oo=1&js_build=iclick-v1.447.0 FQDN: bedrapiona.com IP: 139.45.197.234 HASH: 3d427e2b7e4c139e60c0f6f0d6fffd0b4b737c3511b3212c16abfc35015eb6c5 139.45.197.234 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT x-trace-id: 105419385caf46a5d91457f0709c1d26 link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-max-age: 86400 timing-allow-origin: * set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT pragma: no-cache, no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 13471 Md5: 4c67f200a2fcbb3ef1b94cfe64a0db3e Sha1: 84931bf1de03349b356bcecc74fc3cc7f0227bae Sha256: 3d427e2b7e4c139e60c0f6f0d6fffd0b4b737c3511b3212c16abfc35015eb6c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14415 x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bJabgHcMoAMFTLg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0 x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google date: Sat, 05 Nov 2022 22:12:38 GMT age: 72874 etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14415 Md5: fa77f05b1af971db287607d9d9a30e0f Sha1: 276f1493d6da74c8fa3ef83dee77bf48850ff4b4 Sha256: 005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7573 x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bDkhGHmjoAMFxxQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0 x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google date: Sun, 06 Nov 2022 05:31:43 GMT age: 46529 etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7573 Md5: b18a8c9f5539ce33476f843f5811e01d Sha1: 11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b Sha256: fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
POST /custom HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Content-Type: application/json Origin: http://bmindbm.xyz Content-Length: 620 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/custom FQDN: ibrapush.com IP: 139.45.197.250 HASH: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 139.45.197.250 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:13 GMT content-length: 39 x-trace-id: 5bf90ebcca75c768fe897aa9a9750f88 access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 39 Md5: 058b158c2be925f556454ef762d93538 Sha1: cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
GET /impression/nHUZ_oJdrxxAQy65hv3sc2mbxfQTp55HPF9v9oXIw12fhVAPQQ65dUiZ4PEXBAkwGizFkJD3lUGRIRsxu1Nx0soBYpwchu2HAGdzYI4xcYOptEwHzjqCiyrqi5qeiG79Uh89z1PuflRksUIlQASzEfpRPlzbnB44EAyZjNA7mcVFjqMQ_d_30UzWpt15SGaCOfVRe9Ftx1YLJohC-D7A99W-tfQfdJYsDAnJT62yjCDA76aGfoLssbRFw1Z8m6NRKoIIZlMs2-EAy1-LIL4aATakMlGy3_XLZE5QHQfy8UhBvHjpwIr8p52jNXJ7SQyrb_Y22x0IKtE-vM6rWkOaqrjukGn5bnLUXX4BkzK5Ea0oK9Lb7dbPAkifRJucFNjXHRFi3gW1HKfMihRLk3dnT8EQgp5joXUAiyyYyU9JYhC3cBVfq9bqhs28mS_f9GMOblhc4WROCystdhweXGGbO8FgO7xLG3NFMdAu2tfDABSpvXWg94Z4PuZ2f7AcACI0aLUZ1RycUYTFZvdu0OOk8ngvLFO9LiULqUYkR8oxD4tcfm3iHwAn92ScAAzWZj2fXaybJ9rnyEmHHUQSMoyaAK3SVUw=?_z=3710287&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: betotodilea.com/impression/nHUZ_oJdrxxAQy65hv3sc2mbxfQT (...) FQDN: betotodilea.com IP: 139.45.197.237 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.197.237 HTTP/2 200 OK content-type: image/gif server: nginx date: Sun, 06 Nov 2022 18:27:16 GMT content-length: 43 x-trace-id: a9c9cfccf409ef7158cef7286d8cca21 expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache vary: Origin access-control-allow-origin: * access-control-expose-headers: Link access-control-allow-credentials: true strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Alerts: Blocklists: - quad9: Sinkholed
OPTIONS /500/3710287?excludes=15561156&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: content-type Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: betotodilea.com/500/3710287?excludes=15561156&oaid=bbf8 (...) FQDN: betotodilea.com IP: 139.45.197.237 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.237 HTTP/2 200 OK server: nginx date: Sun, 06 Nov 2022 18:27:16 GMT content-length: 0 allow: GET, OPTIONS vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-allow-credentials: true access-control-max-age: 600 strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /500/3710287?excludes=15561156&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: betotodilea.com/500/3710287?excludes=15561156&oaid=bbf8 (...) FQDN: betotodilea.com IP: 139.45.197.237 HASH: 98e528698516dbc7064d30f7aa05cf7ae6206307a37b532be32631c20349bd05 139.45.197.237 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:17 GMT x-trace-id: 07d5a7512b992a4350df72581e5fab64 expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache vary: Origin access-control-allow-origin: http://bmindbm.xyz access-control-expose-headers: Link access-control-allow-credentials: true set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:16 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 44323 Md5: 4d58b3534284bf776db66b7ace3548f2 Sha1: f91db3d9d217e466d99766253873c6ee1397143b Sha256: 98e528698516dbc7064d30f7aa05cf7ae6206307a37b532be32631c20349bd05 Alerts: Blocklists: - quad9: Sinkholed
GET /draw/?w=colored&n=279000&c=000000ffffff&p=left HTTP/1.1 Host: widgets.amung.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: widgets.amung.us/draw/?w=colored&n=279000&c=000000fffff (...) FQDN: widgets.amung.us IP: 104.22.75.171 104.22.75.171 HTTP/2 200 OK content-type: image/png date: Sun, 06 Nov 2022 18:27:13 GMT content-disposition: filename=wau-widget.png expires: Mon, 07 Nov 2022 17:39:00 GMT cache-control: max-age=2678400 access-control-allow-origin: * cf-cache-status: HIT age: 2893 last-modified: Sun, 06 Nov 2022 17:39:00 GMT vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c6581e98ea-ARN X-Firefox-Spdy: h2 --- Additional Info ---
GET /27/b10314e887d309db18535b2593bd9514 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: scm=1; OAID=dee55ce7c87b4c8e9ed45322bbce0a90; oaidts=1667759231 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: nanouwho.com/27/b10314e887d309db18535b2593bd9514 FQDN: nanouwho.com IP: 139.45.197.242 139.45.197.242 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT access-control-allow-credentials: true access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION cache-control: max-age:290304000, public last-modified: Thu, 20 Oct 2022 04:50:21 GMT expires: Thu, 19 Nov 2082 04:50:21 GMT strict-transport-security: max-age=1 x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
GET /stattag.js HTTP/1.1 Host: tzegilo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: tzegilo.com/stattag.js FQDN: tzegilo.com IP: 104.21.84.149 104.21.84.149 HTTP/2 200 OK content-type: application/javascript date: Sun, 06 Nov 2022 18:27:11 GMT last-modified: Tue, 18 Oct 2022 14:05:58 GMT etag: W/"634eb2c6-32d9" link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin cache-control: max-age=14400 cf-cache-status: HIT age: 3854 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6ONRmUF%2FqufrRabeiu2MZ3HQXaFvS5Nvy844yGYBDbCDfJ6ZRkOYyMtJvC64CdjME7APVzrarN2fG7j%2FaFV%2FSQ2JFpFKvG57uwk2XI5i2ZcpLliopD%2BcW7QgglWyA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1bd1f36b515-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /script/ut.js?cb=1667759229947 HTTP/1.1 Host: superfastcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: superfastcdn.com/script/ut.js?cb=1667759229947 FQDN: superfastcdn.com IP: 172.64.166.4 172.64.166.4 HTTP/2 200 OK content-type: application/javascript date: Sun, 06 Nov 2022 18:27:12 GMT x-guploader-uploadid: ADPycdtFnFq0IpkUVAE5SrdZa5cGQWFIoqseVyW0OBmFQzAuA3ZCV591ohcfeoZHkpEBuU2AsJp9EcJWpXpVgN26osLrqQ x-goog-generation: 1661773552581597 x-goog-metageneration: 2 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 71356 x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg== x-goog-storage-class: MULTI_REGIONAL access-control-allow-origin: * expires: Sun, 06 Nov 2022 18:58:51 GMT cache-control: public, max-age=14400 last-modified: Mon, 29 Aug 2022 11:45:52 GMT etag: W/"c7304eebcb5069f68bd3fa9e74218a36" alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxmuiOdhWCM1X%2F%2B1Jf4cATIazRD5OiAI3H%2F5NYaE%2BJtoHA%2B4J6bCzE1W7M4c3wMKWwky0G8eGRbV0%2FHiCQlCgOkCLQ%2FjMpyqUuVud3zMuWdQJnxJg052oeQ5ZLWRC8nznOUw"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c03c5f7756-LHR content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /pfe/current/universal.min.js?v=3.1.402 HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/pfe/current/universal.min.js?v=3.1.402 FQDN: ibrapush.com IP: 139.45.197.250 139.45.197.250 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT last-modified: Wed, 02 Nov 2022 13:02:53 GMT etag: W/"63626a7d-180b9" access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /script/suurl4.php?r=5954546&cbur=0.16872860422351021&cbiframe=1&cbWidth=640&cbHeight=360&cbtitle=&cbpage=https%3A%2F%2Fv4.sportsonline.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0 HTTP/1.1 Host: youradexchange.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Origin: https://y0k2w0p9cl84r1.constraindefiant.net Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: youradexchange.com/script/suurl4.php?r=5954546&cbur=0.1 (...) FQDN: youradexchange.com IP: 35.190.41.116 35.190.41.116 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: openresty date: Sun, 06 Nov 2022 18:27:12 GMT access-control-allow-origin: * content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info ---
GET /500/3710287?excludes=&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: OAID=3b2047f958b34ad4957e1bcc4f54074d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: betotodilea.com/500/3710287?excludes=&oaid=bbf81df1bd4b (...) FQDN: betotodilea.com IP: 139.45.197.237 139.45.197.237 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT x-trace-id: 3bb6d47f34ce7e426c2faab11be4ead2 expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache vary: Origin access-control-allow-origin: http://bmindbm.xyz access-control-expose-headers: Link access-control-allow-credentials: true set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
GET /tag.min.js HTTP/1.1 Host: iclickcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: iclickcdn.com/tag.min.js FQDN: iclickcdn.com IP: 172.67.75.9 172.67.75.9 HTTP/2 200 OK content-type: text/javascript; charset=utf-8 date: Sun, 06 Nov 2022 18:27:10 GMT x-trace-id: 7d63e326dccd5693720cb6272e342f32 cache-control: max-age=86400 last-modified: Thu, 03 Nov 2022 15:00:30 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-max-age: 86400 pragma: no-cache expires: Mon, 07 Nov 2022 05:41:06 GMT timing-allow-origin: * cf-cache-status: HIT age: 45964 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYgVoB95TfGZ0g3VyDCfUYdSHIuUAlSUaR8ym4vZyHDBUgbmf%2BRSGfXE0vu91t6Uu%2BfUFYL2XNYq3SwGaCZgmrLPjV4OiyBLIXNIA2IwPjGy%2FXjfCZo5N%2Btc4uKguso%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1b90c99b517-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /cwidget/h6qfsjssi5/000000ffffff.png HTTP/1.1 Host: whos.amung.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png FQDN: whos.amung.us IP: 104.22.75.171 104.22.75.171 HTTP/2 307 Temporary Redirect content-type: text/html; charset=UTF-8 date: Sun, 06 Nov 2022 18:27:13 GMT location: https://widgets.amung.us/draw/?w=colored&n=279000&c=000000ffffff&p=left cache-control: max-age=295 cf-cache-status: DYNAMIC server: cloudflare cf-ray: 765fe1c58f0998ea-ARN X-Firefox-Spdy: h2 --- Additional Info ---
GET /fv.js?t=72747&cb=1989890367 HTTP/1.1 Host: unphionetor.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://interstitial-07.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: unphionetor.com/fv.js?t=72747&cb=1989890367 FQDN: unphionetor.com IP: 139.45.197.236 139.45.197.236 HTTP/2 200 OK content-type: text/javascript; charset=utf8 server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true pragma: no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT x-trace-id: f5c84718bd5aac943ffd9edbda9fcd3a strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
GET /css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=6.1 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C5 (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 06 Nov 2022 18:27:10 GMT date: Sun, 06 Nov 2022 18:27:10 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /pfe/current/tag.min.js?z=4018039 HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ibrapush.com/pfe/current/tag.min.js?z=4018039 FQDN: ibrapush.com IP: 139.45.197.250 139.45.197.250 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT last-modified: Wed, 02 Nov 2022 13:02:53 GMT etag: W/"63626a7d-39be" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /400/3710287 HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: betotodilea.com/400/3710287 FQDN: betotodilea.com IP: 139.45.197.237 139.45.197.237 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT x-trace-id: 104bb7dd5b04657185010a445bbd51ae expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache vary: Origin access-control-allow-origin: * access-control-expose-headers: Link access-control-allow-credentials: true set-cookie: OAID=3b2047f958b34ad4957e1bcc4f54074d; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
POST /9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 55 Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: scm=1; OAID=dee55ce7c87b4c8e9ed45322bbce0a90; oaidts=1667759231 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: nanouwho.com/9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=- (...) FQDN: nanouwho.com IP: 139.45.197.242 139.45.197.242 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT access-control-allow-credentials: true access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION x-trace-id: 9ed9844e1c2b73abd160083f6ab05d7f access-control-expose-headers: X-Sc set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
GET /embed/phsheh97kpcdvc2 HTTP/1.1 Host: y0k2w0p9cl84r1.constraindefiant.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: y0k2w0p9cl84r1.constraindefiant.net/embed/phsheh97kpcdvc2 FQDN: y0k2w0p9cl84r1.constraindefiant.net IP: 172.67.181.206 172.67.181.206 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Sun, 06 Nov 2022 18:27:12 GMT set-cookie: hf1=1; expires=Mon, 07-Nov-2022 06:27:12 GMT; Max-Age=43200; path=/; secure; HttpOnly; SameSite=None hf5=1; expires=Mon, 07-Nov-2022 18:27:12 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TNBOH%2FKMnvK9LekI8RyEQS2hCw0%2BKqntym418hfpLR8Ng3YHWm5T03w%2F%2FyPe6XVU2vbbLGVwxHEEtqvwQIGu%2BWwWazSTDk0TqvBD3zgOCc05GEL31lxclN%2FaxfNUKEfeSzT7HJmTLDZ6UwZ5GiDjKrn56VK4A%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 765fe1c17f6db4f7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /cwidget/sportsonline/000000ffffff.png HTTP/1.1 Host: whos.amung.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: whos.amung.us/cwidget/sportsonline/000000ffffff.png FQDN: whos.amung.us IP: 104.22.75.171 104.22.75.171 HTTP/2 307 Temporary Redirect content-type: text/html; charset=UTF-8 date: Sun, 06 Nov 2022 18:27:12 GMT location: https://widgets.amung.us/draw/?w=colored&n=68600&c=000000ffffff&p=left cache-control: max-age=295 cf-cache-status: DYNAMIC server: cloudflare cf-ray: 765fe1c1ba3198ea-ARN X-Firefox-Spdy: h2 --- Additional Info ---
GET /nsns.js HTTP/1.1 Host: swarm.video User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: swarm.video/nsns.js FQDN: swarm.video IP: 104.21.17.85 104.21.17.85 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Sun, 06 Nov 2022 18:27:12 GMT cache-control: public, max-age=31536000 cf-bgj: minify cf-polished: origSize=519718 etag: W/"7ee26-183e189fff7" last-modified: Sun, 16 Oct 2022 16:04:21 GMT x-powered-by: Express cf-cache-status: HIT age: 179651 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lE0oLO8vjovd2U5n2Tn6sTaHMlLRieKyrXeH%2BJnevwIJqc2digtyp8Xa0oVPMOqqLtLAdmEoyRBEfbaQN%2FVWPhdSE%2BWnD7gduxj%2FufIdNsaLi%2BwNkd4CflC9luC0AQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c2babc1c0a-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 2990 

                                        
                                            
Cache-Control: max-age=147223 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
Etag: "63678ce7-1d7" 

                                        
                                            
Expires: Tue, 08 Nov 2022 11:20:53 GMT 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT 

                                        
                                            
Server: ECS (ska/F706) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    05978511215be8462d0b69e33b3a91a3

                                                Sha1:   61535ba131d547f1c5108d9e7763ee3fc8d8c824

                                                Sha256: cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: 2p2dSpeMV7ljhFzRt0/cvcfz3TwGUxM0rZwqdt116mc2agMq/zF8UxWUfEfpIoXad8ZuE+FNxsw= 

                                        
                                            
x-amz-request-id: AS77TCP61J9EGM58 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 06 Nov 2022 18:10:33 GMT 

                                        
                                            
age: 997 

                                        
                                            
last-modified: Fri, 30 Sep 2022 18:50:55 GMT 

                                        
                                            
etag: "67d5a988edcda47bc3b3b3f65d32b4b6" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    67d5a988edcda47bc3b3b3f65d32b4b6

                                                Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f

                                                Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 

                                        
                                            
Host: bmindbm.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

                                         104.21.19.28

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT 

                                        
                                            
ETag: W/"63622cd2-d9" 

                                        
                                            
Expires: Fri, 02 Dec 2022 12:28:00 GMT 

                                        
                                            
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate 

                                        
                                            
Pragma: public 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 367150 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omMBK0BtB2ZBB0aFYBnWoHdag6DZHAiWd7L0g4Ak74X6eLY6%2FGrKhCZMrS14VrGmoDHKkASIypD53IzTTLZC9e5GejGikrX8p4aMGXMhhnjD25h59dW1%2F0UZbVXzqw%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 765fe1b7bfceb503-OSL 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   188

                                                Md5:    8ac085745a5bcc97c54f8088973df029

                                                Sha1:   4e065566e82d4623d0f5b4d9275d3ee29e15acd1

                                                Sha256: a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f

                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 

                                        
                                            
Host: bmindbm.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

                                         104.21.19.28

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT 

                                        
                                            
ETag: W/"63622cd2-15e54" 

                                        
                                            
Expires: Fri, 02 Dec 2022 12:28:00 GMT 

                                        
                                            
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate 

                                        
                                            
Pragma: public 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 367150 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbrdls3yqFPfteT9WWuY02Buw9Te8%2Fvk%2F3LLocPYDek%2BXvNNaRuq9PV%2FqdLBXutb%2B%2F5%2Ba68HylBG%2BYfQ14k0EKs6mb4SYCAB4SAbQYemC%2FOa1w339A8XAhtJuCqpUA%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 765fe1b7ce120b02-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65447)

                                                Size:   36096

                                                Md5:    3799a6be94d7facfc78f066e18773e22

                                                Sha1:   5d97b0e2565712331b1d73be1581159bf282cd4f

                                                Sha256: e208eb0b972a9d1bdd741669ae120b4555f33ea138d69d012f99de9aaec1c9be

                                        
                                            GET /wp-includes/js/comment-reply.min.js?ver=6.1 HTTP/1.1 

                                        
                                            
Host: bmindbm.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

                                         104.21.19.28

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT 

                                        
                                            
ETag: W/"62f93e6c-ba5" 

                                        
                                            
Expires: Fri, 02 Dec 2022 12:28:00 GMT 

                                        
                                            
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate 

                                        
                                            
Pragma: public 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 367150 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iz2BJaOB5saaHin2d1lWhCdrAFXXeZ9LS0GemGH%2BkIqvUOvx51YUpPdCIS2QcO53t%2F6DqqUKoOPwboBIDGN8%2BHmPJ6eqVNipsvLxgABoE8IWw6kjo%2BU7%2FQkvyljIkA%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 765fe1b7de3a0b02-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (2946)

                                                Size:   1400

                                                Md5:    6282991ad99635e986f4bebf83d5901b

                                                Sha1:   7f648e27d58531016bf668335f123795df7d0cd7

                                                Sha256: a81bf134e4dafa239d0dbe5c6126798016d73c70391f64eb542296a4e95164f8

                                        
                                            GET /wp-content/themes/thesimplest/assets/js/bootstrap.min.js?ver=3.3.7 HTTP/1.1 

                                        
                                            
Host: bmindbm.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

                                         104.21.19.28

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT 

                                        
                                            
ETag: W/"62f93e74-90bb" 

                                        
                                            
Expires: Thu, 17 Nov 2022 18:30:03 GMT 

                                        
                                            
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate 

                                        
                                            
Pragma: public 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 1641427 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyEJlePD0OtZfa2u12Dr%2FCyykyE0gEo5JtBrlEoJ9BMUVsDwswrlKgRW%2FBN5gCWOmJX7oOWxrYJHMCDeD5l5r4ton2JtLFgj16L%2B%2BrW5%2BgJRcsmAFbfYS8DlUpbf%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 765fe1b7dcaefac4-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (32033), with CRLF line terminators

                                                Size:   11896

                                                Md5:    2b6818935cd109cfffeef9c1be632358

                                                Sha1:   1794f2fbc5b5a99dccdc95a5f4b8ba5d90c805e6

                                                Sha256: ece4c79978657a26246a87ccf53f02c93c19a2418eb0429bec6364d5a8027164

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    12a1f191d3251cadd0fce23ca14e1a5d

                                                Sha1:   a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864

                                                Sha256: 95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c

                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1 

                                        
                                            
Host: bmindbm.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/

                                         104.21.19.28

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT 

                                        
                                            
ETag: W/"62f93e6c-48b9" 

                                        
                                            
Expires: Fri, 02 Dec 2022 13:24:20 GMT 

                                        
                                            
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate 

                                        
                                            
Pragma: public 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 363770 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6TsKT%2BwlsWK%2Fjf%2BgRpF5qvI5xr%2Bv8q5UFiB0l0%2FjV8qKIkeOW0ZcGMtFs5WiDcXzIj4CWv3r2lK6COLYMA3eLNHk2CjvgZdBNeIWHPRHlgpvyniretUFcvB7xIvEA%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 765fe1b85d24fac4-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (15660)

                                                Size:   5806

                                                Md5:    9821563af79d0fbd798c5a96f11cb775

                                                Sha1:   d7ad769f21b6cdbd3602ba2512449e5febe7a2ee

                                                Sha256: 3a372dc0de21ae3d1a2e8d08c2d38599823eb332d06f35ec1eefd1afbbbe9f12

                                        
                                            GET /gtag/js?id=UA-195874698-1 HTTP/1.1 

                                        
                                            
Host: www.googletagmanager.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.168

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Cache-Control 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
expires: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
cache-control: private, max-age=900 

                                        
                                            
last-modified: Sun, 06 Nov 2022 18:00:00 GMT 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Google Tag Manager 

                                        
                                            
content-length: 43608 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1921)

                                                Size:   43608

                                                Md5:    5aee71665cb4856f4b116960846e3236

                                                Sha1:   38ca1b20c6281065d42b06246ab2008c70a9e3e1

                                                Sha256: 374a7443a2ee93646eeb5e9ac2e9b68e8c5619492c7cdb740b8c99c70948b962

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e13e65ad7f6f12300b12d6cd6936d621

                                                Sha1:   575faf606b5c5e39e0fbbef59998bcd3625aa141

                                                Sha256: 10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    62a8ce6a2338913103618edb2f4a9dbe

                                                Sha1:   0e0850b1aef6ed524d119a41145112b84c257687

                                                Sha256: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31

                                        
                                            GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: http://bmindbm.xyz 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.195

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 32900 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 02 Nov 2022 19:45:18 GMT 

                                        
                                            
expires: Thu, 02 Nov 2023 19:45:18 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 340912 

                                        
                                            
last-modified: Wed, 27 Apr 2022 15:44:11 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data

                                                Size:   32900

                                                Md5:    fda3323314d895ae39de612559f6fad9

                                                Sha1:   644dbb14f599920fdc8f8260b6e67bd1f8770e89

                                                Sha256: d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "25EF7CEF2934DE8422A9F441A8BBA27548D43DD2383ABA06232EF3E18E72EB1C" 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14653 

                                        
                                            
Expires: Sun, 06 Nov 2022 22:31:24 GMT 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    d829ae70aa185df7e830d8ccc36db992

                                                Sha1:   98be9407beddb9e0cc7fb294eb5be1576ad3ccb0

                                                Sha256: 25ef7cef2934de8422a9f441a8bba27548d43dd2383aba06232ef3e18e72eb1c

                                        
                                            GET /328e7308c7d9b682b707448d319ed5fb/invoke.js HTTP/1.1 

                                        
                                            
Host: www.effectivedisplayformat.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/

                                         173.233.139.164

                                        
                                            HTTP/1.1 403 Forbidden 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Server: nginx/1.19.5 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "6F2FEE2FA39121115E2588E38139D01470718C3E88244F51906C739D6ADA92F5" 

                                        
                                            
Last-Modified: Sat, 05 Nov 2022 10:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12221 

                                        
                                            
Expires: Sun, 06 Nov 2022 21:50:52 GMT 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    c3e4b006b7d1b802e50f752c6b307478

                                                Sha1:   381f891ba02032af92f545f871e0021d7a0b3328

                                                Sha256: 6f2fee2fa39121115e2588e38139d01470718c3e88244f51906c739d6ada92f5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6462 

                                        
                                            
Cache-Control: max-age=145642 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
Etag: "6367792b-1d7" 

                                        
                                            
Expires: Tue, 08 Nov 2022 10:54:33 GMT 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT 

                                        
                                            
Server: ECS (ska/F706) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    d862f992e9902530594e7aca425f129b

                                                Sha1:   25b414fe833d30b52928535d659a1ee281b82e3a

                                                Sha256: 0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d

                                        
                                            GET /zone?pub=0&zone_id=4018039&is_mobile=false&domain=bmindbm.xyz&var=&ymid=&var_3= HTTP/1.1 

                                        
                                            
Host: ibrapush.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Origin: http://bmindbm.xyz 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         139.45.197.250

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
content-length: 664 

                                        
                                            
x-trace-id: 8d7665f7181a67d543eff21f4befd7d6 

                                        
                                            
access-control-allow-origin: http://bmindbm.xyz 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                        
                                            
strict-transport-security: max-age=1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (663)

                                                Size:   664

                                                Md5:    5444871228d2777e91ff0b277c00a8ad

                                                Sha1:   0c84e7b034e3a75c632ce5096747eecb75a1573a

                                                Sha256: 6088bfc314da81c6b3cedf06e986dfe1c22d866f973cf57a716c73f12d33ebe4

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.32.68

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT 

                                        
                                            
Expires: Thu, 10 Nov 2022 18:25:19 GMT 

                                        
                                            
Etag: "c5588f7f402a41c39405d7459367eadb893fafaf" 

                                        
                                            
Cache-Control: max-age=344887,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb1 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 765fe1bbeeeab4e8-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    4410e0283900e769c122cfbcbdbed143

                                                Sha1:   c5588f7f402a41c39405d7459367eadb893fafaf

                                                Sha256: c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5

                                        
                                            GET /gid.js?userId=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: http://bmindbm.xyz 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         139.45.195.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
content-length: 65 

                                        
                                            
access-control-allow-origin: http://bmindbm.xyz 

                                        
                                            
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                        
                                            
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                        
                                            
access-control-expose-headers: Authorization 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
set-cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None 

                                        
                                            
strict-transport-security: max-age=1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: *, * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text

                                                Size:   65

                                                Md5:    bbf8eb01a95f47b5fdd57e2c711f8b4f

                                                Sha1:   81147c4d10829c13c6d03438cf6556e74fda380f

                                                Sha256: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: bS5lXJh5NSDjxMEAXzdBQA== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         35.161.6.128

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: coT22y1RG9jyE1U8HrXOowe9qgc= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /?rb=nr4vHIg5nk6-rYVGjLpl2K8USddLKv84A1xWzn2M5u3XDTNhxH0xMPrAkfQ4fJjwCui45wsDKv44vSljQXcr8XfyxOTjmDAC-hvg6sHA3ePbDTZ9_ZmyfFYQmxUW3o2WHwOG8v_5L2rEKf-1kbzQGDjpsDlbCKxRJOTjZqgh5ZlGE07WuTqp1MCSL1omkqAomcIe8OgBfgC53JgFk5qmSP-uurl5iBr316za-A%3D%3D&request_ab2=0&zoneid=3710289&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=533e8dab-6f5d-4d5b-a654-56dd5084d8b0&userId=bbf81df1bd4b44eba4cd1d096c889c63&m=link HTTP/1.1 

                                        
                                            
Host: onmarshtompor.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Origin: http://bmindbm.xyz 

                                        
                                            
Connection: keep-alive

                                         139.45.197.243

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
X-Trace-Id: 2fff0691fce4cd2f88d32b42f8ee130b 

                                        
                                            
Access-Control-Allow-Origin: http://bmindbm.xyz 

                                        
                                            
Access-Control-Allow-Credentials: true 

                                        
                                            
Access-Control-Allow-Methods: GET, POST, OPTIONS 

                                        
                                            
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding 

                                        
                                            
Access-Control-Max-Age: 86400 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 

                                        
                                            
Expires: Tue, 11 Jan 1994 10:00:00 GMT 

                                        
                                            
Set-Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/
oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/
syncedCookie=true; expires=Sun, 13 Nov 2022 18:27:11 GMT; path=/ 

                                        
                                            
Strict-Transport-Security: max-age=1 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Timing-Allow-Origin: *, * 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (2411), with no line terminators

                                                Size:   1862

                                                Md5:    73693b8c9c743d85e47e26483233c590

                                                Sha1:   93f489a5cfe8d36f21986194140547c02a0997a5

                                                Sha256: 3771a7d61bef1cfb869e71df919c9b15cf5ba52bcad14982d124cd13c634950a

                                        
                                            OPTIONS /custom HTTP/1.1 

                                        
                                            
Host: ibrapush.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Origin: http://bmindbm.xyz 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         139.45.197.250

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
access-control-allow-origin: http://bmindbm.xyz 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-methods: GET, POST, OPTIONS 

                                        
                                            
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /custom HTTP/1.1 

                                        
                                            
Host: ibrapush.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: http://bmindbm.xyz 

                                        
                                            
Content-Length: 384 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         139.45.197.250

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
content-length: 39 

                                        
                                            
x-trace-id: 885966ebbef40352123000351bf82f34 

                                        
                                            
access-control-allow-origin: http://bmindbm.xyz 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                        
                                            
strict-transport-security: max-age=1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text

                                                Size:   39

                                                Md5:    058b158c2be925f556454ef762d93538

                                                Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9

                                                Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

                                        
                                            GET /channels/hd/SCCfwxq.png HTTP/1.1 

                                        
                                            
Host: v4.sportsonline.to

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://v4.sportsonline.to/channels/hd/hd8.php 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.21.8.62

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
content-length: 1220 

                                        
                                            
last-modified: Tue, 07 Dec 2021 14:48:18 GMT 

                                        
                                            
etag: "61af7432-4c4" 

                                        
                                            
cache-control: max-age=14400 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 2009 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YjyYI%2BtvFnYF%2F0h%2BNvpIs4kHor5r1WV5TVnz0aSkeYTKmCOzXV9hJSZPKcOR771P8BvSFA5USrBd8uneKaBqEbvJ2GmqBFKmO7XQFM4QrNsAtP13aEkKpiIpZ8QmmF7Zzv2LYo%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 765fe1bf38e8b4fa-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 588 x 454, 8-bit colormap, non-interlaced\012- data

                                                Size:   1220

                                                Md5:    613678c01b1604d5cd1e515517e095a1

                                                Sha1:   cb306e19705d9e1da2aa1487283b7f9f69ad330a

                                                Sha256: ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 345 

                                        
                                            
ETag: "B1D2591120CC8DCFA875CEAB5051E309732C91F48D14813FB2C27C97EFBFBEA5" 

                                        
                                            
Last-Modified: Fri, 04 Nov 2022 18:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16424 

                                        
                                            
Expires: Sun, 06 Nov 2022 23:00:55 GMT 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   345

                                                Md5:    38a5093645f105281de3d64902cd14f1

                                                Sha1:   068ce21260b149ed9dd7874e2722504f8e5fce66

                                                Sha256: b1d2591120cc8dcfa875ceab5051e309732c91f48d14813fb2c27c97efbfbea5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F305998AE454490CDC7D7EC0EB2E37AA8FAF7D3906EDE594D2E4D4992B842089" 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5077 

                                        
                                            
Expires: Sun, 06 Nov 2022 19:51:49 GMT 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    44c33f02caf3a658625634ab910d6ad5

                                                Sha1:   0920255a89a3ac5300a9dbef97dc5067f1349548

                                                Sha256: f305998ae454490cdc7d7ec0eb2e37aa8faf7d3906ede594d2e4d4992b842089

                                        
                                            GET /analytics.js HTTP/1.1 

                                        
                                            
Host: www.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.174

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript

                                        

                                        
                                            
strict-transport-security: max-age=10886400; includeSubDomains; preload 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 20039 

                                        
                                            
date: Sun, 06 Nov 2022 16:41:09 GMT 

                                        
                                            
expires: Sun, 06 Nov 2022 18:41:09 GMT 

                                        
                                            
cache-control: public, max-age=7200 

                                        
                                            
age: 6363 

                                        
                                            
last-modified: Tue, 27 Sep 2022 22:01:05 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1325)

                                                Size:   20039

                                                Md5:    47e6f374ca946fddd5b59871b325736c

                                                Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4

                                                Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

                                        
                                            POST /j/collect?v=1&_v=j98&a=1064186128&t=pageview&_s=1&dl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&ul=en-us&de=UTF-8&dt=Live%20Streams&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=289599453&gjid=413045313&cid=951940522.1667759230&tid=UA-3299888-6&_gid=822534487.1667759230&_r=1&gtm=2oub20&z=667681429 HTTP/1.1 

                                        
                                            
Host: www.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: http://bmindbm.xyz 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         142.250.74.174

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: http://bmindbm.xyz 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
last-modified: Sun, 17 May 1998 03:00:00 GMT 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  very short file (no magic)

                                                Size:   1

                                                Md5:    c4ca4238a0b923820dcc509a6f75849b

                                                Sha1:   356a192b7913b04c54574d18c28d46e6395428ab

                                                Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

                                        
                                            GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 

                                        
                                            
Host: bmindbm.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: prefetchAd_3710289=true; _ga=GA1.2.951940522.1667759230; _gid=GA1.2.822534487.1667759230; _gat_gtag_UA_195874698_1=1; _gat_gtag_UA_3299888_6=1

                                         104.21.19.28

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
Content-Length: 4119 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT 

                                        
                                            
ETag: "62f93e6c-1017" 

                                        
                                            
Expires: Fri, 02 Dec 2022 17:37:48 GMT 

                                        
                                            
Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate 

                                        
                                            
Pragma: public 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 348564 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzDlu0w%2FH%2BhFC0Nq6pKsRDQ%2FxY1xg2eKWQIuv%2B2EcWgqFHRmKid3A9hltPjUthA3g0Zry%2FfmNrHV4Ds%2F6SLrZzfWrusn0kjFfDbyaVYKC5mBkDlmRafVMf31%2BD96BA%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 765fe1c0dc11fac4-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   4119

                                                Md5:    000bf649cc8f6bf27cfb04d1bcdcd3c7

                                                Sha1:   d73d2f6d74ec6cdcbae07955592962e77d8ae814

                                                Sha256: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

                                        
                                            POST /custom HTTP/1.1 

                                        
                                            
Host: ibrapush.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: http://bmindbm.xyz 

                                        
                                            
Content-Length: 381 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         139.45.197.250

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
content-length: 39 

                                        
                                            
x-trace-id: e3fe838dbf2ebf4134261b9c46031c5c 

                                        
                                            
access-control-allow-origin: http://bmindbm.xyz 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                        
                                            
strict-transport-security: max-age=1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text

                                                Size:   39

                                                Md5:    058b158c2be925f556454ef762d93538

                                                Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9

                                                Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "1B2F8BD8D4B8BF78BFD6B06130ECBF660615CE661D707E2FFBC47FDF5E412713" 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14550 

                                        
                                            
Expires: Sun, 06 Nov 2022 22:29:42 GMT 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    713632026d35f2489cfe21c67fb93853

                                                Sha1:   85b9a635baaf233646da5475f57f57ee890e6c10

                                                Sha256: 1b2f8bd8d4b8bf78bfd6b06130ecbf660615ce661d707e2ffbc47fdf5e412713

                                        
                                            GET /contents/s/54/dd/f5/e95e60ab935e545b50ffa002ca/0975276558731.jpeg HTTP/1.1 

                                        
                                            
Host: interstitial-07.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://interstitial-07.com/?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         139.45.197.155

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
content-length: 54176 

                                        
                                            
last-modified: Thu, 16 Dec 2021 06:39:29 GMT 

                                        
                                            
etag: "61badf21-d3a0" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET, POST, OPTIONS, HEAD 

                                        
                                            
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range 

                                        
                                            
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data

                                                Size:   54176

                                                Md5:    54ddf5e95e60ab935e545b50ffa002ca

                                                Sha1:   4285c9c5481ad2d0cc0f87cc05d3e0810d29573a

                                                Sha256: ea65923ca842ba0f5c9f6cf90659f8ebc651275dc24de3c061ea60e78ca1714f

                                        
                                            GET /script/bootstrap.js HTTP/1.1 

                                        
                                            
Host: superfastcdn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://v4.sportsonline.to/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.64.166.4

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
x-guploader-uploadid: ADPycdvD2aV0vhAfm60SW0Z3KK4sh4pPps0G-9mhbxVaxUs84UEQMhHFmvZkfDWNnm8gCTW04hmXAsP8_nRKiXjgYv8rNQ 

                                        
                                            
x-goog-generation: 1662626315119008 

                                        
                                            
x-goog-metageneration: 2 

                                        
                                            
x-goog-stored-content-encoding: identity 

                                        
                                            
x-goog-stored-content-length: 100523 

                                        
                                            
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA== 

                                        
                                            
x-goog-storage-class: MULTI_REGIONAL 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
expires: Sun, 06 Nov 2022 18:36:50 GMT 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
last-modified: Thu, 08 Sep 2022 08:38:35 GMT 

                                        
                                            
etag: W/"90a406e7c114cb9cbdbd171d8282e224" 

                                        
                                            
age: 2676 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn%2FdR7W59LwhIAcYfFfwRNc7tGXILcwCG%2Fu8YScYPzdOI4CsX5nBRNq2OvWRQ0RKtsNEeo0vNnhqFJo1doSOkpgRHvXXU3Q23gYJD56qE3Sbug3eB7QPA%2Fke2qedu9r2O5Fn"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 765fe1bfcb457756-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators

                                                Size:   43790

                                                Md5:    86862f00fabac54f7ee1a6b5059b6460

                                                Sha1:   b3c01213fa48750a92ff7401ab9b15001e1048bb

                                                Sha256: ad8ce50a4860bae5b6a35fed5cc785246ba918ef59d857c654da4010b1834d6d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4848 

                                        
                                            
Cache-Control: max-age=144376 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
Etag: "63677a88-117" 

                                        
                                            
Expires: Tue, 08 Nov 2022 10:33:28 GMT 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 09:12:40 GMT 

                                        
                                            
Server: ECS (ska/F706) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 279 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   279

                                                Md5:    906ad6633e4cacb1290bee346a14b796

                                                Sha1:   096cf59525697fa79410c0bc0a69bbc64267bcca

                                                Sha256: 53b3098394c77dc3d70a8cfe8ad8ea212cf53f23d86ee05bdbb4e23ef89d8a4b

                                        
                                            GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1 

                                        
                                            
Host: cdn.jsdelivr.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         151.101.85.229

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cache-control: public, max-age=604800, s-maxage=43200 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
x-jsd-version: 0.3.13 

                                        
                                            
x-jsd-version-type: version 

                                        
                                            
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
age: 8144 

                                        
                                            
x-served-by: cache-fra19182-FRA, cache-bma1645-BMA 

                                        
                                            
x-cache: HIT, HIT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 

                                        
                                            
content-length: 141142 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65536), with no line terminators

                                                Size:   141142

                                                Md5:    7e7fdfacdb1943ea810449001d165a53

                                                Sha1:   fc230e8b4a933497a2da4a783574a5b07b889a7e

                                                Sha256: d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf

                                        
                                            POST /s/gts1p5/5UFbpcA-Z6Q HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: scaffolding on HTTPServer2 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    886e15ec7a7808bc00138c509146fe5a

                                                Sha1:   9a42ef2fbcc2c74d86780423e65a30490ce40d58

                                                Sha256: fa02565d8acd352c734cae98e973bfb85e375ed52ee8e973f5d1330795bf2560

                                        
                                            GET /js/plausible.js HTTP/1.1 

                                        
                                            
Host: awstats.cloud

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.67.168.34

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cf-cache-status: BYPASS 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jkIlpIjwQ4%2BZ8%2FS%2BU7yJ%2Fad18s2KH%2BchMH3J9uguvXy9EyWRw1Js3qPBJhBGAqj%2BdcFXS6QPevRToRBHPiLKym5bOLD3zHbVYpT5eHqBEJmTpSIVl4IIgJJMc%2FO9Yt2"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 765fe1c24bb4b51e-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1332), with no line terminators

                                                Size:   697

                                                Md5:    ec64ae3b22c7f1ecc262349f5d4f46fd

                                                Sha1:   bc6cb0caa60c0df8f837da905de991e61a6d07ee

                                                Sha256: 4df4d373e066c6e8f08b3639e95047af25e344c2204f321c5f41e22b0df42b5c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.32.68

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sat, 05 Nov 2022 17:22:25 GMT 

                                        
                                            
Expires: Sat, 12 Nov 2022 17:22:24 GMT 

                                        
                                            
Etag: "46f025a99cc797a410a3411ae82fb96d943d01c2" 

                                        
                                            
Cache-Control: max-age=513911,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb2 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 765fe1c2fbfbb4e8-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    bed0bea1351b333b8f15b0dfcdee2334

                                                Sha1:   46f025a99cc797a410a3411ae82fb96d943d01c2

                                                Sha256: 0b3670f73de693ca96230e12e55b0d6e9e0b39f15732628f408ac878ec34a912

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" 

                                        
                                            
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14368 

                                        
                                            
Expires: Sun, 06 Nov 2022 22:26:40 GMT 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    3bf1a5e65cd048b761eac5cb0b52048a

                                                Sha1:   f64cface851717dee160a5c6fad975cc34fe4cd2

                                                Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" 

                                        
                                            
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14368 

                                        
                                            
Expires: Sun, 06 Nov 2022 22:26:40 GMT 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    3bf1a5e65cd048b761eac5cb0b52048a

                                                Sha1:   f64cface851717dee160a5c6fad975cc34fe4cd2

                                                Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" 

                                        
                                            
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14368 

                                        
                                            
Expires: Sun, 06 Nov 2022 22:26:40 GMT 

                                        
                                            
Date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    3bf1a5e65cd048b761eac5cb0b52048a

                                                Sha1:   f64cface851717dee160a5c6fad975cc34fe4cd2

                                                Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

                                        
                                            GET /?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 HTTP/1.1 

                                        
                                            
Host: interstitial-07.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         139.45.197.155

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-powered-by: PHP/7.4.27 

                                        
                                            
set-cookie: reverse=g3oUi_oOoT0layDpNOcY58i_2EXeLZlLYqX6Aw4tYw8; expires=Sun, 06-Nov-2022 19:27:12 GMT; Max-Age=3600; path=/ 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET, POST, OPTIONS, HEAD 

                                        
                                            
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range 

                                        
                                            
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   43124

                                                Md5:    9979d5b925cfc1cb055d2aa654fae572

                                                Sha1:   4ad9bfab769e830af5af5d8251993d0ea36a9c2c

                                                Sha256: 696ba2a279691495a13e763b6adb8ad9327a1b2e9a6fc141793bc889d4b4579e

                                        
                                            GET /5/3710289/?oo=1&js_build=iclick-v1.447.0 HTTP/1.1 

                                        
                                            
Host: bedrapiona.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: http://bmindbm.xyz 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         139.45.197.234

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
x-trace-id: 105419385caf46a5d91457f0709c1d26 

                                        
                                            
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" 

                                        
                                            
access-control-allow-origin: http://bmindbm.xyz 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-methods: GET, POST, OPTIONS 

                                        
                                            
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None
oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT 

                                        
                                            
pragma: no-cache, no-cache 

                                        
                                            
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 

                                        
                                            
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   13471

                                                Md5:    4c67f200a2fcbb3ef1b94cfe64a0db3e

                                                Sha1:   84931bf1de03349b356bcecc74fc3cc7f0227bae

                                                Sha256: 3d427e2b7e4c139e60c0f6f0d6fffd0b4b737c3511b3212c16abfc35015eb6c5

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7573 

                                        
                                            
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: bDkhGHmjoAMFxxQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw== 

                                        
                                            
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 06 Nov 2022 05:31:43 GMT 

                                        
                                            
age: 46529 

                                        
                                            
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7573

                                                Md5:    b18a8c9f5539ce33476f843f5811e01d

                                                Sha1:   11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b

                                                Sha256: fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c

                                        
                                            GET /script/ut.js?cb=1667759229947 HTTP/1.1 

                                        
                                            
Host: superfastcdn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://v4.sportsonline.to/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         172.64.166.4

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
x-guploader-uploadid: ADPycdtFnFq0IpkUVAE5SrdZa5cGQWFIoqseVyW0OBmFQzAuA3ZCV591ohcfeoZHkpEBuU2AsJp9EcJWpXpVgN26osLrqQ 

                                        
                                            
x-goog-generation: 1661773552581597 

                                        
                                            
x-goog-metageneration: 2 

                                        
                                            
x-goog-stored-content-encoding: identity 

                                        
                                            
x-goog-stored-content-length: 71356 

                                        
                                            
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg== 

                                        
                                            
x-goog-storage-class: MULTI_REGIONAL 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
expires: Sun, 06 Nov 2022 18:58:51 GMT 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
last-modified: Mon, 29 Aug 2022 11:45:52 GMT 

                                        
                                            
etag: W/"c7304eebcb5069f68bd3fa9e74218a36" 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
cf-cache-status: MISS 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxmuiOdhWCM1X%2F%2B1Jf4cATIazRD5OiAI3H%2F5NYaE%2BJtoHA%2B4J6bCzE1W7M4c3wMKWwky0G8eGRbV0%2FHiCQlCgOkCLQ%2FjMpyqUuVud3zMuWdQJnxJg052oeQ5ZLWRC8nznOUw"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 765fe1c03c5f7756-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /script/suurl4.php?r=5954546&cbur=0.16872860422351021&cbiframe=1&cbWidth=640&cbHeight=360&cbtitle=&cbpage=https%3A%2F%2Fv4.sportsonline.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0 HTTP/1.1 

                                        
                                            
Host: youradexchange.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ 

                                        
                                            
Origin: https://y0k2w0p9cl84r1.constraindefiant.net 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         35.190.41.116

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-encoding: gzip 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /tag.min.js HTTP/1.1 

                                        
                                            
Host: iclickcdn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.67.75.9

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=utf-8

                                        

                                        
                                            
date: Sun, 06 Nov 2022 18:27:10 GMT 

                                        
                                            
x-trace-id: 7d63e326dccd5693720cb6272e342f32 

                                        
                                            
cache-control: max-age=86400 

                                        
                                            
last-modified: Thu, 03 Nov 2022 15:00:30 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-methods: GET, POST, OPTIONS 

                                        
                                            
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Mon, 07 Nov 2022 05:41:06 GMT 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 45964 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYgVoB95TfGZ0g3VyDCfUYdSHIuUAlSUaR8ym4vZyHDBUgbmf%2BRSGfXE0vu91t6Uu%2BfUFYL2XNYq3SwGaCZgmrLPjV4OiyBLIXNIA2IwPjGy%2FXjfCZo5N%2Btc4uKguso%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 765fe1b90c99b517-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /pfe/current/tag.min.js?z=4018039 HTTP/1.1 

                                        
                                            
Host: ibrapush.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://bmindbm.xyz/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         139.45.197.250

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 06 Nov 2022 18:27:11 GMT 

                                        
                                            
last-modified: Wed, 02 Nov 2022 13:02:53 GMT 

                                        
                                            
etag: W/"63626a7d-39be" 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
cache-control: no-cache 

                                        
                                            
pragma: no-cache 

                                        
                                            
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /cwidget/sportsonline/000000ffffff.png HTTP/1.1 

                                        
                                            
Host: whos.amung.us

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://v4.sportsonline.to/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.22.75.171

                                        
                                            HTTP/2 307 Temporary Redirect 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
date: Sun, 06 Nov 2022 18:27:12 GMT 

                                        
                                            
location: https://widgets.amung.us/draw/?w=colored&n=68600&c=000000ffffff&p=left 

                                        
                                            
cache-control: max-age=295 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 765fe1c1ba3198ea-ARN 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	bmindbm.xyz/live/20/31/06/12/11/79095/
IP	104.21.19.28 ()
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-06 18:27:22 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	26
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /live/20/31/06/12/11/79095/ HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: bmindbm.xyz/live/20/31/06/12/11/79095/ FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 5a9d308c8c603552ca9d2c84ed144e36d6896fc293aa4c60fefe6537675a9563 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive X-Pingback: http://bmindbm.xyz/xmlrpc.php Link: <http://bmindbm.xyz/wp-json/>; rel="https://api.w.org/", <http://bmindbm.xyz/wp-json/wp/v2/posts/79095>; rel="alternate"; type="application/json", <http://bmindbm.xyz/?p=79095>; rel=shortlink X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDUVVsdGA647ge%2F5qdDtXKfZJDQlYjEfM2%2Fm2wXo9QdlQBoh%2Ftz%2BdcNS86RgCro%2BD52GQqPXYmZgP%2BjhvVX2hA7ZujYF3qigw7Yh3ytUiAT%2FSUc95QMYYi1pVFRbeg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 765fe1b56b440b02-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators Size: 5012 Md5: c295f06a34488b35758ce1439ccfb398 Sha1: 306b2f41c769eb0fa24405069125063f1776eda3 Sha256: 5a9d308c8c603552ca9d2c84ed144e36d6896fc293aa4c60fefe6537675a9563 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4" Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21329 Expires: Mon, 07 Nov 2022 00:22:39 GMT Date: Sun, 06 Nov 2022 18:27:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9e164a845d32db8fa51fdb5b1aa218d9 Sha1: 169099b4d2f8e119ab6cf6fca279b6fb535b1759 Sha256: 402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2990 Cache-Control: max-age=147223 Date: Sun, 06 Nov 2022 18:27:10 GMT Etag: "63678ce7-1d7" Expires: Tue, 08 Nov 2022 11:20:53 GMT Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 05978511215be8462d0b69e33b3a91a3 Sha1: 61535ba131d547f1c5108d9e7763ee3fc8d8c824 Sha256: cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F" Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13948 Expires: Sun, 06 Nov 2022 22:19:38 GMT Date: Sun, 06 Nov 2022 18:27:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d8c32b2fb818533a5b3fe5c69157bde9 Sha1: 93594fd3fc50d9d444c28660eabba1edbe4f0588 Sha256: df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 2p2dSpeMV7ljhFzRt0/cvcfz3TwGUxM0rZwqdt116mc2agMq/zF8UxWUfEfpIoXad8ZuE+FNxsw= x-amz-request-id: AS77TCP61J9EGM58 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 06 Nov 2022 18:10:33 GMT age: 997 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/css/dist/block-library/style.mi (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: c0d648b05833951a23877fd7f479c310b2ef027352ff396a8d6cdfebd0efcbf4 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT ETag: W/"63622cd2-17265" Expires: Fri, 02 Dec 2022 12:28:00 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5%2FFtCIVNW8TGAJIeXI5hn8L2kTa9nH691mwsftPS3GIG8DSUxcxuNbvcZ%2FyTjIUif2DYJmxQaX5d7FDZU0%2F1PTYRztl6AINd7dwUDqhrFb2nPK4mDGeMMQdR8Wbgg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7ade40b02-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (47826) Size: 16093 Md5: 437cbb59360f25850815ea2cb4e08ad4 Sha1: 26ec6e5faca8cbc81f7d38d8cdd0e05f577be065 Sha256: c0d648b05833951a23877fd7f479c310b2ef027352ff396a8d6cdfebd0efcbf4 Alerts: Blocklists: - fortinet: Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/css/classic-themes.min.css?ver=1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT ETag: W/"63622cd2-d9" Expires: Fri, 02 Dec 2022 12:28:00 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omMBK0BtB2ZBB0aFYBnWoHdag6DZHAiWd7L0g4Ak74X6eLY6%2FGrKhCZMrS14VrGmoDHKkASIypD53IzTTLZC9e5GejGikrX8p4aMGXMhhnjD25h59dW1%2F0UZbVXzqw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7bfceb503-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text Size: 188 Md5: 8ac085745a5bcc97c54f8088973df029 Sha1: 4e065566e82d4623d0f5b4d9275d3ee29e15acd1 Sha256: a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
GET /wp-content/themes/thesimplest/assets/css/bootstrap.min.css?ver=3.3.7 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/css/bo (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 0d0270a2d03002beece63c71cd30b3dc995c941f2584cf78fee66ff94026686e 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT ETag: W/"62f93e74-1d958" Expires: Tue, 29 Nov 2022 18:07:45 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 605965 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLXD0zUGV2FjOXUXQuVjbffZnl39IsuWNU%2B8HjUapaXhe0vk6jKJudvqEqNZKZMT0GNx%2FFPWNXWrTDBG4f8OGTMHzT9Nzb%2BEk7IluDK%2FWmr%2F5VLXLFg3lKPJRQk%2Feg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7bc89fac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (65367), with CRLF line terminators Size: 25204 Md5: 6cd040e53cbf5323fd187b9fa72a8e8a Sha1: df82b021aed0d857770cfdebbfcf179d799cc172 Sha256: 0d0270a2d03002beece63c71cd30b3dc995c941f2584cf78fee66ff94026686e Alerts: Blocklists: - fortinet: Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: e208eb0b972a9d1bdd741669ae120b4555f33ea138d69d012f99de9aaec1c9be 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Wed, 02 Nov 2022 08:39:46 GMT ETag: W/"63622cd2-15e54" Expires: Fri, 02 Dec 2022 12:28:00 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbrdls3yqFPfteT9WWuY02Buw9Te8%2Fvk%2F3LLocPYDek%2BXvNNaRuq9PV%2FqdLBXutb%2B%2F5%2Ba68HylBG%2BYfQ14k0EKs6mb4SYCAB4SAbQYemC%2FOa1w339A8XAhtJuCqpUA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7ce120b02-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (65447) Size: 36096 Md5: 3799a6be94d7facfc78f066e18773e22 Sha1: 5d97b0e2565712331b1d73be1581159bf282cd4f Sha256: e208eb0b972a9d1bdd741669ae120b4555f33ea138d69d012f99de9aaec1c9be
GET /wp-content/themes/thesimplest/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/js/ski (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: b07c724b9ea75eb1467a3e8c28dbe8c295d68997c000de9de6c2d5e944924966 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Cf-Bgj: minify Cf-Polished: origSize=1280 ETag: W/"62f93e74-500" Expires: Tue, 29 Nov 2022 18:07:45 GMT Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT Pragma: public CF-Cache-Status: HIT Age: 605965 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqnYGklpUGVi%2B%2BWL2McJeQGH3YM6VrmuGk%2F3zueLNrGBB4JGeFKF7zQQw4uOJ%2BGTLIL07ZBbYhWjSGkMp98cBUfMfkeuf0F34pjtSQq2C7QpbQ4NR99buvhcDfON2Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7c803b503-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (410) Size: 342 Md5: 811f33af7d382c6845878f57a43ae019 Sha1: 8a70a1c3eca6cdd27e07f1f93ca5bbdec327f554 Sha256: b07c724b9ea75eb1467a3e8c28dbe8c295d68997c000de9de6c2d5e944924966
GET /wp-content/themes/thesimplest/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/css/fo (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 9420ca89d597890836440ecfa4e9f9fe3a5e92a0c0cb8f15aac2302794d916ed 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT ETag: W/"62f93e74-791c" Expires: Tue, 29 Nov 2022 18:07:45 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 605965 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbBO3rtwd8ZIg2Rh6LgLth9VeceS0%2Fk7AQeQntqZAcVZO46mWNP5AorFhRG2tvICG%2FrdXM%2B79LSuFjmd8jw30lfEppj1weWR46rNXpY57kIfktkTtCHLbJjHdTpBFg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7cc8b1c06-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (30837), with CRLF line terminators Size: 7954 Md5: eaad6409dc92a75212f78c94f8cd235e Sha1: 80cf8a363b2f0956dc8485f1c5365c44311a6d6d Sha256: 9420ca89d597890836440ecfa4e9f9fe3a5e92a0c0cb8f15aac2302794d916ed Alerts: Blocklists: - fortinet: Phishing
GET /wp-content/themes/thesimplest/style.css?ver=6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/style.css?ver=6.1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 789dbee53d0771f4b5d02c212a3ce184b0fa9c74e635fc980b0e28b190e33a66 104.21.19.28 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Cf-Bgj: minify Cf-Polished: origSize=37090 ETag: W/"62f93e74-90e2" Expires: Fri, 02 Dec 2022 12:28:00 GMT Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT Pragma: public CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1im0Ixuf%2BR53%2BiFbI2DKeiXb%2FziGundOyHEmLj%2F%2BanTQkIamW54kKVlhFpWdNgIO1tOx%2FqsyGQ3RdsWWPeGu%2BXEQ8rV1AYVegf6Q0l2TiP7KQ3hPgdXX8bGOHywf1A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7c9c80b61-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (26617), with no line terminators Size: 5924 Md5: 03f9f78060c65b5eef626789fa2b1090 Sha1: c2fb1503f82681f6967e175f2137d5ac2495b147 Sha256: 789dbee53d0771f4b5d02c212a3ce184b0fa9c74e635fc980b0e28b190e33a66 Alerts: Blocklists: - fortinet: Phishing
GET /wp-includes/js/comment-reply.min.js?ver=6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/js/comment-reply.min.js?ver=6.1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: a81bf134e4dafa239d0dbe5c6126798016d73c70391f64eb542296a4e95164f8 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT ETag: W/"62f93e6c-ba5" Expires: Fri, 02 Dec 2022 12:28:00 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 367150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iz2BJaOB5saaHin2d1lWhCdrAFXXeZ9LS0GemGH%2BkIqvUOvx51YUpPdCIS2QcO53t%2F6DqqUKoOPwboBIDGN8%2BHmPJ6eqVNipsvLxgABoE8IWw6kjo%2BU7%2FQkvyljIkA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7de3a0b02-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (2946) Size: 1400 Md5: 6282991ad99635e986f4bebf83d5901b Sha1: 7f648e27d58531016bf668335f123795df7d0cd7 Sha256: a81bf134e4dafa239d0dbe5c6126798016d73c70391f64eb542296a4e95164f8
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/js/jquery/jquery-migrate.min.js (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 48470f972b6a6afef4cdb0177dae59d5c891353d995e76c47c9cb142fe45766e 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT ETag: W/"62f93e6c-2bd8" Expires: Mon, 28 Nov 2022 11:21:01 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 716769 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgAAF%2FPAvZlpDGKfovc6d4QJQeaiqehxgRDR8EwMfg70EaaTsjmFuLEkiL9uaVUe%2Bh18oB2aR7GkPrFlDprLFF90PdOlWNui0GUiMDEyLS%2FEZ8zY%2Fung5jZs8FaszQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7ce31b515-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (11126) Size: 4565 Md5: 413654fdfa9b24fbd3d747482e3971c9 Sha1: c23c501d5f668cd83443a4847197717536d55ab8 Sha256: 48470f972b6a6afef4cdb0177dae59d5c891353d995e76c47c9cb142fe45766e Alerts: Blocklists: - fortinet: Phishing
GET /wp-content/themes/thesimplest/assets/js/bootstrap.min.js?ver=3.3.7 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/js/boo (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: ece4c79978657a26246a87ccf53f02c93c19a2418eb0429bec6364d5a8027164 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT ETag: W/"62f93e74-90bb" Expires: Thu, 17 Nov 2022 18:30:03 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 1641427 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyEJlePD0OtZfa2u12Dr%2FCyykyE0gEo5JtBrlEoJ9BMUVsDwswrlKgRW%2FBN5gCWOmJX7oOWxrYJHMCDeD5l5r4ton2JtLFgj16L%2B%2BrW5%2BgJRcsmAFbfYS8DlUpbf%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7dcaefac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (32033), with CRLF line terminators Size: 11896 Md5: 2b6818935cd109cfffeef9c1be632358 Sha1: 1794f2fbc5b5a99dccdc95a5f4b8ba5d90c805e6 Sha256: ece4c79978657a26246a87ccf53f02c93c19a2418eb0429bec6364d5a8027164
GET /wp-content/themes/thesimplest/assets/js/main.js?ver=1.0 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-content/themes/thesimplest/assets/js/mai (...) FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 967207e4171f4d99060ea3d708786034ccf542e678a5800c7843350d0507469d 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Cf-Bgj: minify Cf-Polished: origSize=9874 ETag: W/"62f93e74-2692" Expires: Tue, 29 Nov 2022 18:07:45 GMT Last-Modified: Sun, 14 Aug 2022 18:27:00 GMT Pragma: public CF-Cache-Status: HIT Age: 605965 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y522mDNW9flw9xZ8P5yMhqKq3gNbdxj9Yy8D25pr9BV0yy4Qi3bVx2Kclv9bgQNDyArfvyzKb9xjVjWU3ryqs7bW38nGeGRudIvKJPFu7Cz5SUxlv98LHANGwCzbLQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b7d81fb503-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (1068) Size: 2044 Md5: bbe8fa1069e339a40a4991556cad0ffa Sha1: 6eeaf6e13312703fc3f803a9fcd054d41ebe77b7 Sha256: 967207e4171f4d99060ea3d708786034ccf542e678a5800c7843350d0507469d
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 06 Nov 2022 18:27:10 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 3ebbd65a2bdd5c6f3dea5a6b99b25f0d Sha1: 484be27b25b736a7e7e2b1d5ef9760aecdcec01b Sha256: 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 12a1f191d3251cadd0fce23ca14e1a5d Sha1: a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864 Sha256: 95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 12a1f191d3251cadd0fce23ca14e1a5d Sha1: a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864 Sha256: 95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/	URL: bmindbm.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1 FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 3a372dc0de21ae3d1a2e8d08c2d38599823eb332d06f35ec1eefd1afbbbe9f12 104.21.19.28 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 06 Nov 2022 18:27:10 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT ETag: W/"62f93e6c-48b9" Expires: Fri, 02 Dec 2022 13:24:20 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public Content-Encoding: gzip CF-Cache-Status: HIT Age: 363770 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6TsKT%2BwlsWK%2Fjf%2BgRpF5qvI5xr%2Bv8q5UFiB0l0%2FjV8qKIkeOW0ZcGMtFs5WiDcXzIj4CWv3r2lK6COLYMA3eLNHk2CjvgZdBNeIWHPRHlgpvyniretUFcvB7xIvEA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1b85d24fac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (15660) Size: 5806 Md5: 9821563af79d0fbd798c5a96f11cb775 Sha1: d7ad769f21b6cdbd3602ba2512449e5febe7a2ee Sha256: 3a372dc0de21ae3d1a2e8d08c2d38599823eb332d06f35ec1eefd1afbbbe9f12
GET /gtag/js?id=UA-3299888-6 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtag/js?id=UA-3299888-6 FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 908a91aca8681b1aca894e326478838ae368c73d3d88678157d4f12e7c51e4bb 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 06 Nov 2022 18:27:10 GMT expires: Sun, 06 Nov 2022 18:27:10 GMT cache-control: private, max-age=900 last-modified: Sun, 06 Nov 2022 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 43587 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1921) Size: 43587 Md5: ff1757d91239f47107c3240fc28f15eb Sha1: df7006ee09b577337cc17cf568272811956eec9b Sha256: 908a91aca8681b1aca894e326478838ae368c73d3d88678157d4f12e7c51e4bb
GET /gtag/js?id=UA-195874698-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtag/js?id=UA-195874698-1 FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 374a7443a2ee93646eeb5e9ac2e9b68e8c5619492c7cdb740b8c99c70948b962 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 06 Nov 2022 18:27:10 GMT expires: Sun, 06 Nov 2022 18:27:10 GMT cache-control: private, max-age=900 last-modified: Sun, 06 Nov 2022 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 43608 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1921) Size: 43608 Md5: 5aee71665cb4856f4b116960846e3236 Sha1: 38ca1b20c6281065d42b06246ab2008c70a9e3e1 Sha256: 374a7443a2ee93646eeb5e9ac2e9b68e8c5619492c7cdb740b8c99c70948b962
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 3ebbd65a2bdd5c6f3dea5a6b99b25f0d Sha1: 484be27b25b736a7e7e2b1d5ef9760aecdcec01b Sha256: 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e13e65ad7f6f12300b12d6cd6936d621 Sha1: 575faf606b5c5e39e0fbbef59998bcd3625aa141 Sha256: 10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 62a8ce6a2338913103618edb2f4a9dbe Sha1: 0e0850b1aef6ed524d119a41145112b84c257687 Sha256: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 62a8ce6a2338913103618edb2f4a9dbe Sha1: 0e0850b1aef6ed524d119a41145112b84c257687 Sha256: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://bmindbm.xyz Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1x (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7816 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 02 Nov 2022 19:30:59 GMT expires: Thu, 02 Nov 2023 19:30:59 GMT cache-control: public, max-age=31536000 age: 341771 last-modified: Wed, 27 Apr 2022 16:11:40 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Size: 7816 Md5: 25b0e113ca7cce3770d542736db26368 Sha1: cb726212d5d525021752a1d8470a0fb593e0c49e Sha256: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://bmindbm.xyz Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 32900 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 02 Nov 2022 19:45:18 GMT expires: Thu, 02 Nov 2023 19:45:18 GMT cache-control: public, max-age=31536000 age: 340912 last-modified: Wed, 27 Apr 2022 15:44:11 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data Size: 32900 Md5: fda3323314d895ae39de612559f6fad9 Sha1: 644dbb14f599920fdc8f8260b6e67bd1f8770e89 Sha256: d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 62a8ce6a2338913103618edb2f4a9dbe Sha1: 0e0850b1aef6ed524d119a41145112b84c257687 Sha256: 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 25ef7cef2934de8422a9f441a8bba27548d43dd2383aba06232ef3e18e72eb1c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "25EF7CEF2934DE8422A9F441A8BBA27548D43DD2383ABA06232EF3E18E72EB1C" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14653 Expires: Sun, 06 Nov 2022 22:31:24 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d829ae70aa185df7e830d8ccc36db992 Sha1: 98be9407beddb9e0cc7fb294eb5be1576ad3ccb0 Sha256: 25ef7cef2934de8422a9f441a8bba27548d43dd2383aba06232ef3e18e72eb1c
GET /75/76/d6/7576d6897cb0ae20fcfc0ef1a1c7ef78.js HTTP/1.1 Host: contagiongrievedoasis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: contagiongrievedoasis.com/75/76/d6/7576d6897cb0ae20fcfc (...) FQDN: contagiongrievedoasis.com IP: 192.243.61.227 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.61.227 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.22.0 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /02/98/98/029898a3cf43e37661f8287ca0e4ce9a.js HTTP/1.1 Host: impressivecontinuous.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: impressivecontinuous.com/02/98/98/029898a3cf43e37661f82 (...) FQDN: impressivecontinuous.com IP: 192.243.59.20 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.59.20 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.17.9 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /58/18/a5/5818a5b2a8f68aedb1a7d80e9b60472c.js HTTP/1.1 Host: contagiongrievedoasis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: contagiongrievedoasis.com/58/18/a5/5818a5b2a8f68aedb1a7 (...) FQDN: contagiongrievedoasis.com IP: 192.243.61.227 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.61.227 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.22.0 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /328e7308c7d9b682b707448d319ed5fb/invoke.js HTTP/1.1 Host: www.effectivedisplayformat.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: www.effectivedisplayformat.com/328e7308c7d9b682b707448d (...) FQDN: www.effectivedisplayformat.com IP: 173.233.139.164 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.233.139.164 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.19.5 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8acb704495076de54ce6c49088626135a87035d0c8f70b20eb916895541c2b6a 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8ACB704495076DE54CE6C49088626135A87035D0C8F70B20EB916895541C2B6A" Last-Modified: Fri, 04 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14529 Expires: Sun, 06 Nov 2022 22:29:20 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: fa2722fe9c3162d9980047430301ffd8 Sha1: 5569a649d00bb941333c2ce64c67b53e5f1a2328 Sha256: 8acb704495076de54ce6c49088626135a87035d0c8f70b20eb916895541c2b6a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 6f2fee2fa39121115e2588e38139d01470718c3e88244f51906c739d6ada92f5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6F2FEE2FA39121115E2588E38139D01470718C3E88244F51906C739D6ADA92F5" Last-Modified: Sat, 05 Nov 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12221 Expires: Sun, 06 Nov 2022 21:50:52 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c3e4b006b7d1b802e50f752c6b307478 Sha1: 381f891ba02032af92f545f871e0021d7a0b3328 Sha256: 6f2fee2fa39121115e2588e38139d01470718c3e88244f51906c739d6ada92f5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c44c9fbc0d69987774f67eff9279a1e71669e7619b8f8efb817d0f79c9f3bf5b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C44C9FBC0D69987774F67EFF9279A1E71669E7619B8F8EFB817D0F79C9F3BF5B" Last-Modified: Sun, 06 Nov 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14458 Expires: Sun, 06 Nov 2022 22:28:09 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a4f66666b1151f9c364ca64a4b2a3054 Sha1: a8ce8e8c4416ddbee20ffb8fbdae88e27adc6f79 Sha256: c44c9fbc0d69987774f67eff9279a1e71669e7619b8f8efb817d0f79c9f3bf5b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6462 Cache-Control: max-age=145642 Date: Sun, 06 Nov 2022 18:27:11 GMT Etag: "6367792b-1d7" Expires: Tue, 08 Nov 2022 10:54:33 GMT Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d862f992e9902530594e7aca425f129b Sha1: 25b414fe833d30b52928535d659a1ee281b82e3a Sha256: 0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
GET /02/98/98/029898a3cf43e37661f8287ca0e4ce9a.js HTTP/1.1 Host: impressivecontinuous.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: impressivecontinuous.com/02/98/98/029898a3cf43e37661f82 (...) FQDN: impressivecontinuous.com IP: 192.243.59.20 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.59.20 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.17.9 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /zone?pub=0&zone_id=4018039&is_mobile=false&domain=bmindbm.xyz&var=&ymid=&var_3= HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/zone?pub=0&zone_id=4018039&is_mobile=false (...) FQDN: ibrapush.com IP: 139.45.197.250 HASH: 6088bfc314da81c6b3cedf06e986dfe1c22d866f973cf57a716c73f12d33ebe4 139.45.197.250 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 664 x-trace-id: 8d7665f7181a67d543eff21f4befd7d6 access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (663) Size: 664 Md5: 5444871228d2777e91ff0b277c00a8ad Sha1: 0c84e7b034e3a75c632ce5096747eecb75a1573a Sha256: 6088bfc314da81c6b3cedf06e986dfe1c22d866f973cf57a716c73f12d33ebe4
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4745 Cache-Control: max-age=141048 Date: Sun, 06 Nov 2022 18:27:11 GMT Etag: "63676dee-117" Expires: Tue, 08 Nov 2022 09:37:59 GMT Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: ba5d09c54b98bfc2c7b5f15103e025c4 Sha1: 4aa7eb9e5615c168c0cd80234a6c96836b6024c1 Sha256: d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT Expires: Thu, 10 Nov 2022 18:25:19 GMT Etag: "c5588f7f402a41c39405d7459367eadb893fafaf" Cache-Control: max-age=344887,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 765fe1bbeeeab4e8-OSL --- Additional Info --- Magic: data Size: 471 Md5: 4410e0283900e769c122cfbcbdbed143 Sha1: c5588f7f402a41c39405d7459367eadb893fafaf Sha256: c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4745 Cache-Control: max-age=141048 Date: Sun, 06 Nov 2022 18:27:11 GMT Etag: "63676dee-117" Expires: Tue, 08 Nov 2022 09:37:59 GMT Last-Modified: Sun, 06 Nov 2022 08:18:54 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: ba5d09c54b98bfc2c7b5f15103e025c4 Sha1: 4aa7eb9e5615c168c0cd80234a6c96836b6024c1 Sha256: d955461da6913fb1575a92808feef634015a734963f2e438ac968ba1dd69b1b7
GET /gid.js?userId=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/gid.js?userId=bbf81df1bd4b44eba4cd1d096c889c63 FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743 139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 65 access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: bbf8eb01a95f47b5fdd57e2c711f8b4f Sha1: 81147c4d10829c13c6d03438cf6556e74fda380f Sha256: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743
GET /58/18/a5/5818a5b2a8f68aedb1a7d80e9b60472c.js HTTP/1.1 Host: contagiongrievedoasis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: contagiongrievedoasis.com/58/18/a5/5818a5b2a8f68aedb1a7 (...) FQDN: contagiongrievedoasis.com IP: 192.243.61.227 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.61.227 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.22.0 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: bS5lXJh5NSDjxMEAXzdBQA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.161.6.128 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.161.6.128 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: coT22y1RG9jyE1U8HrXOowe9qgc= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: nanouwho.com/9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=- (...) FQDN: nanouwho.com IP: 139.45.197.242 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.242 HTTP/2 204 No Content server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT access-control-allow-credentials: true access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Mon, 26 Jul 1997 05:00:00 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /75/76/d6/7576d6897cb0ae20fcfc0ef1a1c7ef78.js HTTP/1.1 Host: contagiongrievedoasis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/	URL: contagiongrievedoasis.com/75/76/d6/7576d6897cb0ae20fcfc (...) FQDN: contagiongrievedoasis.com IP: 192.243.61.227 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.61.227 HTTP/1.1 403 Forbidden Content-Type: application/javascript Server: nginx/1.22.0 Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 3b524ec5ba4cdb23f5859fa31bc06ecd94546bfd31545db0f262355503d95088 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:11 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Thu, 03 Nov 2022 12:52:20 GMT Expires: Thu, 10 Nov 2022 12:52:19 GMT Etag: "8fd4984046851a3fbd44b60e5449652a5e35d831" Cache-Control: max-age=324907,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 765fe1be4b44b4e8-OSL --- Additional Info --- Magic: data Size: 472 Md5: 4a071aba7e415d8fef076431afd5cf35 Sha1: 8fd4984046851a3fbd44b60e5449652a5e35d831 Sha256: 3b524ec5ba4cdb23f5859fa31bc06ecd94546bfd31545db0f262355503d95088
GET /?rb=nr4vHIg5nk6-rYVGjLpl2K8USddLKv84A1xWzn2M5u3XDTNhxH0xMPrAkfQ4fJjwCui45wsDKv44vSljQXcr8XfyxOTjmDAC-hvg6sHA3ePbDTZ9_ZmyfFYQmxUW3o2WHwOG8v_5L2rEKf-1kbzQGDjpsDlbCKxRJOTjZqgh5ZlGE07WuTqp1MCSL1omkqAomcIe8OgBfgC53JgFk5qmSP-uurl5iBr316za-A%3D%3D&request_ab2=0&zoneid=3710289&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=533e8dab-6f5d-4d5b-a654-56dd5084d8b0&userId=bbf81df1bd4b44eba4cd1d096c889c63&m=link HTTP/1.1 Host: onmarshtompor.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive	URL: onmarshtompor.com/?rb=nr4vHIg5nk6-rYVGjLpl2K8USddLKv84A (...) FQDN: onmarshtompor.com IP: 139.45.197.243 HASH: 3771a7d61bef1cfb869e71df919c9b15cf5ba52bcad14982d124cd13c634950a 139.45.197.243 HTTP/1.1 200 OK Content-Type: application/json Server: nginx Date: Sun, 06 Nov 2022 18:27:11 GMT Transfer-Encoding: chunked Connection: keep-alive X-Trace-Id: 2fff0691fce4cd2f88d32b42f8ee130b Access-Control-Allow-Origin: http://bmindbm.xyz Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding Access-Control-Max-Age: 86400 Pragma: no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT Set-Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/ oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/ syncedCookie=true; expires=Sun, 13 Nov 2022 18:27:11 GMT; path=/ Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff Timing-Allow-Origin: , Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (2411), with no line terminators Size: 1862 Md5: 73693b8c9c743d85e47e26483233c590 Sha1: 93f489a5cfe8d36f21986194140547c02a0997a5 Sha256: 3771a7d61bef1cfb869e71df919c9b15cf5ba52bcad14982d124cd13c634950a
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 Host: fleraprt.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 915 Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aa (...) FQDN: fleraprt.com IP: 139.45.195.254 HASH: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed 139.45.195.254 HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Server: nginx/1.19.10 Date: Sun, 06 Nov 2022 18:27:14 GMT Content-Length: 12 Connection: keep-alive Access-Control-Allow-Origin: http://bmindbm.xyz Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Access-Control-Allow-Credentials: true --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: adb4650bfc9d2a73d4dd69583b0ceb14 Sha1: 1ce399d6e936232aaf2192cd7903a279c5015f22 Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed Alerts: Blocklists: - quad9: Sinkholed
OPTIONS /custom HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/custom FQDN: ibrapush.com IP: 139.45.197.250 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.250 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 0 access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gid.js?pub=0&userId=b2183cd79d3145cf9c8ea616db8aadf0&zoneId=4018039&checkDuplicate=true&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: my.rtmark.net/gid.js?pub=0&userId=b2183cd79d3145cf9c8ea (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743 139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 65 access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: bbf8eb01a95f47b5fdd57e2c711f8b4f Sha1: 81147c4d10829c13c6d03438cf6556e74fda380f Sha256: 3d9de9de33574838aa4b3d3de92b1cd6c3c098cb5affa0002a01b39f245ae743
POST /custom HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Content-Type: application/json Origin: http://bmindbm.xyz Content-Length: 384 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/custom FQDN: ibrapush.com IP: 139.45.197.250 HASH: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 139.45.197.250 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 39 x-trace-id: 885966ebbef40352123000351bf82f34 access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 39 Md5: 058b158c2be925f556454ef762d93538 Sha1: cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
OPTIONS /500/3710287?excludes=&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: content-type Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: betotodilea.com/500/3710287?excludes=&oaid=bbf81df1bd4b (...) FQDN: betotodilea.com IP: 139.45.197.237 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.237 HTTP/2 200 OK server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 0 allow: GET, OPTIONS vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-allow-credentials: true access-control-max-age: 600 strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /channels/hd/SCCfwxq.png HTTP/1.1 Host: v4.sportsonline.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/channels/hd/hd8.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: v4.sportsonline.to/channels/hd/SCCfwxq.png FQDN: v4.sportsonline.to IP: 104.21.8.62 HASH: ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7 104.21.8.62 HTTP/2 200 OK content-type: image/png date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 1220 last-modified: Tue, 07 Dec 2021 14:48:18 GMT etag: "61af7432-4c4" cache-control: max-age=14400 cf-cache-status: HIT age: 2009 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YjyYI%2BtvFnYF%2F0h%2BNvpIs4kHor5r1WV5TVnz0aSkeYTKmCOzXV9hJSZPKcOR771P8BvSFA5USrBd8uneKaBqEbvJ2GmqBFKmO7XQFM4QrNsAtP13aEkKpiIpZ8QmmF7Zzv2LYo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1bf38e8b4fa-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 588 x 454, 8-bit colormap, non-interlaced\012- data Size: 1220 Md5: 613678c01b1604d5cd1e515517e095a1 Sha1: cb306e19705d9e1da2aa1487283b7f9f69ad330a Sha256: ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
GET /channels/hd/hd8.php HTTP/1.1 Host: v4.sportsonline.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: v4.sportsonline.to/channels/hd/hd8.php FQDN: v4.sportsonline.to IP: 104.21.8.62 HASH: a1d70dffce2da0ff14b649281a607986f50c1e20234ec601d6ba2a18a08b2e96 104.21.8.62 HTTP/2 200 OK content-type: text/html date: Sun, 06 Nov 2022 18:27:11 GMT x-powered-by: PHP/5.4.16 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtaGQUN8j1wu%2BIK9nsxwO4oTmhOBBiriwii%2BGGGQP22GtdtgluviTsw%2FWY9l4eKNyf%2Fb%2Fr5LS0yKgMPfyILiLw92Y31kIAwPbAKfd7aGVdCY0PkcJgG8GkjR9ArsTmXJfkwdP4E%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 765fe1bddeadb4fa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (822), with CRLF, LF line terminators Size: 44829 Md5: f5cb3b67a01e111d5457d6a6755d567c Sha1: 154b140eeb7d78576172dfb403088da080f1a253 Sha256: a1d70dffce2da0ff14b649281a607986f50c1e20234ec601d6ba2a18a08b2e96 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: b1d2591120cc8dcfa875ceab5051e309732c91f48d14813fb2c27c97efbfbea5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "B1D2591120CC8DCFA875CEAB5051E309732C91F48D14813FB2C27C97EFBFBEA5" Last-Modified: Fri, 04 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16424 Expires: Sun, 06 Nov 2022 23:00:55 GMT Date: Sun, 06 Nov 2022 18:27:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 38a5093645f105281de3d64902cd14f1 Sha1: 068ce21260b149ed9dd7874e2722504f8e5fce66 Sha256: b1d2591120cc8dcfa875ceab5051e309732c91f48d14813fb2c27c97efbfbea5
GET /11?rnd=752090860&z=3710288&b=15546894&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=RgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6&ruid=ee5dc45b-72b4-42be-a647-3abe15f0f0c9&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=202 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: scm=1; OAID=bbf81df1bd4b44eba4cd1d096c889c63; oaidts=1667759231 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: nanouwho.com/11?rnd=752090860&z=3710288&b=15546894&var= (...) FQDN: nanouwho.com IP: 139.45.197.242 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.242 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT content-length: 0 access-control-allow-credentials: true access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION x-trace-id: b3580227fcabb9be992e99522e275f0e access-control-expose-headers: X-Sc set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Mon, 26 Jul 1997 05:00:00 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f305998ae454490cdc7d7ec0eb2e37aa8faf7d3906ede594d2e4d4992b842089 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F305998AE454490CDC7D7EC0EB2E37AA8FAF7D3906EDE594D2E4D4992B842089" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5077 Expires: Sun, 06 Nov 2022 19:51:49 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 44c33f02caf3a658625634ab910d6ad5 Sha1: 0920255a89a3ac5300a9dbef97dc5067f1349548 Sha256: f305998ae454490cdc7d7ec0eb2e37aa8faf7d3906ede594d2e4d4992b842089
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: b1d2591120cc8dcfa875ceab5051e309732c91f48d14813fb2c27c97efbfbea5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "B1D2591120CC8DCFA875CEAB5051E309732C91F48D14813FB2C27C97EFBFBEA5" Last-Modified: Fri, 04 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16423 Expires: Sun, 06 Nov 2022 23:00:55 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 38a5093645f105281de3d64902cd14f1 Sha1: 068ce21260b149ed9dd7874e2722504f8e5fce66 Sha256: b1d2591120cc8dcfa875ceab5051e309732c91f48d14813fb2c27c97efbfbea5
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 142.250.74.174 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Sun, 06 Nov 2022 16:41:09 GMT expires: Sun, 06 Nov 2022 18:41:09 GMT cache-control: public, max-age=7200 age: 6363 last-modified: Tue, 27 Sep 2022 22:01:05 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
POST /j/collect?v=1&_v=j98&a=1064186128&t=pageview&_s=1&dl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&ul=en-us&de=UTF-8&dt=Live%20Streams&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=911986759&gjid=254733466&cid=951940522.1667759230&tid=UA-195874698-1&_gid=822534487.1667759230&_r=1&gtm=2oub20&z=100589385 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.google-analytics.com/j/collect?v=1&_v=j98&a=1064186 (...) FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b 142.250.74.174 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: http://bmindbm.xyz date: Sun, 06 Nov 2022 18:27:12 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: very short file (no magic) Size: 1 Md5: c4ca4238a0b923820dcc509a6f75849b Sha1: 356a192b7913b04c54574d18c28d46e6395428ab Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1064186128&t=pageview&_s=1&dl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&ul=en-us&de=UTF-8&dt=Live%20Streams&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=289599453&gjid=413045313&cid=951940522.1667759230&tid=UA-3299888-6&_gid=822534487.1667759230&_r=1&gtm=2oub20&z=667681429 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.google-analytics.com/j/collect?v=1&_v=j98&a=1064186 (...) FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b 142.250.74.174 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: http://bmindbm.xyz date: Sun, 06 Nov 2022 18:27:12 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: very short file (no magic) Size: 1 Md5: c4ca4238a0b923820dcc509a6f75849b Sha1: 356a192b7913b04c54574d18c28d46e6395428ab Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /favicon.ico HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/ Cookie: prefetchAd_3710289=true	URL: bmindbm.xyz/favicon.ico FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.19.28 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Date: Sun, 06 Nov 2022 18:27:12 GMT Transfer-Encoding: chunked Connection: keep-alive Link: <http://bmindbm.xyz/wp-json/>; rel="https://api.w.org/" X-Redirect-By: WordPress Location: http://bmindbm.xyz/wp-includes/images/w-logo-blue-white-bg.png X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN CF-Cache-Status: BYPASS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bH8rz29mjWwSNx3Y1o1XYEElRJ6%2F%2FNzAYaDs3SmgzX5BlaxC7ctNxcNb%2FX%2FZfh844BIcRESd8S0Jhn%2FOyolVLGmbgwhMrypXo7wG4Qkc3Esw1AQVfUZajPJoL145Cw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1c03ba1fac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 Host: bmindbm.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://bmindbm.xyz/live/20/31/06/12/11/79095/ Connection: keep-alive Cookie: prefetchAd_3710289=true; _ga=GA1.2.951940522.1667759230; _gid=GA1.2.822534487.1667759230; _gat_gtag_UA_195874698_1=1; _gat_gtag_UA_3299888_6=1	URL: bmindbm.xyz/wp-includes/images/w-logo-blue-white-bg.png FQDN: bmindbm.xyz IP: 104.21.19.28 HASH: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0 104.21.19.28 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 06 Nov 2022 18:27:12 GMT Content-Length: 4119 Connection: keep-alive Last-Modified: Sun, 14 Aug 2022 18:26:52 GMT ETag: "62f93e6c-1017" Expires: Fri, 02 Dec 2022 17:37:48 GMT Cache-Control: public, max-age=2592000, must-revalidate, proxy-revalidate Pragma: public CF-Cache-Status: HIT Age: 348564 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzDlu0w%2FH%2BhFC0Nq6pKsRDQ%2FxY1xg2eKWQIuv%2B2EcWgqFHRmKid3A9hltPjUthA3g0Zry%2FfmNrHV4Ds%2F6SLrZzfWrusn0kjFfDbyaVYKC5mBkDlmRafVMf31%2BD96BA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 765fe1c0dc11fac4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data Size: 4119 Md5: 000bf649cc8f6bf27cfb04d1bcdcd3c7 Sha1: d73d2f6d74ec6cdcbae07955592962e77d8ae814 Sha256: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /contents/s/8f/25/bf/cd54db1f16f90ef0c18d8e5b25/01459783680084.jpeg HTTP/1.1 Host: interstitial-07.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://interstitial-07.com/?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: interstitial-07.com/contents/s/8f/25/bf/cd54db1f16f90ef (...) FQDN: interstitial-07.com IP: 139.45.197.155 HASH: f00d8792dc35cf10580800aa00ebea0307bb01e092fe8c7b3778ef3cec8b4319 139.45.197.155 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT content-length: 13048 last-modified: Tue, 24 May 2022 07:29:00 GMT etag: "628c893c-32f8" access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS, HEAD access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Size: 13048 Md5: 8f25bfcd54db1f16f90ef0c18d8e5b25 Sha1: 1f4688ac5f49c88996b19a53f52b5baa4f45d27d Sha256: f00d8792dc35cf10580800aa00ebea0307bb01e092fe8c7b3778ef3cec8b4319
POST /custom HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Content-Type: application/json Origin: http://bmindbm.xyz Content-Length: 381 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/custom FQDN: ibrapush.com IP: 139.45.197.250 HASH: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 139.45.197.250 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT content-length: 39 x-trace-id: e3fe838dbf2ebf4134261b9c46031c5c access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 39 Md5: 058b158c2be925f556454ef762d93538 Sha1: cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /s/gts1p5/5UFbpcA-Z6Q HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/5UFbpcA-Z6Q FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: fa02565d8acd352c734cae98e973bfb85e375ed52ee8e973f5d1330795bf2560 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:12 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 886e15ec7a7808bc00138c509146fe5a Sha1: 9a42ef2fbcc2c74d86780423e65a30490ce40d58 Sha256: fa02565d8acd352c734cae98e973bfb85e375ed52ee8e973f5d1330795bf2560
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 1b2f8bd8d4b8bf78bfd6b06130ecbf660615ce661d707e2ffbc47fdf5e412713 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1B2F8BD8D4B8BF78BFD6B06130ECBF660615CE661D707E2FFBC47FDF5E412713" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14550 Expires: Sun, 06 Nov 2022 22:29:42 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 713632026d35f2489cfe21c67fb93853 Sha1: 85b9a635baaf233646da5475f57f57ee890e6c10 Sha256: 1b2f8bd8d4b8bf78bfd6b06130ecbf660615ce661d707e2ffbc47fdf5e412713
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 0b3670f73de693ca96230e12e55b0d6e9e0b39f15732628f408ac878ec34a912 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:12 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 05 Nov 2022 17:22:25 GMT Expires: Sat, 12 Nov 2022 17:22:24 GMT Etag: "46f025a99cc797a410a3411ae82fb96d943d01c2" Cache-Control: max-age=513911,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 765fe1c05f1bb4e8-OSL --- Additional Info --- Magic: data Size: 471 Md5: bed0bea1351b333b8f15b0dfcdee2334 Sha1: 46f025a99cc797a410a3411ae82fb96d943d01c2 Sha256: 0b3670f73de693ca96230e12e55b0d6e9e0b39f15732628f408ac878ec34a912
GET /contents/s/54/dd/f5/e95e60ab935e545b50ffa002ca/0975276558731.jpeg HTTP/1.1 Host: interstitial-07.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://interstitial-07.com/?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: interstitial-07.com/contents/s/54/dd/f5/e95e60ab935e545 (...) FQDN: interstitial-07.com IP: 139.45.197.155 HASH: ea65923ca842ba0f5c9f6cf90659f8ebc651275dc24de3c061ea60e78ca1714f 139.45.197.155 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT content-length: 54176 last-modified: Thu, 16 Dec 2021 06:39:29 GMT etag: "61badf21-d3a0" access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS, HEAD access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data Size: 54176 Md5: 54ddf5e95e60ab935e545b50ffa002ca Sha1: 4285c9c5481ad2d0cc0f87cc05d3e0810d29573a Sha256: ea65923ca842ba0f5c9f6cf90659f8ebc651275dc24de3c061ea60e78ca1714f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 1e2b21e78097bc07ca4fb3a1318bd36d7bc2a58e811b21956c83f4dfe31ec32e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4344 Cache-Control: max-age=111122 Date: Sun, 06 Nov 2022 18:27:12 GMT Etag: "6366fa9a-118" Expires: Tue, 08 Nov 2022 01:19:14 GMT Last-Modified: Sun, 06 Nov 2022 00:06:50 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 267a98361564c46b0f733ce567024f33 Sha1: 4bbd52ee36fcf08cc0b13a18443e67d9700d0d61 Sha256: 1e2b21e78097bc07ca4fb3a1318bd36d7bc2a58e811b21956c83f4dfe31ec32e
GET /script/bootstrap.js HTTP/1.1 Host: superfastcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: superfastcdn.com/script/bootstrap.js FQDN: superfastcdn.com IP: 172.64.166.4 HASH: ad8ce50a4860bae5b6a35fed5cc785246ba918ef59d857c654da4010b1834d6d 172.64.166.4 HTTP/2 200 OK content-type: application/javascript date: Sun, 06 Nov 2022 18:27:11 GMT x-guploader-uploadid: ADPycdvD2aV0vhAfm60SW0Z3KK4sh4pPps0G-9mhbxVaxUs84UEQMhHFmvZkfDWNnm8gCTW04hmXAsP8_nRKiXjgYv8rNQ x-goog-generation: 1662626315119008 x-goog-metageneration: 2 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 100523 x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA== x-goog-storage-class: MULTI_REGIONAL access-control-allow-origin: * expires: Sun, 06 Nov 2022 18:36:50 GMT cache-control: public, max-age=14400 last-modified: Thu, 08 Sep 2022 08:38:35 GMT etag: W/"90a406e7c114cb9cbdbd171d8282e224" age: 2676 alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: HIT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn%2FdR7W59LwhIAcYfFfwRNc7tGXILcwCG%2Fu8YScYPzdOI4CsX5nBRNq2OvWRQ0RKtsNEeo0vNnhqFJo1doSOkpgRHvXXU3Q23gYJD56qE3Sbug3eB7QPA%2Fke2qedu9r2O5Fn"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1bfcb457756-LHR content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators Size: 43790 Md5: 86862f00fabac54f7ee1a6b5059b6460 Sha1: b3c01213fa48750a92ff7401ab9b15001e1048bb Sha256: ad8ce50a4860bae5b6a35fed5cc785246ba918ef59d857c654da4010b1834d6d
GET /1?z=3710288 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: nanouwho.com/1?z=3710288 FQDN: nanouwho.com IP: 139.45.197.242 HASH: 6089746af3519c66903567f449ccacc4a082cad225c5dafb48075c60f2f1e68c 139.45.197.242 HTTP/2 200 OK content-type: text/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT access-control-allow-credentials: true access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION x-trace-id: 2d134030be568a09da9310b03c90adcd access-control-expose-headers: X-Sc x-sc: Z51PlDrEfVAjxhL89zugYYTTOmdAVgxRe4OrCrYAd-3LLNdDBiX5xQWKhrdiDnxNSt0BO_dZ9tUdmw0Kb0La0Z1O02w= set-cookie: scm=1; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None OAID=dee55ce7c87b4c8e9ed45322bbce0a90; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (52034) Size: 22887 Md5: 396bd35732123ac1de829b4bc2daf998 Sha1: a749d1626ac6a4d3515350db579becd376c4d931 Sha256: 6089746af3519c66903567f449ccacc4a082cad225c5dafb48075c60f2f1e68c Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 53b3098394c77dc3d70a8cfe8ad8ea212cf53f23d86ee05bdbb4e23ef89d8a4b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4848 Cache-Control: max-age=144376 Date: Sun, 06 Nov 2022 18:27:12 GMT Etag: "63677a88-117" Expires: Tue, 08 Nov 2022 10:33:28 GMT Last-Modified: Sun, 06 Nov 2022 09:12:40 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 906ad6633e4cacb1290bee346a14b796 Sha1: 096cf59525697fa79410c0bc0a69bbc64267bcca Sha256: 53b3098394c77dc3d70a8cfe8ad8ea212cf53f23d86ee05bdbb4e23ef89d8a4b
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://y0k2w0p9cl84r1.constraindefiant.net Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 579063c6a41623745b26ac24092d6b0583d09f4cce70fbb9a163311a3ca7723c 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23580 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 01 Nov 2022 17:10:21 GMT expires: Wed, 01 Nov 2023 17:10:21 GMT cache-control: public, max-age=31536000 age: 436611 last-modified: Tue, 26 Apr 2022 15:48:56 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: gzip compressed data, max compression\012- data Size: 23948 Md5: 813a509ab98f1261d5397479dea5867d Sha1: 2e212243ed3d87e260cbd5ba3e226806c926ce17 Sha256: 579063c6a41623745b26ac24092d6b0583d09f4cce70fbb9a163311a3ca7723c
GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js FQDN: cdn.jsdelivr.net IP: 151.101.85.229 HASH: d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf 151.101.85.229 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=604800, s-maxage=43200 cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload x-jsd-version: 0.3.13 x-jsd-version-type: version etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk" content-encoding: gzip accept-ranges: bytes date: Sun, 06 Nov 2022 18:27:12 GMT age: 8144 x-served-by: cache-fra19182-FRA, cache-bma1645-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 141142 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 141142 Md5: 7e7fdfacdb1943ea810449001d165a53 Sha1: fc230e8b4a933497a2da4a783574a5b07b889a7e Sha256: d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b25e903d88c0be0ee2385f8dcaf9819a90e6871f1aa4f3ebfe892904a91a788f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6398 Cache-Control: max-age=133702 Date: Sun, 06 Nov 2022 18:27:12 GMT Etag: "63674ac8-117" Expires: Tue, 08 Nov 2022 07:35:34 GMT Last-Modified: Sun, 06 Nov 2022 05:48:56 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: ff160c83fab10ace82563deed6b5d497 Sha1: f9d318d9e09ab98dbf478887321cc8cb704cfbee Sha256: b25e903d88c0be0ee2385f8dcaf9819a90e6871f1aa4f3ebfe892904a91a788f
POST /s/gts1p5/5UFbpcA-Z6Q HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/5UFbpcA-Z6Q FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: fa02565d8acd352c734cae98e973bfb85e375ed52ee8e973f5d1330795bf2560 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:12 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 886e15ec7a7808bc00138c509146fe5a Sha1: 9a42ef2fbcc2c74d86780423e65a30490ce40d58 Sha256: fa02565d8acd352c734cae98e973bfb85e375ed52ee8e973f5d1330795bf2560
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 53b3098394c77dc3d70a8cfe8ad8ea212cf53f23d86ee05bdbb4e23ef89d8a4b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4848 Cache-Control: max-age=144376 Date: Sun, 06 Nov 2022 18:27:12 GMT Etag: "63677a88-117" Expires: Tue, 08 Nov 2022 10:33:28 GMT Last-Modified: Sun, 06 Nov 2022 09:12:40 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 906ad6633e4cacb1290bee346a14b796 Sha1: 096cf59525697fa79410c0bc0a69bbc64267bcca Sha256: 53b3098394c77dc3d70a8cfe8ad8ea212cf53f23d86ee05bdbb4e23ef89d8a4b
GET /js/plausible.js HTTP/1.1 Host: awstats.cloud User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: awstats.cloud/js/plausible.js FQDN: awstats.cloud IP: 172.67.168.34 HASH: 4df4d373e066c6e8f08b3639e95047af25e344c2204f321c5f41e22b0df42b5c 172.67.168.34 HTTP/2 200 OK content-type: application/javascript date: Sun, 06 Nov 2022 18:27:12 GMT access-control-allow-origin: * cache-control: max-age=0, private, must-revalidate cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cf-cache-status: BYPASS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jkIlpIjwQ4%2BZ8%2FS%2BU7yJ%2Fad18s2KH%2BchMH3J9uguvXy9EyWRw1Js3qPBJhBGAqj%2BdcFXS6QPevRToRBHPiLKym5bOLD3zHbVYpT5eHqBEJmTpSIVl4IIgJJMc%2FO9Yt2"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c24bb4b51e-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1332), with no line terminators Size: 697 Md5: ec64ae3b22c7f1ecc262349f5d4f46fd Sha1: bc6cb0caa60c0df8f837da905de991e61a6d07ee Sha256: 4df4d373e066c6e8f08b3639e95047af25e344c2204f321c5f41e22b0df42b5c
GET /draw/?w=colored&n=68600&c=000000ffffff&p=left HTTP/1.1 Host: widgets.amung.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://v4.sportsonline.to/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: widgets.amung.us/draw/?w=colored&n=68600&c=000000ffffff (...) FQDN: widgets.amung.us IP: 104.22.75.171 HASH: 3195f43661dc876aa5f8b41c8f7b3d12787bb613c07036009a7eb717cfaa15d9 104.22.75.171 HTTP/2 200 OK content-type: image/png date: Sun, 06 Nov 2022 18:27:12 GMT content-disposition: filename=wau-widget.png expires: Sun, 06 Nov 2022 15:05:06 GMT cache-control: max-age=2678400 access-control-allow-origin: * cf-cache-status: HIT age: 98526 last-modified: Sat, 05 Nov 2022 15:05:06 GMT vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c28b1398ea-ARN X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data Size: 1801 Md5: ee72972ca6daf251213b7c8157d743f6 Sha1: 6447b1e6580131c50d0a1b1fb2bf1f29f0769d2e Sha256: 3195f43661dc876aa5f8b41c8f7b3d12787bb613c07036009a7eb717cfaa15d9
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 0b3670f73de693ca96230e12e55b0d6e9e0b39f15732628f408ac878ec34a912 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 06 Nov 2022 18:27:12 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 05 Nov 2022 17:22:25 GMT Expires: Sat, 12 Nov 2022 17:22:24 GMT Etag: "46f025a99cc797a410a3411ae82fb96d943d01c2" Cache-Control: max-age=513911,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 765fe1c2fbfbb4e8-OSL --- Additional Info --- Magic: data Size: 471 Md5: bed0bea1351b333b8f15b0dfcdee2334 Sha1: 46f025a99cc797a410a3411ae82fb96d943d01c2 Sha256: 0b3670f73de693ca96230e12e55b0d6e9e0b39f15732628f408ac878ec34a912
POST /api/event HTTP/1.1 Host: awstats.cloud User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 142 Origin: https://y0k2w0p9cl84r1.constraindefiant.net Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: awstats.cloud/api/event FQDN: awstats.cloud IP: 172.67.168.34 HASH: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df 172.67.168.34 HTTP/2 202 Accepted content-type: text/plain; charset=utf-8 date: Sun, 06 Nov 2022 18:27:12 GMT content-length: 2 access-control-allow-credentials: true access-control-allow-origin: * access-control-expose-headers: cache-control: max-age=0, private, must-revalidate x-request-id: FyUSL5ouFgwhmqEJyu8C cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwZC%2BgONa9JwW9Kg4K3M4S%2Bcwicf0F0BmuSmSiJvJ8YMuANqCgy%2Bt%2BCGKjeBkd9q1bvf9IvpNkfiGFkEs5kZKBigBw3UHrlclnCJsVNSFUCN9gpf%2Bsw494mBCfQJdg%2BO"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 765fe1c3fc7efab4-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 2 Md5: 444bcb3a3fcf8389296c49467f27e1d6 Sha1: 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B" Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14368 Expires: Sun, 06 Nov 2022 22:26:40 GMT Date: Sun, 06 Nov 2022 18:27:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bf1a5e65cd048b761eac5cb0b52048a Sha1: f64cface851717dee160a5c6fad975cc34fe4cd2 Sha256: 8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c5ab703f075f9db9886de7291febcc97660c04ac26f52274ef658906dff3a161 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10462 x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bF_38GKXoAMFwSA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0 x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Sun, 06 Nov 2022 06:27:59 GMT age: 43153 etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 35713 Md5: 57ed505edc17c291483ad0ff920922aa Sha1: 80d44ca67ea33354b43158a52c0cd430467fc967 Sha256: c5ab703f075f9db9886de7291febcc97660c04ac26f52274ef658906dff3a161
GET /?l=71sWHexfeDo0wps&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D310132807%26z%3D3710288%26b%3D15546894%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DRgIiFQzN4aNixqrlCh_0-yOmpBdfmdTrh6VNNMbOP8OLwSPG34XSQn8YXHjgwLSFpbnNwf6yFwjW-0izsEb2NxBdn9CA2ya2Zs7Uqeg0x-aoSLlNI5iUOgrVzdw927eErIS1YbwKwkeN_ktg8VElAc-PAs8PPWQlSaNV6YZ8oJeGRdxylbIWvJcJPm4PzHMXsKdc5NR0kdwyIKgS-RtK7hUxERqW6XBWxucBnSlLZfaOrEfw_HrJtAf4rULDeYVYyXtD0xCjK10wZWdmAlo0DggUrL8UfHK72bB1zzY28ySz0QgeNblCgKGIlsX3NeUPgE-tU6keBAc9UHMZ-mWSvf5X8qxktLFhv6j8aex1JeHUv68XovsP7bjgI-Waz3DgezptgRfMlkTQBvWhhEHqYC2XJqeOdIDEhFYHrdU5uTe4HphcTmivp1QxrqSrS-sEyESo5tMc94RAfjZfb6xx1tiG8rH8xnL2KTsmC2lWEhZYbYuKE8HymPsiHhgzUPHiTqypxEXznlcEuav45JwIjhNYqMFeYmG-9bAPSmGQ5Ih3_qpm_6qeVznhDz2Gsz_V2nBDSizrE8CfqfSKtRBsh56gGcrlo6hUqvXSimWxYwBYofED1e7fgzQC6pk4s6gSpERkNtU7IO1mxdW6%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3Dee5dc45b-72b4-42be-a647-3abe15f0f0c9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fbmindbm.xyz%252Flive%252F20%252F31%252F06%252F12%252F11%252F79095%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 HTTP/1.1 Host: interstitial-07.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: interstitial-07.com/?l=71sWHexfeDo0wps&cd_meta_crid=505 (...) FQDN: interstitial-07.com IP: 139.45.197.155 HASH: 696ba2a279691495a13e763b6adb8ad9327a1b2e9a6fc141793bc889d4b4579e 139.45.197.155 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT vary: Accept-Encoding x-powered-by: PHP/7.4.27 set-cookie: reverse=g3oUi_oOoT0layDpNOcY58i_2EXeLZlLYqX6Aw4tYw8; expires=Sun, 06-Nov-2022 19:27:12 GMT; Max-Age=3600; path=/ access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS, HEAD access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 43124 Md5: 9979d5b925cfc1cb055d2aa654fae572 Sha1: 4ad9bfab769e830af5af5d8251993d0ea36a9c2c Sha256: 696ba2a279691495a13e763b6adb8ad9327a1b2e9a6fc141793bc889d4b4579e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8309 x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bJbgwH23IAMF3kA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0 x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: JK-yLq7PeMFrcv4opjTjHprEUQ8IIBuHPzhz0ttxQx9GYdBY1EauBA== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Sat, 05 Nov 2022 22:17:07 GMT age: 72605 etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8309 Md5: 3929fb3c2f0dad9409e9b247ab891518 Sha1: b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28 Sha256: 64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /5/3710289/?oo=1&js_build=iclick-v1.447.0 HTTP/1.1 Host: bedrapiona.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: bedrapiona.com/5/3710289/?oo=1&js_build=iclick-v1.447.0 FQDN: bedrapiona.com IP: 139.45.197.234 HASH: 3d427e2b7e4c139e60c0f6f0d6fffd0b4b737c3511b3212c16abfc35015eb6c5 139.45.197.234 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT x-trace-id: 105419385caf46a5d91457f0709c1d26 link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-max-age: 86400 timing-allow-origin: * set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT pragma: no-cache, no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 13471 Md5: 4c67f200a2fcbb3ef1b94cfe64a0db3e Sha1: 84931bf1de03349b356bcecc74fc3cc7f0227bae Sha256: 3d427e2b7e4c139e60c0f6f0d6fffd0b4b737c3511b3212c16abfc35015eb6c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14415 x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bJabgHcMoAMFTLg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0 x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google date: Sat, 05 Nov 2022 22:12:38 GMT age: 72874 etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14415 Md5: fa77f05b1af971db287607d9d9a30e0f Sha1: 276f1493d6da74c8fa3ef83dee77bf48850ff4b4 Sha256: 005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7573 x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bDkhGHmjoAMFxxQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0 x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google date: Sun, 06 Nov 2022 05:31:43 GMT age: 46529 etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7573 Md5: b18a8c9f5539ce33476f843f5811e01d Sha1: 11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b Sha256: fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
POST /custom HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Content-Type: application/json Origin: http://bmindbm.xyz Content-Length: 620 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/custom FQDN: ibrapush.com IP: 139.45.197.250 HASH: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 139.45.197.250 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Sun, 06 Nov 2022 18:27:13 GMT content-length: 39 x-trace-id: 5bf90ebcca75c768fe897aa9a9750f88 access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 39 Md5: 058b158c2be925f556454ef762d93538 Sha1: cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
GET /impression/nHUZ_oJdrxxAQy65hv3sc2mbxfQTp55HPF9v9oXIw12fhVAPQQ65dUiZ4PEXBAkwGizFkJD3lUGRIRsxu1Nx0soBYpwchu2HAGdzYI4xcYOptEwHzjqCiyrqi5qeiG79Uh89z1PuflRksUIlQASzEfpRPlzbnB44EAyZjNA7mcVFjqMQ_d_30UzWpt15SGaCOfVRe9Ftx1YLJohC-D7A99W-tfQfdJYsDAnJT62yjCDA76aGfoLssbRFw1Z8m6NRKoIIZlMs2-EAy1-LIL4aATakMlGy3_XLZE5QHQfy8UhBvHjpwIr8p52jNXJ7SQyrb_Y22x0IKtE-vM6rWkOaqrjukGn5bnLUXX4BkzK5Ea0oK9Lb7dbPAkifRJucFNjXHRFi3gW1HKfMihRLk3dnT8EQgp5joXUAiyyYyU9JYhC3cBVfq9bqhs28mS_f9GMOblhc4WROCystdhweXGGbO8FgO7xLG3NFMdAu2tfDABSpvXWg94Z4PuZ2f7AcACI0aLUZ1RycUYTFZvdu0OOk8ngvLFO9LiULqUYkR8oxD4tcfm3iHwAn92ScAAzWZj2fXaybJ9rnyEmHHUQSMoyaAK3SVUw=?_z=3710287&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: betotodilea.com/impression/nHUZ_oJdrxxAQy65hv3sc2mbxfQT (...) FQDN: betotodilea.com IP: 139.45.197.237 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.197.237 HTTP/2 200 OK content-type: image/gif server: nginx date: Sun, 06 Nov 2022 18:27:16 GMT content-length: 43 x-trace-id: a9c9cfccf409ef7158cef7286d8cca21 expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache vary: Origin access-control-allow-origin: * access-control-expose-headers: Link access-control-allow-credentials: true strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Alerts: Blocklists: - quad9: Sinkholed
OPTIONS /500/3710287?excludes=15561156&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: content-type Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: betotodilea.com/500/3710287?excludes=15561156&oaid=bbf8 (...) FQDN: betotodilea.com IP: 139.45.197.237 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.237 HTTP/2 200 OK server: nginx date: Sun, 06 Nov 2022 18:27:16 GMT content-length: 0 allow: GET, OPTIONS vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-allow-credentials: true access-control-max-age: 600 strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /500/3710287?excludes=15561156&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: betotodilea.com/500/3710287?excludes=15561156&oaid=bbf8 (...) FQDN: betotodilea.com IP: 139.45.197.237 HASH: 98e528698516dbc7064d30f7aa05cf7ae6206307a37b532be32631c20349bd05 139.45.197.237 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:17 GMT x-trace-id: 07d5a7512b992a4350df72581e5fab64 expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache vary: Origin access-control-allow-origin: http://bmindbm.xyz access-control-expose-headers: Link access-control-allow-credentials: true set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:16 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 44323 Md5: 4d58b3534284bf776db66b7ace3548f2 Sha1: f91db3d9d217e466d99766253873c6ee1397143b Sha256: 98e528698516dbc7064d30f7aa05cf7ae6206307a37b532be32631c20349bd05 Alerts: Blocklists: - quad9: Sinkholed
GET /draw/?w=colored&n=279000&c=000000ffffff&p=left HTTP/1.1 Host: widgets.amung.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: widgets.amung.us/draw/?w=colored&n=279000&c=000000fffff (...) FQDN: widgets.amung.us IP: 104.22.75.171 104.22.75.171 HTTP/2 200 OK content-type: image/png date: Sun, 06 Nov 2022 18:27:13 GMT content-disposition: filename=wau-widget.png expires: Mon, 07 Nov 2022 17:39:00 GMT cache-control: max-age=2678400 access-control-allow-origin: * cf-cache-status: HIT age: 2893 last-modified: Sun, 06 Nov 2022 17:39:00 GMT vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c6581e98ea-ARN X-Firefox-Spdy: h2 --- Additional Info ---
GET /27/b10314e887d309db18535b2593bd9514 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: scm=1; OAID=dee55ce7c87b4c8e9ed45322bbce0a90; oaidts=1667759231 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: nanouwho.com/27/b10314e887d309db18535b2593bd9514 FQDN: nanouwho.com IP: 139.45.197.242 139.45.197.242 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT access-control-allow-credentials: true access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION cache-control: max-age:290304000, public last-modified: Thu, 20 Oct 2022 04:50:21 GMT expires: Thu, 19 Nov 2082 04:50:21 GMT strict-transport-security: max-age=1 x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
GET /stattag.js HTTP/1.1 Host: tzegilo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: tzegilo.com/stattag.js FQDN: tzegilo.com IP: 104.21.84.149 104.21.84.149 HTTP/2 200 OK content-type: application/javascript date: Sun, 06 Nov 2022 18:27:11 GMT last-modified: Tue, 18 Oct 2022 14:05:58 GMT etag: W/"634eb2c6-32d9" link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin cache-control: max-age=14400 cf-cache-status: HIT age: 3854 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6ONRmUF%2FqufrRabeiu2MZ3HQXaFvS5Nvy844yGYBDbCDfJ6ZRkOYyMtJvC64CdjME7APVzrarN2fG7j%2FaFV%2FSQ2JFpFKvG57uwk2XI5i2ZcpLliopD%2BcW7QgglWyA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1bd1f36b515-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /script/ut.js?cb=1667759229947 HTTP/1.1 Host: superfastcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: superfastcdn.com/script/ut.js?cb=1667759229947 FQDN: superfastcdn.com IP: 172.64.166.4 172.64.166.4 HTTP/2 200 OK content-type: application/javascript date: Sun, 06 Nov 2022 18:27:12 GMT x-guploader-uploadid: ADPycdtFnFq0IpkUVAE5SrdZa5cGQWFIoqseVyW0OBmFQzAuA3ZCV591ohcfeoZHkpEBuU2AsJp9EcJWpXpVgN26osLrqQ x-goog-generation: 1661773552581597 x-goog-metageneration: 2 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 71356 x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg== x-goog-storage-class: MULTI_REGIONAL access-control-allow-origin: * expires: Sun, 06 Nov 2022 18:58:51 GMT cache-control: public, max-age=14400 last-modified: Mon, 29 Aug 2022 11:45:52 GMT etag: W/"c7304eebcb5069f68bd3fa9e74218a36" alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxmuiOdhWCM1X%2F%2B1Jf4cATIazRD5OiAI3H%2F5NYaE%2BJtoHA%2B4J6bCzE1W7M4c3wMKWwky0G8eGRbV0%2FHiCQlCgOkCLQ%2FjMpyqUuVud3zMuWdQJnxJg052oeQ5ZLWRC8nznOUw"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c03c5f7756-LHR content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /pfe/current/universal.min.js?v=3.1.402 HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bmindbm.xyz/ Origin: http://bmindbm.xyz Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: ibrapush.com/pfe/current/universal.min.js?v=3.1.402 FQDN: ibrapush.com IP: 139.45.197.250 139.45.197.250 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT last-modified: Wed, 02 Nov 2022 13:02:53 GMT etag: W/"63626a7d-180b9" access-control-allow-origin: http://bmindbm.xyz access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /script/suurl4.php?r=5954546&cbur=0.16872860422351021&cbiframe=1&cbWidth=640&cbHeight=360&cbtitle=&cbpage=https%3A%2F%2Fv4.sportsonline.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0 HTTP/1.1 Host: youradexchange.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Origin: https://y0k2w0p9cl84r1.constraindefiant.net Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: youradexchange.com/script/suurl4.php?r=5954546&cbur=0.1 (...) FQDN: youradexchange.com IP: 35.190.41.116 35.190.41.116 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: openresty date: Sun, 06 Nov 2022 18:27:12 GMT access-control-allow-origin: * content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info ---
GET /500/3710287?excludes=&oaid=bbf81df1bd4b44eba4cd1d096c889c63&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: OAID=3b2047f958b34ad4957e1bcc4f54074d Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: betotodilea.com/500/3710287?excludes=&oaid=bbf81df1bd4b (...) FQDN: betotodilea.com IP: 139.45.197.237 139.45.197.237 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT x-trace-id: 3bb6d47f34ce7e426c2faab11be4ead2 expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache vary: Origin access-control-allow-origin: http://bmindbm.xyz access-control-expose-headers: Link access-control-allow-credentials: true set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
GET /tag.min.js HTTP/1.1 Host: iclickcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: iclickcdn.com/tag.min.js FQDN: iclickcdn.com IP: 172.67.75.9 172.67.75.9 HTTP/2 200 OK content-type: text/javascript; charset=utf-8 date: Sun, 06 Nov 2022 18:27:10 GMT x-trace-id: 7d63e326dccd5693720cb6272e342f32 cache-control: max-age=86400 last-modified: Thu, 03 Nov 2022 15:00:30 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding access-control-max-age: 86400 pragma: no-cache expires: Mon, 07 Nov 2022 05:41:06 GMT timing-allow-origin: * cf-cache-status: HIT age: 45964 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYgVoB95TfGZ0g3VyDCfUYdSHIuUAlSUaR8ym4vZyHDBUgbmf%2BRSGfXE0vu91t6Uu%2BfUFYL2XNYq3SwGaCZgmrLPjV4OiyBLIXNIA2IwPjGy%2FXjfCZo5N%2Btc4uKguso%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1b90c99b517-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /cwidget/h6qfsjssi5/000000ffffff.png HTTP/1.1 Host: whos.amung.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png FQDN: whos.amung.us IP: 104.22.75.171 104.22.75.171 HTTP/2 307 Temporary Redirect content-type: text/html; charset=UTF-8 date: Sun, 06 Nov 2022 18:27:13 GMT location: https://widgets.amung.us/draw/?w=colored&n=279000&c=000000ffffff&p=left cache-control: max-age=295 cf-cache-status: DYNAMIC server: cloudflare cf-ray: 765fe1c58f0998ea-ARN X-Firefox-Spdy: h2 --- Additional Info ---
GET /fv.js?t=72747&cb=1989890367 HTTP/1.1 Host: unphionetor.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://interstitial-07.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: unphionetor.com/fv.js?t=72747&cb=1989890367 FQDN: unphionetor.com IP: 139.45.197.236 139.45.197.236 HTTP/2 200 OK content-type: text/javascript; charset=utf8 server: nginx date: Sun, 06 Nov 2022 18:27:12 GMT access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true pragma: no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT x-trace-id: f5c84718bd5aac943ffd9edbda9fcd3a strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
GET /css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%7CPT+Serif%3A400%2C400i%2C700%2C700i&ver=6.1 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C5 (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 06 Nov 2022 18:27:10 GMT date: Sun, 06 Nov 2022 18:27:10 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /pfe/current/tag.min.js?z=4018039 HTTP/1.1 Host: ibrapush.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ibrapush.com/pfe/current/tag.min.js?z=4018039 FQDN: ibrapush.com IP: 139.45.197.250 139.45.197.250 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT last-modified: Wed, 02 Nov 2022 13:02:53 GMT etag: W/"63626a7d-39be" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /400/3710287 HTTP/1.1 Host: betotodilea.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bmindbm.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: betotodilea.com/400/3710287 FQDN: betotodilea.com IP: 139.45.197.237 139.45.197.237 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT x-trace-id: 104bb7dd5b04657185010a445bbd51ae expires: Tue, 11 Jan 1994 10:00:00 GMT cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0 pragma: no-cache vary: Origin access-control-allow-origin: * access-control-expose-headers: Link access-control-allow-credentials: true set-cookie: OAID=3b2047f958b34ad4957e1bcc4f54074d; expires=Mon, 06 Nov 2023 18:27:11 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
POST /9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fbmindbm.xyz%2Flive%2F20%2F31%2F06%2F12%2F11%2F79095%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=bbf81df1bd4b44eba4cd1d096c889c63 HTTP/1.1 Host: nanouwho.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 55 Origin: http://bmindbm.xyz Connection: keep-alive Referer: http://bmindbm.xyz/ Cookie: scm=1; OAID=dee55ce7c87b4c8e9ed45322bbce0a90; oaidts=1667759231 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: nanouwho.com/9?z=3710288&ng=1&ix=0&pt=0&np=1&gp=-1&bp=- (...) FQDN: nanouwho.com IP: 139.45.197.242 139.45.197.242 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 06 Nov 2022 18:27:11 GMT access-control-allow-credentials: true access-control-allow-origin: http://bmindbm.xyz access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION x-trace-id: 9ed9844e1c2b73abd160083f6ab05d7f access-control-expose-headers: X-Sc set-cookie: OAID=bbf81df1bd4b44eba4cd1d096c889c63; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None oaidts=1667759231; expires=Mon, 06 Nov 2023 18:27:11 GMT; secure; SameSite=None pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - quad9: Sinkholed
GET /embed/phsheh97kpcdvc2 HTTP/1.1 Host: y0k2w0p9cl84r1.constraindefiant.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: y0k2w0p9cl84r1.constraindefiant.net/embed/phsheh97kpcdvc2 FQDN: y0k2w0p9cl84r1.constraindefiant.net IP: 172.67.181.206 172.67.181.206 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Sun, 06 Nov 2022 18:27:12 GMT set-cookie: hf1=1; expires=Mon, 07-Nov-2022 06:27:12 GMT; Max-Age=43200; path=/; secure; HttpOnly; SameSite=None hf5=1; expires=Mon, 07-Nov-2022 18:27:12 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TNBOH%2FKMnvK9LekI8RyEQS2hCw0%2BKqntym418hfpLR8Ng3YHWm5T03w%2F%2FyPe6XVU2vbbLGVwxHEEtqvwQIGu%2BWwWazSTDk0TqvBD3zgOCc05GEL31lxclN%2FaxfNUKEfeSzT7HJmTLDZ6UwZ5GiDjKrn56VK4A%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 765fe1c17f6db4f7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /cwidget/sportsonline/000000ffffff.png HTTP/1.1 Host: whos.amung.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://v4.sportsonline.to/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: whos.amung.us/cwidget/sportsonline/000000ffffff.png FQDN: whos.amung.us IP: 104.22.75.171 104.22.75.171 HTTP/2 307 Temporary Redirect content-type: text/html; charset=UTF-8 date: Sun, 06 Nov 2022 18:27:12 GMT location: https://widgets.amung.us/draw/?w=colored&n=68600&c=000000ffffff&p=left cache-control: max-age=295 cf-cache-status: DYNAMIC server: cloudflare cf-ray: 765fe1c1ba3198ea-ARN X-Firefox-Spdy: h2 --- Additional Info ---
GET /nsns.js HTTP/1.1 Host: swarm.video User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://y0k2w0p9cl84r1.constraindefiant.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: swarm.video/nsns.js FQDN: swarm.video IP: 104.21.17.85 104.21.17.85 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Sun, 06 Nov 2022 18:27:12 GMT cache-control: public, max-age=31536000 cf-bgj: minify cf-polished: origSize=519718 etag: W/"7ee26-183e189fff7" last-modified: Sun, 16 Oct 2022 16:04:21 GMT x-powered-by: Express cf-cache-status: HIT age: 179651 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lE0oLO8vjovd2U5n2Tn6sTaHMlLRieKyrXeH%2BJnevwIJqc2digtyp8Xa0oVPMOqqLtLAdmEoyRBEfbaQN%2FVWPhdSE%2BWnD7gduxj%2FufIdNsaLi%2BwNkd4CflC9luC0AQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 765fe1c2babc1c0a-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

Overview

Domain Summary (37)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 104.21.19.28

Last 5 reports on ASN: CLOUDFLARENET

Last 1 reports on domain: bmindbm.xyz

No other reports with similar screenshot

JavaScript

Executed Scripts (47)

Executed Evals (2)

#1 JavaScript::Eval (size: 1700) - SHA256: 82fb97ced522a081ff3e0061fb40f7cc94951b7c14504670eed8d2469315bd01

#2 JavaScript::Eval (size: 4513) - SHA256: de4f45f7427a755be063136c4966b78f61cdd4081be254583de4be82361b3cb9

Executed Writes (2)

#1 JavaScript::Write (size: 127) - SHA256: 0ea9bc7b5b3b3e52e265093bfc043060241ca90e2499d130733123bcc330fcc7

#2 JavaScript::Write (size: 51157) - SHA256: 81e6e76bed7257413f8165d80c824006766b8bacb870b8e87422c883256a995b

HTTP Transactions (118)

Overview

Domain Summary (37)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 104.21.19.28

Last 5 reports on ASN: CLOUDFLARENET

Last 1 reports on domain: bmindbm.xyz

No other reports with similar screenshot

JavaScript

Executed Scripts (47)

Executed Evals (2)

#1 JavaScript::Eval (size: 1700) - SHA256: 82fb97ced522a081ff3e0061fb40f7cc94951b7c14504670eed8d2469315bd01

#2 JavaScript::Eval (size: 4513) - SHA256: de4f45f7427a755be063136c4966b78f61cdd4081be254583de4be82361b3cb9

Executed Writes (2)

#1 JavaScript::Write (size: 127) - SHA256: 0ea9bc7b5b3b3e52e265093bfc043060241ca90e2499d130733123bcc330fcc7

#2 JavaScript::Write (size: 51157) - SHA256: 81e6e76bed7257413f8165d80c824006766b8bacb870b8e87422c883256a995b

HTTP Transactions (118)

Network Intrusion Detection Systems