Overview

URLbom.so/qmE4eg
IP 172.67.68.240 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Referer
Report completed2022-11-11 13:32:56 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
cf-assets.hcaptcha.com (7) 0 2022-02-22 19:51:32 UTC 2022-11-11 11:20:41 UTC 104.18.23.122 Domain (hcaptcha.com) ranked at: 5458
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
bom.so (1) 417517 2017-09-01 20:09:21 UTC 2022-11-11 10:58:06 UTC 172.67.68.240
e1.o.lencr.org (6) 6159 No data No data 23.36.76.226
firefox.settings.services.mozilla.com (1) 867 2020-06-04 20:08:41 UTC 2022-11-11 05:46:42 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-11 05:51:39 UTC 34.117.237.239
cloudflare.hcaptcha.com (2) 0 2022-02-23 15:28:14 UTC 2022-11-11 11:20:34 UTC 104.18.18.132 Domain (hcaptcha.com) ranked at: 5458
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.42.148.177

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-11 2 bom.so Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.68.240
Date UQ / IDS / BL URL IP
2023-02-07 11:19:48 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.68.240
2023-02-04 05:14:13 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.68.240
2023-01-29 16:12:00 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.68.240
2023-01-17 04:14:04 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.68.240
2023-01-15 08:08:36 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.68.240


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-09 02:55:33 +0000 0 - 0 - 1 gitlab.com/proswapper/sdgsgs/-/raw/main/65138 (...) 172.65.251.78
2023-02-09 02:54:36 +0000 0 - 0 - 2 cdn.discordapp.com/attachments/83524623567788 (...) 162.159.133.233
2023-02-09 02:52:53 +0000 0 - 0 - 2 healthbenefitlifestyle.com/Argentina-sweeps/t (...) 172.67.191.21
2023-02-09 02:51:38 +0000 0 - 0 - 3 steamnconmuntiy.com/profles/765611979602799287 188.114.97.1
2023-02-09 02:51:18 +0000 0 - 0 - 1 blog.pamieciprzyszlosc.pl/wp-includes/js/tiny (...) 104.21.51.154


Last 5 reports on domain: bom.so
Date UQ / IDS / BL URL IP
2023-02-08 23:24:17 +0000 0 - 0 - 1 bom.so/GMW3W5 104.21.34.183
2023-02-08 20:14:56 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.163.184
2023-02-07 11:19:48 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.68.240
2023-02-05 22:10:11 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.6.214
2023-02-04 15:11:12 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.6.214


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-23 23:14:50 +0000 0 - 0 - 1 bom.so/GMW3W5 172.67.68.240
2022-12-18 21:18:23 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.6.214
2022-12-18 03:12:50 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.6.214
2022-12-14 23:12:59 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.7.214
2023-01-04 01:15:03 +0000 0 - 0 - 1 bom.so/GMW3W5 104.26.6.214

JavaScript

Executed Scripts (4)

Executed Evals (1)
#1 JavaScript::Eval (size: 595) - SHA256: f4a6293603fe89a57da6671607deb0627bfa5735b373bb7ad0920ac20865cb0e
+((!+[] + (!![]) + (!![]) + !![] + !![] + !![] + !![] + []) + (!+[] + (!![]) + (!![]) + !![] + !![] + !![] + !![] + !![] + !![]) + (!+[] + (!![]) + (!![]) + !![] + !![] + !![] + !![]) + (!+-[] + (+-!![]) + -[]) + (!+-[] + (+-!![]) + -[]) + (!+[] + (!![]) + (!![])) + (!+[] + (!![]) + (!![]) + !![]) + (!+[] + (!![]) + (!![])) + (!+[] + (!![]) + (!![]) + !![] + !![] + !![] + !![])) / +((!+[] + (!![]) + (!![]) + !![] + !![] + !![] + !![] + !![] + !![] + []) + (!+[] + (!![]) + (!![]) + !![] + !![] + !![] + !![]) + (!+[] + (!![]) + (!![]) + !![] + !![] + !![] + !![]) + (!+[] + (!![]) + (!![])) + (!+[] + (!![]) + (!![]) + !![] + !![] + !![] + !![] + !![]) + (!+[] + (!![]) - []) + (!+[] + (!![]) + (!![]) + !![] + !![]) + (!+[] + (!![]) + (!![])) + (!+[] + (!![]) + (!![]) + !![] + !![]))

Executed Writes (0)


HTTP Transactions (34)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6344
Expires: Fri, 11 Nov 2022 15:18:29 GMT
Date: Fri, 11 Nov 2022 13:32:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "5E65B97060D16DB5D40E6AE71CE16C27944EEB94E05E9A6B8CA86B808A716D82"
Last-Modified: Wed, 09 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11186
Expires: Fri, 11 Nov 2022 16:39:11 GMT
Date: Fri, 11 Nov 2022 13:32:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2887
Cache-Control: max-age=164809
Date: Fri, 11 Nov 2022 13:32:45 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 11:19:34 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5119
Expires: Fri, 11 Nov 2022 14:58:04 GMT
Date: Fri, 11 Nov 2022 13:32:45 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 11 Nov 2022 12:44:01 GMT
cache-control: public,max-age=3600
age: 2924
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4736bac84ca28f2b1e961159fb4ea098
Sha1:   1319612979f53896fcfeacd4215c2715d4951e4c
Sha256: 5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "5E65B97060D16DB5D40E6AE71CE16C27944EEB94E05E9A6B8CA86B808A716D82"
Last-Modified: Wed, 09 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11186
Expires: Fri, 11 Nov 2022 16:39:11 GMT
Date: Fri, 11 Nov 2022 13:32:45 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: CpVObynd5bXiND5wDXDmA1sJ87sbmN8a2ACStlQXBxf4BSLuc1YXM1LWXkdzNfXnAs9kPOABBSA=
x-amz-request-id: WF8T3Z65VZ2GQMWN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 11 Nov 2022 12:49:49 GMT
age: 2576
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 11 Nov 2022 13:32:45 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2823
Cache-Control: max-age=165463
Date: Fri, 11 Nov 2022 13:32:45 GMT
Etag: "636e274d-117"
Expires: Sun, 13 Nov 2022 11:30:28 GMT
Last-Modified: Fri, 11 Nov 2022 10:43:25 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1 
Host: cloudflare.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.18.132
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 11 Nov 2022 13:32:46 GMT
cf-ray: 768765538ee31c06-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"cba895d710939d3f383adf1461af832f"
last-modified: Wed, 09 Nov 2022 04:14:07 GMT
strict-transport-security: max-age=0
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: b0DWrfx-9Xmfx9tD5_IswWM-ZQ9LflMhUFcFaZINOdiXLtDV7udH6w==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   81530
Md5:    86c56a99db025956c4b6e7b433157418
Sha1:   b723faa3170ba03f72f8cce43163bbe420adb6c8
Sha256: 414b3335b43b30bcd3e0bc59c16a3991c2c65a08477f39be2493bd0d7a1a6ef0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 727
Cache-Control: max-age=157573
Date: Fri, 11 Nov 2022 13:32:46 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 09:18:59 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c/m0n7yDl6Q9An/yTGJNNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.148.177
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fC5zK9psSPrfCzzl0TujY8OZuNU=

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "B3F82BB7D16BDCFBD22D635A29527D35D39CEB5AE7E70E441756486742AA1AFA"
Last-Modified: Thu, 10 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4354
Expires: Fri, 11 Nov 2022 14:45:20 GMT
Date: Fri, 11 Nov 2022 13:32:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "B3F82BB7D16BDCFBD22D635A29527D35D39CEB5AE7E70E441756486742AA1AFA"
Last-Modified: Thu, 10 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4354
Expires: Fri, 11 Nov 2022 14:45:20 GMT
Date: Fri, 11 Nov 2022 13:32:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "B3F82BB7D16BDCFBD22D635A29527D35D39CEB5AE7E70E441756486742AA1AFA"
Last-Modified: Thu, 10 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4354
Expires: Fri, 11 Nov 2022 14:45:20 GMT
Date: Fri, 11 Nov 2022 13:32:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "B3F82BB7D16BDCFBD22D635A29527D35D39CEB5AE7E70E441756486742AA1AFA"
Last-Modified: Thu, 10 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4354
Expires: Fri, 11 Nov 2022 14:45:20 GMT
Date: Fri, 11 Nov 2022 13:32:46 GMT
Connection: keep-alive

                                        
                                            GET /i/8f810a5/e HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cf-assets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Connection: keep-alive
Cookie: __cf_bm=wHuyXtyxqg5icJ73tvHm2eb_.FEeqNboXAs4VOcZMNY-1668173566-0-ATiTeJEAqmVv8ovK4yWikfhnh0FoYXd8RHBA5eogmQS+s1qdXVgf13BssS7sKljCUw1nn3lL2Ip0MKzUypUExW0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.23.122
HTTP/2 200 OK
content-type: application/octet-stream
                                        
date: Fri, 11 Nov 2022 13:32:47 GMT
content-length: 114206
cf-ray: 7687655d5b9e1bfa-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 56801
cache-control: max-age=1209600
etag: "2745ad521baac169716b15059fe39a95"
last-modified: Fri, 28 Oct 2022 14:37:00 GMT
strict-transport-security: max-age=0
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: wbWrDoJfnRZjOGM00vqm8M-nOES8wCbXDyNfUB9xB_C4BOrdU0OKig==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   114206
Md5:    2745ad521baac169716b15059fe39a95
Sha1:   9b85a2b1de0bfde12c61778a96c1602c07c206d2
Sha256: 7b36a7217d78504b206aefba7712faf37bae871cf72c7740626ab9269e8d4e60
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 11 Nov 2022 16:42:55 GMT
Date: Fri, 11 Nov 2022 13:32:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 11 Nov 2022 16:42:55 GMT
Date: Fri, 11 Nov 2022 13:32:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 11 Nov 2022 16:42:55 GMT
Date: Fri, 11 Nov 2022 13:32:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 11 Nov 2022 16:42:55 GMT
Date: Fri, 11 Nov 2022 13:32:47 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7W-KhmnTOIsEZjsNwoX8fWhXGFhn0g0DV5kl-bpnJIjPSo54UD8klw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 13:29:30 GMT
age: 197
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5583
Md5:    85c6f450b38f41a2fb924d6d9a9cbff8
Sha1:   691f59b65ca9fde4f59bbf96b37071e07351f190
Sha256: c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdff5978-349f-4530-9552-e5cce667c694.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4567
x-amzn-requestid: fd6be49d-a739-4143-b7e1-ba625791ec8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bA1gxG2goAMFewQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63636937-2d7cac2a0a3e65e0099f6051;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 07:09:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FDQuI3HBUkpH-kVS6p5MRLeGWbLnwbvOp35GKnwKsQOjHBEW8h-meg==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:43:03 GMT
age: 56984
etag: "39a1402a8e60e27d314f91babcfe3794f3d96a63"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8475
Md5:    010787a49e11106f2d53d1b6d8e42011
Sha1:   d5f7d665fec6e58d47e4f852d2c4fa822852a94c
Sha256: ba31d45b60ba8721213d2b73360a0c25d3d626a288d9cea0b637cbc2f062b82e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8294
x-amzn-requestid: 5dab4522-fca9-4ada-ad6f-3305c9686315
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u3H7PoAMF02g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-756c150c40fe6fff3ae7a609;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FXIS1Gr_-3RUm6WPZCVcjaefD3hehHV-IwO-ieFeUqeoPAE7vajlsg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:51 GMT
etag: "815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0"
age: 56756
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8294
Md5:    88c9931a009690991e73c5b37a1aa085
Sha1:   815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0
Sha256: 74e70391889e4b46742033b1d5daccfec415ba2ee999e429d1013fd4a1ebc61a
                                        
                                            GET /captcha/v1/0abd424/static/hcaptcha.html HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.18.23.122
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 11 Nov 2022 13:32:46 GMT
cf-ray: 76876558ef651bfa-OSL
access-control-allow-origin: *
age: 17200
cache-control: max-age=1209600
last-modified: Wed, 09 Nov 2022 04:14:07 GMT
strict-transport-security: max-age=0
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: vz47MxQHcg8G3Bf0S2TBCvenIuYObISsnzZgvU2fPAc0cf8_UiTE8A==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=tIcU.noZPmZw0Ul5K238jnyuuDT35k7xoyKcJOzJrpo-1668173566-0-AQ2ksCJ3UJ/h7awvLzW2gba/IVkdOmOxaSYKmLJyd71BOTyxgm7IZxxUyC4NYewvpYRLBfcY7bEf2BVeFMjKhz8=; path=/; expires=Fri, 11-Nov-22 14:02:46 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11496
Md5:    b2a0c5c8404f1e3a299074cf88b16884
Sha1:   ed42d7e7a757dcfc1851e97c58f4c15c708aa94e
Sha256: 549cbd8e2f8f8e0818f8a730c60bd09f2b3796c2ab3cf048afc620d23ec144d0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8581
x-amzn-requestid: 385174fe-153f-448f-be5e-9ea3b5757ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u1EYOIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-6084a34f58df22037275e676;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MhIq0Vdxah99pPo_O7gkhrq9Nekkxld2lv0955wr0yJzcP3g6LAH8g==
via: 1.1 dfc972676b24a6d23251d4f298dfa08c.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
age: 56751
etag: "e0d1ebb35a16c686eae3d31eb85ac72278459b05"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8581
Md5:    13f7b6eea163326da8c58ae5c09efccd
Sha1:   e0d1ebb35a16c686eae3d31eb85ac72278459b05
Sha256: 13f2f428acb7806808d957a8167ab2c139a5d0f59798671465717f2b39b914a9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8a087e0-6803-4782-af79-e6b6225befa5.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6670
x-amzn-requestid: d5d26714-a726-4dd6-ab2d-21ca2cc75dc4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bXCYwH6nIAMFjRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c4a9e-3b07894c33c66e856e6c0627;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 00:49:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9C261jpBHX1wA_dHcVQW2WhNT93gkqGjC5jbAVrG8o4SOR0JjqPDGw==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 05:44:15 GMT
age: 28112
etag: "98a80b1eaf4c774b5dca5bb86cfe53dd88bd89a4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6670
Md5:    e008606f3f8c8e0d3b0b8a37eabc829a
Sha1:   98a80b1eaf4c774b5dca5bb86cfe53dd88bd89a4
Sha256: 2282526c03afe7e8919dbe4d3893cc5743860344f01ef616e15eeabae492ab6d
                                        
                                            GET /captcha/v1/0abd424/static/hcaptcha.html HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.18.23.122
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 11 Nov 2022 13:32:46 GMT
cf-ray: 768765590f791bfa-OSL
access-control-allow-origin: *
age: 17200
cache-control: max-age=1209600
last-modified: Wed, 09 Nov 2022 04:14:07 GMT
strict-transport-security: max-age=0
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: vz47MxQHcg8G3Bf0S2TBCvenIuYObISsnzZgvU2fPAc0cf8_UiTE8A==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=wHuyXtyxqg5icJ73tvHm2eb_.FEeqNboXAs4VOcZMNY-1668173566-0-ATiTeJEAqmVv8ovK4yWikfhnh0FoYXd8RHBA5eogmQS+s1qdXVgf13BssS7sKljCUw1nn3lL2Ip0MKzUypUExW0=; path=/; expires=Fri, 11-Nov-22 14:02:46 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /captcha/v1/0abd424/hcaptcha.js HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Cookie: __cf_bm=wHuyXtyxqg5icJ73tvHm2eb_.FEeqNboXAs4VOcZMNY-1668173566-0-ATiTeJEAqmVv8ovK4yWikfhnh0FoYXd8RHBA5eogmQS+s1qdXVgf13BssS7sKljCUw1nn3lL2Ip0MKzUypUExW0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.23.122
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 11 Nov 2022 13:32:46 GMT
cf-ray: 768765591f951bfa-OSL
access-control-allow-origin: *
age: 17202
cache-control: max-age=1209600
etag: W/"cba895d710939d3f383adf1461af832f"
last-modified: Wed, 09 Nov 2022 04:14:07 GMT
strict-transport-security: max-age=0
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: b0DWrfx-9Xmfx9tD5_IswWM-ZQ9LflMhUFcFaZINOdiXLtDV7udH6w==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /captcha/v1/0abd424/static/hcaptcha.html HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.18.23.122
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 11 Nov 2022 13:32:46 GMT
cf-ray: 768765590f761bfa-OSL
access-control-allow-origin: *
age: 17200
cache-control: max-age=1209600
last-modified: Wed, 09 Nov 2022 04:14:07 GMT
strict-transport-security: max-age=0
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: vz47MxQHcg8G3Bf0S2TBCvenIuYObISsnzZgvU2fPAc0cf8_UiTE8A==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=RglhazOvev9h.gEvsv_rDHecc3gP2eOXrj1GtRohWck-1668173566-0-ARb2ZLLF2qaTAA6nu85hK1/i3+AT0MUCS7a7YoGrQi/mEB+97O+YOb3Dj3HPYbH4jAf285jk8Q54sh5YpDY9Uh0=; path=/; expires=Fri, 11-Nov-22 14:02:46 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /captcha/v1/0abd424/static/hcaptcha.html HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.18.23.122
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 11 Nov 2022 13:32:46 GMT
cf-ray: 768765590f7b1bfa-OSL
access-control-allow-origin: *
age: 17200
cache-control: max-age=1209600
last-modified: Wed, 09 Nov 2022 04:14:07 GMT
strict-transport-security: max-age=0
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: vz47MxQHcg8G3Bf0S2TBCvenIuYObISsnzZgvU2fPAc0cf8_UiTE8A==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=AVyionhDtG61ERiFowjV9pIpzsyTgERuZyyzrrKvhek-1668173566-0-Aad+C4nJb76//cltKYD4WpnT6xifzUkjBD+FB9xtLdfYyVDsTwWI/l+0zZzxQpfA1PozkJk4OR2x4TlRqNQM+Y4=; path=/; expires=Fri, 11-Nov-22 14:02:46 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /checksiteconfig?v=0abd424&host=bom.so&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1 HTTP/1.1 
Host: cloudflare.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cf-assets.hcaptcha.com
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
TE: trailers

search
                                         104.18.18.132
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 11 Nov 2022 13:32:47 GMT
access-control-allow-origin: https://cf-assets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-chl-bypass: 2
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7687655abeb51c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/278beb8b/hsw.js HTTP/1.1 
Host: cf-assets.hcaptcha.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Cookie: __cf_bm=wHuyXtyxqg5icJ73tvHm2eb_.FEeqNboXAs4VOcZMNY-1668173566-0-ATiTeJEAqmVv8ovK4yWikfhnh0FoYXd8RHBA5eogmQS+s1qdXVgf13BssS7sKljCUw1nn3lL2Ip0MKzUypUExW0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.23.122
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 11 Nov 2022 13:32:47 GMT
cf-ray: 7687655ae95b1bfa-OSL
access-control-allow-origin: *
age: 5374
cache-control: max-age=1209600
etag: W/"0589d4a7f08ca0b99adaf10f09300920"
last-modified: Wed, 09 Nov 2022 09:00:51 GMT
strict-transport-security: max-age=0
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: Kf4xvhvTRfFu_M0kGj4YXe7Re9xN3oDauVX4T0WSWlOoqWw987s34A==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /qmE4eg HTTP/1.1 
Host: bom.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         172.67.68.240
HTTP/2 403 Forbidden
content-type: text/html; charset=UTF-8
                                        
date: Fri, 11 Nov 2022 13:32:45 GMT
cf-chl-bypass: 1
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kf3ShN1AKg37LBuCtfx9drNoj3gG8svqIsJ9Q84Y74ceUaQRB7ZhTxzU%2FnpjaQ2rarHpg16T5BHb0KtGZPypyJLveJiFXucExCV1vVTFXTe4gAKV%2F7ljKXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 768765511889b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed