bom.so/MVGTDs
403 Forbidden 3.7 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (816)
Hash f7225e4201f3f1cb15ed515c344ac20c
0f42b1dbc27b369e264c58fae00cf543e984c444
5464ecdeb5ac430486832004a62b6b77f25b15f16b66baa2457ab6d44370a1ef
Analyzer Verdict Alert quad9 Sinkholed
GET /MVGTDs HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Sat, 29 Oct 2022 16:19:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG1lVn0czmmmHb0PiF95hFAeOl8ECaXP4ddaloLCtoelfY8%2FfjA3FIUQllqHEenybPigJpZO0rVgbW24sEWi11VUqc6aZQRzeaTsyhqGFQ2P%2B%2FjQDOTjcDc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 761d3afb29cbb4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 82788b8b26eeba7f492106ea47729bbb
823b2d3c336d11064a6b809057bed46bb65a7969
7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Sat, 29 Oct 2022 16:59:22 GMT
Date: Sat, 29 Oct 2022 16:19:01 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 856ee3167a1a6efa13187b6d726d61e4
30d121bebc8f164b38d929e94193ca0caa9ce708
c79ab5ce8d207664a2e0b63762e68f1a906d68c31c59139965201c870619063a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4120
Cache-Control: max-age=152441
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 16:19:01 GMT
Etag: "635cf2d6-1d7"
Expires: Mon, 31 Oct 2022 10:39:42 GMT
Last-Modified: Sat, 29 Oct 2022 09:31:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6820
Expires: Sat, 29 Oct 2022 18:12:41 GMT
Date: Sat, 29 Oct 2022 16:19:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pzdtCSCUBZ/624v+5e1X2V0iJvjVBPpoH0R2gIpGxpqiwIqmDvaubegQeOlwjsGUSfOmZUPBUcs=
x-amz-request-id: A73KWYB3GX98GNXD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 29 Oct 2022 15:44:06 GMT
age: 2095
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
bom.so/cdn-cgi/styles/challenges.css
200 OK 2.6 kB URL HTTP/1.1 bom.so/cdn-cgi/styles/challenges.css
IP
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/MVGTDs
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 16:19:01 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 23:39:16 GMT
ETag: W/"6359c524-1896"
Server: cloudflare
CF-RAY: 761d3afd9d13b50c-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 29 Oct 2022 18:19:01 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
bom.so/favicon.ico
403 Forbidden 3.7 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (816)
Hash c3d154237e876c5e3cf2d1729a3e4740
fa043dd9e4362a005aef16202b11b7bf436f01fe
1f9e5585733a5788f6dace0ec9463b1c8ebd30ff17ee1df705bbb413dada6206
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/MVGTDs
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Sat, 29 Oct 2022 16:19:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRC868Os0uNqZ9RdIwkC4tbytBIQuADggnSnrXSU%2F1XgCk3Ib4foM4Cf9djvTZHEBakngPIoteYR3z%2FcymipLhd3OCOkrFzn9Gzs5CPwiG7%2FjkK7ZvSt%2BdY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 761d3afd9f17b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 29 Oct 2022 16:19:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bom.so/cdn-cgi/images/trace/managed/js/transparent.gif?ray=761d3afb29cbb4ed
200 OK 42 B URL HTTP/1.1 bom.so/cdn-cgi/images/trace/managed/js/transparent.gif?ray=761d3afb29cbb4ed
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=761d3afb29cbb4ed HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/MVGTDs
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 16:19:01 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 23:39:16 GMT
ETag: "6359c524-2a"
Server: cloudflare
CF-RAY: 761d3afe7e2bb50c-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 29 Oct 2022 18:19:01 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
bom.so/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=761d3afb29cbb4ed
200 OK 27 kB URL HTTP/1.1 bom.so/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=761d3afb29cbb4ed
IP
File type ASCII text, with very long lines (62025), with no line terminators
Hash c1aae859244bb0bf0650175c85c753cc
786b06b8ec17a91dd55e3b7d207fa2cd1cca1162
a1fb263b8038329962adbc8145b86133a4ed1b538c7e4c0eb6088e70ab8a08d7
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=761d3afb29cbb4ed HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/MVGTDs?__cf_chl_rt_tk=eYOllDgFiWuH_BU.dNRxWDBLToQpHFZTe._P8DxTbpA-1667060340-0-gaNycGzNAv0
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 16:19:01 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0suDWq1ongpkFesyxjqEVD4UKYk7hpL%2F7HlbHl0q%2FR6dYxvHVbYDmcZ50S8wMfybmVdMJZrA1ShN9cFQ2iGjsv%2B7%2B%2B9RTB%2F9iseD3IPprcRIq4n6BF4UUBs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 761d3afe7f16b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 279 B IP
Hash e9f9a60cf191f62909b7d103e05425af
b51b94cfd02f959d316b8876af19bcdc0bdbc6c9
d4663596e2625c006608aea2ace4bc2be30b1c8d4f7ae6df33c038eb6dcbb122
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5441
Cache-Control: max-age=154491
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 16:19:01 GMT
Etag: "635cf5af-117"
Expires: Mon, 31 Oct 2022 11:13:52 GMT
Last-Modified: Sat, 29 Oct 2022 09:43:11 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
bom.so/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7500403970811255:1667056047:eVv9GYj8dhiNpW-TPHBmI0kNBIk37hoh_SrWp378FZE/761d3afb29cbb4ed/6886e8046e40b70
200 OK 58 kB URL HTTP/1.1 bom.so/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7500403970811255:1667056047:eVv9GYj8dhiNpW-TPHBmI0kNBIk37hoh_SrWp378FZE/761d3afb29cbb4ed/6886e8046e40b70
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0f231c66ed7c3bc76b59f2baef5e19d5
6f8139d3bb619397d13790189ee55a9cc885591f
b0e74ceec30b83e4add9068435f5f992f2167f81af3cdd2b792887e410c23ca9
Analyzer Verdict Alert quad9 Sinkholed
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.7500403970811255:1667056047:eVv9GYj8dhiNpW-TPHBmI0kNBIk37hoh_SrWp378FZE/761d3afb29cbb4ed/6886e8046e40b70 HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/MVGTDs
Content-type: application/x-www-form-urlencoded
CF-Challenge: 6886e8046e40b70
Content-Length: 1717
Origin: http://bom.so
Connection: keep-alive
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 16:19:01 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: TMIqNUe4NgAPgLnrjNwiEIm8z+R16z0D//ihgiQ4y8V0vE2hS+aJK2eSQPJdvZYMnPVk5K/hSOUCoXEltUTO1TG7R0KHEaiBOx/FBOGQOKRTTxeLgXg9W+mmerrk+xnoqYZK0F6e8R5dPp3xNEqF5ctr367LuuhngxgxuYCyDE6fGzdv/G7x2Se+8+xBVQdWNrjy/XLdNMJEh4v+J8UuZ6cPrvznqxJdNxSngTrC8q6CzPkVDSaELBWIxTcxvPEspumtuEmfNoUwubwcTWLNi0bEA77vhAo4XKYAnHhoqiQgzf6NLvXbgvw2yQ34SY5G$IXz4ip3rITaPwStMYzyqIw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsfPSYrGEn2E%2Bl2W2wCkrIY%2Frc6ln%2F%2FlBMScqyFdEuX4rEIcRP%2BheCtH0OJ0Zq%2BXkKX7ywWldNxT8bgvJgE8xlSjJhoE3oTQR4RDxX5ELZ6U6OTHumaFmcA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 761d3affc887b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash d23430a3322d9d62a11844dcb41e6b36
b3798f6bdf72e31d2bd38ee609bb8f5701a337b1
2e310b291a80f54bac4ddca876398ec04a17517464b17f8f290ee0a3d3f28156
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6203
Cache-Control: max-age=149465
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 16:19:02 GMT
Etag: "635cdf14-1d7"
Expires: Mon, 31 Oct 2022 09:50:07 GMT
Last-Modified: Sat, 29 Oct 2022 08:06:44 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
bom.so/cdn-cgi/challenge-platform/h/b/img/761d3afb29cbb4ed/1667060341739/yVc9BDZpWNyYALY
200 OK 61 B URL HTTP/1.1 bom.so/cdn-cgi/challenge-platform/h/b/img/761d3afb29cbb4ed/1667060341739/yVc9BDZpWNyYALY
IP
File type PNG image data, 15 x 98, 8-bit/color RGB, non-interlaced\012- data
Hash 552acb5b531ef5df578bc2bcb9e0ec1a
2ecd16ff136d4cc4ed2e45b7ec4f73da203aa24c
ae0bcbc5bc68f364ddeec176a7d40ba80aaf7631894e45f7a3a2f112f1b80b34
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/challenge-platform/h/b/img/761d3afb29cbb4ed/1667060341739/yVc9BDZpWNyYALY HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/MVGTDs
Connection: keep-alive
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 16:19:02 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp%2F17flffGKRZDYveQOZltYThpqVcNzktXM0xl7OFbhUJFNqFWvVOqHgU3oQCL8xksQ4DNevudbQzU03jfDtwS8TfFhoXLh21hTqOAmK6Wp%2B1FKyjxtBZ%2Fs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 761d3b060893b51b-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YM+ogg5Bom+QdViT5bCQYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ffaaqdaifV9sM2i+G1JCYWvAWjE=
bom.so/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7500403970811255:1667056047:eVv9GYj8dhiNpW-TPHBmI0kNBIk37hoh_SrWp378FZE/761d3afb29cbb4ed/6886e8046e40b70
200 OK 3.3 kB URL HTTP/1.1 bom.so/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7500403970811255:1667056047:eVv9GYj8dhiNpW-TPHBmI0kNBIk37hoh_SrWp378FZE/761d3afb29cbb4ed/6886e8046e40b70
IP
File type ASCII text, with very long lines (4392), with no line terminators
Hash 0818c5269164d64b2394025a86813034
565b35b45af53fa89a72196cb9cffcaae2023382
2c06e10b7d2d99d1c7148b3843244b14eb0ffe0f0217f876a967631a63dc32cb
Analyzer Verdict Alert quad9 Sinkholed
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.7500403970811255:1667056047:eVv9GYj8dhiNpW-TPHBmI0kNBIk37hoh_SrWp378FZE/761d3afb29cbb4ed/6886e8046e40b70 HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/MVGTDs
Content-type: application/x-www-form-urlencoded
CF-Challenge: 6886e8046e40b70
Content-Length: 15945
Origin: http://bom.so
Connection: keep-alive
Cookie: cf_chl_prog=b
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 16:19:02 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: 6KQ6Q8qWDBK/A4cUbqJ9kroeihwZ/hjUed01qVBeZpw=$MuXqFiWhwsW6xpwt520Eqg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHzvvkXbuHbNRr3iPfm%2BkFNHh8WNU0UYovVL9s2t1kZ6z%2BQA7xRqzdn4WxjgfY9ti%2FnRoiKvg2mBD9RotAvd3NcpvL%2FS3cHP24OLwk3qjSMYFoIu30%2Bv%2BN0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 761d3b06e988b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 29 Oct 2022 16:19:02 GMT
content-length: 0
location: /turnstile/v0/b5a25e40/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age: 300
vary: Accept-Encoding
server: cloudflare
cf-ray: 761d3b0749e7b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4677
Expires: Sat, 29 Oct 2022 17:37:00 GMT
Date: Sat, 29 Oct 2022 16:19:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4677
Expires: Sat, 29 Oct 2022 17:37:00 GMT
Date: Sat, 29 Oct 2022 16:19:03 GMT
Connection: keep-alive
challenges.cloudflare.com/turnstile/v0/b5a25e40/api.js?onload=_cf_chl_turnstile_l&render=explicit
200 OK 3.8 kB URL HTTP/2 challenges.cloudflare.com/turnstile/v0/b5a25e40/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP
File type ASCII text, with very long lines (8715)
Hash ecdc9f98582e9101ef5bc837dbe46928
bfd16302dbd2e99b1776ccb8112c9128362619dc
aae29ebd8e466e3bf770f46c8be106fe1b0e6d2302e05cf9644ab224dbf41a85
GET /turnstile/v0/b5a25e40/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 29 Oct 2022 16:19:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 761d3b077a18b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4677
Expires: Sat, 29 Oct 2022 17:37:00 GMT
Date: Sat, 29 Oct 2022 16:19:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4677
Expires: Sat, 29 Oct 2022 17:37:00 GMT
Date: Sat, 29 Oct 2022 16:19:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3d9a213-ef55-4ec1-836e-6dede0d7ffd3.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3d9a213-ef55-4ec1-836e-6dede0d7ffd3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc22a7370f5dad19546be6f1c83fe308
817e9cf3ea980056a1f2c5e502573a941abfeb2c
b991ed3b3798f918a7b4d0b7679cf8b574e2dc750fb3cfb4cef0ae08b6a8ac5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3d9a213-ef55-4ec1-836e-6dede0d7ffd3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7831
x-amzn-requestid: 53b46e70-8745-473c-b890-da4ed4a58be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCInEVwIAMFjNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a36-26329afd60e5c20a42e73373;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zNf7ZW0T1p33Y0CF4byCsqU0j3ajRQHRQMQ7CLlhQcFgBjqgfof8_Q==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:27 GMT
etag: "817e9cf3ea980056a1f2c5e502573a941abfeb2c"
content-type: image/jpeg
age: 66456
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3044824aa388754b4834dc79496d135b
ee65caaa8a746599f6c29d74900472a98c121499
1e7f15e9d74e3559bbe51f66a861045d02a1cb227c978ba09c47e52972095930
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6036
x-amzn-requestid: 3614efdd-d9db-4461-a335-30cfc17cf8b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGmEyVoAMFnPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-5f619a592c75e97c3dc2689a;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q4BKx39YfIUToWYusxR0A0ndnPGlNBDgQrP6ZlO8f5_D7xzdgelZ2A==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:16 GMT
age: 66467
etag: "ee65caaa8a746599f6c29d74900472a98c121499"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f8a8bdab8c8b28242ea7227be2d471
aa097b7f69b5369277d405238bbbb19081c3c3da
ec9a37f12ce0fb63e907ac3e5cbba04f392dfe44432422a839fc9c6ea66ec176
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: 7dd9eebd-2c20-4e7c-ba5d-349dc15abe61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGmH3eIAMFhcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-3dfa40935763bd2641e7e53a;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ezz-JH5UmLsrfICqqGDnf9Bd48WgoGT_4q8jS1fji5OkPs2CJYuHfg==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:50:03 GMT
age: 66540
etag: "aa097b7f69b5369277d405238bbbb19081c3c3da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8326b70116b95839cb92a20987ff62bf
e39efc9edc67abdbc8b67e56ea3aa3f169600055
9bb70165db081deb009c8da7f4fcafff66bf4f3ce68c88dd11b21ab1665f8a30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8381
x-amzn-requestid: affd1381-e8d6-406e-bdfd-43095e110aa9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCJEHAUoAMFQPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a39-738547cc62556b0f6cc604cf;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:37 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FpVYEpuzxdqeInQrm5_-ZU4tLonMfDWY3D3DxRd0JD3uh4emzrgklA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:44:56 GMT
age: 66847
etag: "e39efc9edc67abdbc8b67e56ea3aa3f169600055"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c7269e7-b618-4700-9a4e-8dd88078670e.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c7269e7-b618-4700-9a4e-8dd88078670e.jpeg
IP
Hash c66c2e14d81c76e7b8086fad52852403
ca8f2757bb389d77b50bcb738ebdc68c4826ed6c
2d6e2de36e74fecef32f12954a59529cb92775f0bbd2d7f7a7f013f0b80d3a2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c7269e7-b618-4700-9a4e-8dd88078670e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9718
x-amzn-requestid: e7339861-3974-4569-b282-502667c970fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCIxHPToAMFoLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a37-661fecca54b9a038565e0fcb;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: G7WqIjVa6krtMCHYwBrDYZxl6xSO-rVGOz1DyKkzW65soVi1K8UHnQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:15:29 GMT
age: 65014
etag: "af589048cc676d45060198d7fce3a338d681d201"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd830c901-a7fd-448a-9a5c-b65235a10127.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd830c901-a7fd-448a-9a5c-b65235a10127.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ccb6be5f8a61354dfff4fa9d48852fe
33b4a66a9693ca4c327c13303cb4f1aa4354b261
aa48f106bdfd580cea5f691ddf2c7e0445a30d89526355953ae9d87881ad6495
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd830c901-a7fd-448a-9a5c-b65235a10127.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15494
x-amzn-requestid: 5c6a874b-b97e-44ba-93e2-ebc4517220d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apSLZGNGoAMFrgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359fd7b-0a756fdd554b64381bf74525;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 03:39:39 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IZrTbVtjoc8LALwjuxZKdHwsRJ6EOAPwdJgdAFxYcNKdIVtVV7mSsQ==
via: 1.1 c4e77f714a7aade06aaed8bdc8b66fca.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:41 GMT
age: 66442
etag: "33b4a66a9693ca4c327c13303cb4f1aa4354b261"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bom.so/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7500403970811255:1667056047:eVv9GYj8dhiNpW-TPHBmI0kNBIk37hoh_SrWp378FZE/761d3afb29cbb4ed/6886e8046e40b70
200 OK 1.9 kB URL HTTP/1.1 bom.so/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7500403970811255:1667056047:eVv9GYj8dhiNpW-TPHBmI0kNBIk37hoh_SrWp378FZE/761d3afb29cbb4ed/6886e8046e40b70
IP
File type ASCII text, with very long lines (2492), with no line terminators
Hash 7b0ea70bb14792db0be62c2f3f36a519
1303b68c397acc49e0ba7c779d7ed26e715430c7
9665d1110622a61ee8789e748d3e461f0cb9454b5e8e9b305b00d49ec6a7befe
Analyzer Verdict Alert quad9 Sinkholed
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.7500403970811255:1667056047:eVv9GYj8dhiNpW-TPHBmI0kNBIk37hoh_SrWp378FZE/761d3afb29cbb4ed/6886e8046e40b70 HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/MVGTDs
Content-type: application/x-www-form-urlencoded
CF-Challenge: 6886e8046e40b70
Content-Length: 16648
Origin: http://bom.so
Connection: keep-alive
Cookie: cf_chl_prog=b
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 16:19:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: cf_chl_rc_m=;Expires=Fri, 28 Oct 2022 16:19:06 GMT;SameSite=Strict
cf_chl_out: 3JRBDvHLldI+T2eUoeN57rlQ2IBioCQ++ktH2b8o/jtySZVGZ64Pz1cQjdHW09AYU4xkVber73gxu73bx/AUPQ==$Ub7AVgfzmRKuxOmwePwJbw==
cf_chl_out_s: jwrzp5DUCbAY/GamybinhPoTcdfCrSqMHug0HWT++EML9IY5xCQwg+Qvlj/cDpYqhFH9UhzPT4dHEtXmuSJDcB/b0Dlyv2lnkLdUGF+NN5Y8AL9y4bJ5RDm/hN0T2t+aEwXnZcb3lU+A5k++r1IaFyyVWnQrrO1W4j0XDWpp4XA3y9oTp9MUub8iEJerZpdp$W8vsDyVdPw/HpFHocbpOlQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY9VIaaiD0m0%2FsQ2%2FXPczFTdJPJQxOlVIQMcgQTziyQMg9OH8SHlWcMzsLo3%2Bn1wxp%2B7jMUth%2FLDTTRpBMvy9mTT87cajfGZeDlUQxo8DQxumK3Qi4NJrU0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 761d3b1a58aeb51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
bom.so/MVGTDs
301 Moved Permanently 1.3 kB IP
Hash 9295ccdc6cbb61267cac5712ec361389
937e12aa33d26882327cf0d3ed4837252ba26f21
5f88a79bb55f8a98e43f1a6a661d249a84c0f0cf23d9c983f165f50aa7ba2538
Analyzer Verdict Alert quad9 Sinkholed
POST /MVGTDs HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bom.so/MVGTDs?__cf_chl_tk=eYOllDgFiWuH_BU.dNRxWDBLToQpHFZTe._P8DxTbpA-1667060340-0-gaNycGzNAv0
Content-Type: application/x-www-form-urlencoded
Content-Length: 1687
Origin: http://bom.so
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 29 Oct 2022 16:19:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=92e5ebc331fbec93317e2120de014655f75d962c-1667060346-0-250; path=/; expires=Sun, 29-Oct-23 17:19:06 GMT; domain=.bom.so; HttpOnly
Location: https://bom.so/MVGTDs
X-Powered-By: VPSSIM
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35fXln0mSEA6%2BbPqxZbVrQ5wiPugjy4NM1QzLB3xjQ1t%2Fy%2B%2BWv5v09l8oUFrCFIdGFL5NZ4QdowqiPZBNieVRvD1R9eNVtA9bqgAap4xwHQhsLb6dRlr8yg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 761d3b1b8a1cb51b-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 97a5c462c0d85d9a087756f4e1ab1e14
8138ddb891d6fbf47b1598ff62eda9432e402754
24b0a78b7d79fae2f766b00783ea419c11f2b04b14989c232054854c90d28b8a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "24B0A78B7D79FAE2F766B00783EA419C11F2B04B14989C232054854C90D28B8A"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7434
Expires: Sat, 29 Oct 2022 18:23:00 GMT
Date: Sat, 29 Oct 2022 16:19:06 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 97a5c462c0d85d9a087756f4e1ab1e14
8138ddb891d6fbf47b1598ff62eda9432e402754
24b0a78b7d79fae2f766b00783ea419c11f2b04b14989c232054854c90d28b8a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "24B0A78B7D79FAE2F766B00783EA419C11F2B04B14989C232054854C90D28B8A"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7434
Expires: Sat, 29 Oct 2022 18:23:00 GMT
Date: Sat, 29 Oct 2022 16:19:06 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash e9f9a60cf191f62909b7d103e05425af
b51b94cfd02f959d316b8876af19bcdc0bdbc6c9
d4663596e2625c006608aea2ace4bc2be30b1c8d4f7ae6df33c038eb6dcbb122
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5446
Cache-Control: max-age=154491
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 16:19:06 GMT
Etag: "635cf5af-117"
Expires: Mon, 31 Oct 2022 11:13:57 GMT
Last-Modified: Sat, 29 Oct 2022 09:43:11 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
bom.so/favicon.ico
403 Forbidden 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bom.so/MVGTDs
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 29 Oct 2022 16:19:06 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlWV8aXHshRDbIatLECFsRQhflla86suejnbrHXqITI6QOdXWGvHIKPeAeBkflqHlh9oB9Nqf1bW6kYpFQBDj2mzfqEv3ThSVChqF7TE1uEGTrB7N5dLJug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 761d3b1dfd91b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 29 Oct 2022 16:19:06 GMT
content-type: application/javascript
cf-ray: 761d3b1ebb25b51d-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"5ab4b08736cc84a24e057a5ac94d054f"
last-modified: Wed, 26 Oct 2022 15:08:23 GMT
strict-transport-security: max-age=0
via: 1.1 3529bf84e9522012233c3dd2a59fdfe8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: VBvmFlsJ1wGmcIk6P4MJZX1kOXc_C3-M0GyB5OTcQh7SU2QL91Nfxg==
x-amz-cf-pop: ARN1-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 29 Oct 2022 16:19:01 GMT
content-type: application/javascript
cf-ray: 761d3affb8100b3d-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"5ab4b08736cc84a24e057a5ac94d054f"
last-modified: Wed, 26 Oct 2022 15:08:23 GMT
strict-transport-security: max-age=0
via: 1.1 3529bf84e9522012233c3dd2a59fdfe8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: VBvmFlsJ1wGmcIk6P4MJZX1kOXc_C3-M0GyB5OTcQh7SU2QL91Nfxg==
x-amz-cf-pop: ARN1-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
bom.so/MVGTDs
403 Forbidden 0 B IP
GET /MVGTDs HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sat, 29 Oct 2022 16:19:06 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVlQ96TwqoWBVIfscWLJwSemTvtcgp%2BPX3fcYC7dlj5%2FDFM7n2eWlqCaBtOSRhzvfUB2Qx8WSGhXduOTizWdqFv888%2B6E3MNjzUNXug7wMndWu07X2WIe80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 761d3b1d9d23b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bom.so/cdn-cgi/styles/challenges.css
200 OK 0 B URL HTTP/2 bom.so/cdn-cgi/styles/challenges.css
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: bom.so
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bom.so/MVGTDs
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 29 Oct 2022 16:19:06 GMT
content-type: text/css
last-modified: Wed, 26 Oct 2022 23:39:16 GMT
etag: W/"6359c524-1896"
server: cloudflare
cf-ray: 761d3b1dfd8fb4f4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 29 Oct 2022 18:19:06 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2
104.26.7.214
104.18.7.185
23.36.77.32
93.184.220.29