Overview

URL magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
IP208.113.172.25
ASNDREAMHOST-AS
Location United States
Report completed2022-07-06 16:09:15 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed
2022-07-06 2 magicalmindsstudio.com Sinkholed


Files

No files detected



Passive DNS (17)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-07-06 04:41:34 UTC 23.36.77.32
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] connect.facebook.net (2) 139 2013-09-20 12:03:21 UTC 2022-07-06 04:42:41 UTC 157.240.200.14
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.100
[Mnemonic Passive DNS] magicalmindsstudio.com (56) 0 No data No data 208.113.172.25 Unknown ranking
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-06 04:55:23 UTC 54.230.111.99
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-06 04:47:23 UTC 34.208.34.131
[Mnemonic Passive DNS] fonts.googleapis.com (2) 8877 2017-01-30 04:59:43 UTC 2019-10-16 05:12:41 UTC 142.250.74.10
[Mnemonic Passive DNS] fonts.gstatic.com (4) 0 2017-01-30 04:59:51 UTC 2022-07-06 04:41:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.118
[Mnemonic Passive DNS] ocsp.digicert.com (3) 86 2012-11-29 12:49:49 UTC 2022-07-06 12:49:14 UTC 93.184.220.29
[Mnemonic Passive DNS] maxcdn.bootstrapcdn.com (1) 724 2017-01-30 05:00:47 UTC 2021-03-05 11:52:46 UTC 104.18.11.207
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-06 15:18:09 UTC 34.120.237.76
[Mnemonic Passive DNS] l.sharethis.com (1) 4794 2017-01-30 04:58:44 UTC 2022-07-06 06:59:31 UTC 3.120.20.111
[Mnemonic Passive DNS] ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-07-06 04:42:12 UTC 142.250.74.3
[Mnemonic Passive DNS] platform-api.sharethis.com (1) 5118 2017-01-29 11:44:16 UTC 2021-08-11 08:52:34 UTC 54.230.111.65
[Mnemonic Passive DNS] buttons-config.sharethis.com (1) 6006 2017-05-04 09:18:15 UTC 2022-07-06 07:24:44 UTC 54.230.111.11


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 208.113.172.25

Date UQ / IDS / BL URL IP
2022-07-19 15:28:02 +0000
0 - 0 - 58 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-07-16 16:01:41 +0000
0 - 0 - 58 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-07-09 15:35:40 +0000
0 - 0 - 59 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-06-26 16:15:48 +0000
0 - 0 - 58 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-06-17 04:14:50 +0000
0 - 0 - 57 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-06-09 17:29:57 +0000
0 - 0 - 58 https://magicalmindsstudio.com/BlMDt-Ad5GQb81 (...) 208.113.172.25
2022-06-06 16:09:00 +0000
0 - 0 - 62 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-06-03 02:23:35 +0000
0 - 0 - 58 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2018-12-20 05:36:44 +0100
0 - 0 - 2 www.magicalmindsstudio.com/BlMDt-Ad5GQb81w_ck (...) 208.113.172.25
2018-12-20 05:36:41 +0100
0 - 0 - 2 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25

Last 10 reports on ASN: DREAMHOST-AS

Date UQ / IDS / BL URL IP
2022-08-19 00:15:14 +0000
0 - 0 - 2 www.easyprotocols.com/blog2/mXyTuU7Iog67cqYYJ/ 208.113.170.14
2022-08-18 23:52:35 +0000
0 - 0 - 2 https://benconry.com/wp-includes/eUXuRrm1G6bRZ/ 69.163.165.96
2022-08-18 23:45:17 +0000
0 - 0 - 1 www.davidludlow.com/KYM/UYruujsiC2YXaBBSSl7/ 208.97.189.155
2022-08-18 23:45:10 +0000
0 - 0 - 2 hcsnet.com.br/wp-content/zvPeH/ 69.163.157.137
2022-08-18 23:44:59 +0000
0 - 0 - 1 www.hellojohnwebb.com/TMkGx6CJ5WWoFnH8t6eAQ8E91/ 69.163.217.127
2022-08-18 23:44:54 +0000
0 - 0 - 1 www.hellojohnwebb.com/TMkGx6CJ5WWoFnH8t6eAQ8E (...) 69.163.217.127
2022-08-18 23:44:13 +0000
0 - 0 - 2 bethelmbcarvada.org/EZTracker_Errors/9Pbi1J2/ 208.97.177.194
2022-08-18 23:36:23 +0000
0 - 0 - 2 hcsnet.com.br/wp-content/emmK/ 69.163.157.137
2022-08-18 23:28:21 +0000
0 - 0 - 2 mepstein.com/wp-admin/SJKyWuS8YYcU7GNWHmjR/ 69.163.217.207
2022-08-18 23:17:42 +0000
0 - 0 - 2 https://benconry.com/wp-includes/a/ 69.163.165.96

Last 10 reports on domain: magicalmindsstudio.com

Date UQ / IDS / BL URL IP
2022-07-19 15:28:02 +0000
0 - 0 - 58 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-07-16 16:01:41 +0000
0 - 0 - 58 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-07-09 15:35:40 +0000
0 - 0 - 59 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-06-26 16:15:48 +0000
0 - 0 - 58 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-06-17 04:14:50 +0000
0 - 0 - 57 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-06-09 17:29:57 +0000
0 - 0 - 58 https://magicalmindsstudio.com/BlMDt-Ad5GQb81 (...) 208.113.172.25
2022-06-06 16:09:00 +0000
0 - 0 - 62 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2022-06-03 02:23:35 +0000
0 - 0 - 58 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25
2018-12-20 05:36:44 +0100
0 - 0 - 2 www.magicalmindsstudio.com/BlMDt-Ad5GQb81w_ck (...) 208.113.172.25
2018-12-20 05:36:41 +0100
0 - 0 - 2 magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-v (...) 208.113.172.25


JavaScript

Executed Scripts (64)


Executed Evals (6)

#1 JavaScript::Eval (size: 64, repeated: 1) - SHA256: ac922c8d9e8eeb893aae328f514bfc6249e94faf2b61244ea56397c77d59113f

                                        0,
function(b, H, V) {
    (H = (V = (H = W(b), W(b)), b.u[H] && F(H, b)), v)(V, b, H)
}
                                    

#2 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 76bb653f0bb4f3f0de8c5fa02fe9f0a6962895bf7772d4d2747c33e36e1abcb8

                                        0,
function(b) {
    sd(b, 2)
}
                                    

#3 JavaScript::Eval (size: 9, repeated: 1) - SHA256: 35b80fac5a14dd409097f3e0edf59469db3e52e72847ac1decb1a24f54b72417

                                        618342051
                                    

#4 JavaScript::Eval (size: 15513, repeated: 1) - SHA256: 5b0fe7d05524f8a276474d18dd47b09305a0b8e0a296394c903fb0febe1c41ab

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var C = function(g, b) {
            if (!(g = (b = null, a.trustedTypes), g) || !g.createPolicy) return b;
            try {
                b = g.createPolicy("bg", {
                    createHTML: V,
                    createScript: V,
                    createScriptURL: V
                })
            } catch (O) {
                a.console && a.console.error(O.message)
            }
            return b
        },
        a = this || self,
        V = function(g) {
            return g
        };
    (0, eval)(function(g, b) {
        return (b = C()) && 1 === g.eval(b.createScript("1")) ? function(O) {
            return b.createScript(O)
        } : function(O) {
            return "" + O
        }
    }(a)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var P=function(g,O,a,C,k){for(k=(O=a=(g=g.replace(/\\r\\n/g,"\\n"),0),[]);O<g.length;O++)C=g.charCodeAt(O),128>C?k[a++]=C:(2048>C?k[a++]=C>>6|192:(55296==(C&64512)&&O+1<g.length&&56320==(g.charCodeAt(O+1)&64512)?(C=65536+((C&1023)<<10)+(g.charCodeAt(++O)&1023),k[a++]=C>>18|240,k[a++]=C>>12&63|128):k[a++]=C>>12|224,k[a++]=C>>6&63|128),k[a++]=C&63|128);return k},G=function(g,O,a){a=this;try{gi(this,O,g)}catch(C){y(C,this),g(function(k){k(a.C)})}},z,bB=function(g,O){if(g=null,O=n.trustedTypes,!O||!O.createPolicy)return g;try{g=O.createPolicy("bg",{createHTML:m,createScript:m,createScriptURL:m})}catch(a){n.console&&n.console.error(a.message)}return g},Od=function(g,O,a,C,k){for(g=g[k=(C=0,g[2])|0,3]|0;14>C;C++)g=g>>>8|g<<24,a=a>>>8|a<<24,a+=O|0,O=O<<3|O>>>29,a^=k+51,O^=a,g+=k|0,g^=C+51,k=k<<3|k>>>29,k^=g;return[O>>>24&255,O>>>16&255,O>>>8&255,O>>>0&255,a>>>24&255,a>>>16&255,a>>>8&255,a>>>0&255]},aV=function(g,O,a){if((O=typeof g,"object")==O)if(g){if(g instanceof Array)return"array";if(g instanceof Object)return O;if(a=Object.prototype.toString.call(g),"[object Window]"==a)return"object";if("[object Array]"==a||"number"==typeof g.length&&"undefined"!=typeof g.splice&&"undefined"!=typeof g.propertyIsEnumerable&&!g.propertyIsEnumerable("splice"))return"array";if("[object Function]"==a||"undefined"!=typeof g.call&&"undefined"!=typeof g.propertyIsEnumerable&&!g.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==O&&"undefined"==typeof g.call)return"object";return O},m=function(g){return g},Vo=function(g,O,a){if(3==g.length){for(a=0;3>a;a++)O[a]+=g[a];for(a=(g=[13,8,13,12,16,5,3,10,15],0);9>a;a++)O[3](O,a%3,g[a])}},eA=function(g,O,a,C,k){return{invoke:(C=C2(g,function(b){a&&(O&&D(O),k=b,a(),a=void 0)},(k=void 0,a=function(){},!!O))[0],function(b,H,V,e,r){if(!H)return H=C(V),b&&b(H),H;e=function(){k(function(R){D(function(){b(R)})},V)},k?e():(r=a,a=function(){(r(),D)(e)})})}},HB=function(g,O,a,C){try{C=g[((O|0)+2)%3],g[O]=(g[O]|0)-(g[((O|0)+1)%3]|0)-(C|0)^(1==O?C<<a:C>>>a)}catch(k){throw k;}},X=function(g,O){for(O=[];g--;)O.push(255*Math.random()|0);return O},n=this||self,C2=function(g,O,a,C){return(C=z[g.substring(0,3)+"_"])?C(g.substring(3),O,a):k2(O,g)},D=n.requestIdleCallback?function(g){requestIdleCallback(function(){g()},{timeout:4})}:n.setImmediate?function(g){setImmediate(g)}:function(g){setTimeout(g,0)},PB=function(g,O){(O.push(g[0]<<24|g[1]<<16|g[2]<<8|g[3]),O.push(g[4]<<24|g[5]<<16|g[6]<<8|g[7]),O).push(g[8]<<24|g[9]<<16|g[10]<<8|g[11])},k2=function(g,O){return[(g(function(a){a(O)}),function(){return O})]},Z={passive:true,capture:true},yo=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),GV=[],y=function(g,O){O.C=((O.C?O.C+"~":"E:")+g.message+":"+g.stack).slice(0,2048)},w={},ri=((G.prototype.CK=false,G.prototype).E9=void 0,[]),u=(G.prototype.g=(G.prototype.jL=void 0,"toString"),[]),RV=[],gi=function(g,O,a,C,k){for(k=(g.Ns=(g.l=hm((g.ab=(g.U9=Jm,g.fK=$2,g[f]),{get:function(){return this.concat()}}),g.A),c[g.A](g.l,{value:{value:{}}})),0),C=[];128>k;k++)C[k]=String.fromCharCode(k);((((((((((((((g.GB=((((((((((((((v(289,(g.Ib=(g.I=void 0,g.D=[],g.C=((g.Y=0,g.V=25,g.K=(k=window.performance||{},g.Z=g,g.h=void 0,(g.Qo=false,g).o=(g.P=0,(g.X=1,g.H=(g.B=0,[]),g.O=0,(g.U=(g.s=void 0,void 0),g).j=[],g.u=[],g).c5=(g.uK=function(b){this.Z=b},g.L=false,[]),void 0),0),g.R=0,g).v=void 0,g.S=null,void 0),g.N=[],g.J=8001,g.SL=0,k.timeOrigin)||(k.timing||{}).navigationStart||0,g),0),v)(28,g,0),v(47,g,function(b){Ed(b,4)}),v(476,g,function(b,H,V,e){(e=(V=(H=W(b),W(b)),W(b)),b).Z==b&&(e=F(e,b),V=F(V,b),F(H,b)[V]=e,367==H&&(b.o=void 0,2==V&&(b.U=Q(32,b,false),b.o=void 0)))}),v(228,g,function(b,H){H=F(W(b),b),n2(b.Z,H)}),v)(374,g,function(b,H,V,e){(e=(V=W(b),p(b)),H=W(b),v)(H,b,F(V,b)>>>e)}),v)(216,g,function(b){m9(b,4)}),v)(277,g,function(b,H,V,e,r,R){if(!t(true,H,b,true)){if("object"==(b=(R=(V=(R=(e=(H=(V=W(b),W(b)),W(b)),W(b)),H=F(H,b),F)(V,b),F(R,b)),F(e,b)),aV(V))){for(r in e=[],V)e.push(r);V=e}for(e=(r=(b=0<b?b:1,V).length,0);e<r;e+=b)H(V.slice(e,(e|0)+(b|0)),R)}}),v(443,g,function(b,H,V,e,r){for(V=(e=(H=(r=W(b),Db(b)),[]),0);V<H;V++)e.push(p(b));v(r,b,e)}),v(282,g,function(b,H,V){(H=0!=(H=W(b),V=W(b),F)(H,b),V=F(V,b),H)&&v(289,b,V)}),v)(288,g,function(b,H,V,e,r,R){t(false,H,b,true)||(V=qF(b.Z),H=V.ZT,R=V.i,e=V.W,V=V.Ms,r=e.length,R=0==r?new V[R]:1==r?new V[R](e[0]):2==r?new V[R](e[0],e[1]):3==r?new V[R](e[0],e[1],e[2]):4==r?new V[R](e[0],e[1],e[2],e[3]):2(),v(H,b,R))}),v)(360,g,function(b,H,V){t(false,H,b,true)||(H=W(b),V=W(b),v(V,b,function(e){return eval(e)}(zV(F(H,b.Z)))))}),v(67,g,function(b,H,V){(V=(H=W(b),W(b)),v)(V,b,""+F(H,b))}),v(44,g,function(b,H,V){V=aV((V=(H=(V=W(b),W)(b),F(V,b)),V)),v(H,b,V)}),v)(10,g,[160,0,0]),v)(102,g,function(b){sd(b,4)}),v)(116,g,2048),v)(468,g,function(b){Ed(b,3)}),v)(13,g,function(b,H,V,e){!t(false,H,b,true)&&(H=qF(b),V=H.Ms,e=H.i,b.Z==b||e==b.uK&&V==b)&&(v(H.ZT,b,e.apply(V,H.W)),b.B=b.T())}),v)(236,g,function(b,H,V,e){H=(V=W(b),W)(b),e=W(b),v(e,b,F(V,b)||F(H,b))}),v)(452,g,g),0),v(334,g,function(b,H,V,e,r){r=(H=(V=(H=(r=(e=W(b),W(b)),W)(b),V=W(b),F)(V,b),F)(H,b),F)(r,b),e=F(e,b.Z),0!==e&&(V=Ud(V,1,b,H,e,r),e.addEventListener(r,V,Z),v(255,b,[e,r,V]))}),v(55,g,function(b,H,V,e){(e=(H=(V=W(b),W(b)),W(b)),H=F(H,b),V=F(V,b),v)(e,b,V in H|0)}),v)(434,g,function(b,H,V,e){H=(V=(e=W(b),W(b)),F(V,b)),e=F(e,b),v(V,b,H+e)}),v)(179,g,function(b,H,V,e,r){(r=(H=(V=(r=(H=(e=W(b),W(b)),V=W(b),W(b)),F)(V,b),F(H,b)),F(r,b)),v)(e,b,Ud(V,r,b,H))}),v(45,g,function(b){m9(b,1)}),g).hG=0,v(227,g,[0,0,0]),v)(191,g,X(4)),v(177,g,466),v)(213,g,{}),v(255,g,0),v)(223,g,function(b,H,V,e,r,R,J){for(R=(e=(V=W(b),Db(b)),""),H=F(139,b),J=H.length,r=0;e--;)r=((r|0)+(Db(b)|0))%J,R+=C[H[r]];v(V,b,R)}),v)(73,g,function(b,H,V,e){if(e=b.c5.pop()){for(H=p(b);0<H;H--)V=W(b),e[V]=b.u[V];(e[116]=(e[501]=b.u[501],b.u)[116],b).u=e}else v(289,b,b.R)}),v(370,g,function(b,H,V,e){V=(e=(H=(V=(e=W(b),W(b)),W(b)),F(e,b)),F(V,b)),v(H,b,e[V])}),v)(501,g,[]),v(503,g,n),v)(398,g,0),v(283,g,[]),g.eL=0,v(444,g,function(){}),v(304,g,function(b,H){(b=(H=W(b),F(H,b)),b)[0].removeEventListener(b[1],b[2],Z)}),v)(189,g,function(b,H,V,e,r,R,J,E,h,A,U,M,K){for(h=(V=(H=(J=(e=r=(K=W(b),0),function(q,x){for(;e<q;)r|=p(b)<<e,e+=8;return r>>=(x=r&(1<<q)-(e-=q,1),q),x}),(J(3)|0)+1),R=J(5),A=0),[]);V<R;V++)M=J(1),h.push(M),A+=M?0:1;for(U=(V=(A=((A|0)-1).toString(2).length,0),[]);V<R;V++)h[V]||(U[V]=J(A));for(J=0;J<R;J++)h[J]&&(U[J]=W(b));for(E=[];H--;)E.push(F(W(b),b));v(K,b,function(q,x,d,T,Y){for(T=(x=(d=[],[]),0);T<R;T++){if(!(Y=U[T],h[T])){for(;Y>=d.length;)d.push(W(q));Y=d[Y]}x.push(Y)}q.I=oV(E.slice(),q),q.h=oV(x,q)})}),v)(25,g,function(b,H,V,e){(e=(H=(V=(e=W(b),H=W(b),W(b)),F(H,b)),F)(e,b)==H,v)(V,b,+e)}),N)(g,[GV]),N)(g,[L,O]),N)(g,[MF,a]),S(g,true,true)},MF=[],f=[],XL=[],L=[],qF=(((((PB,function(){})(X),function(){})(HB),function(){})(Vo),G.prototype).A="create",function(g,O,a,C,k,b){for(C=(O=((b=W((k=g[yo]||{},g)),k).ZT=W(g),k.W=[],a=g.Z==g?(p(g)|0)-1:1,W(g)),0);C<a;C++)k.W.push(W(g));for((k.i=F(b,g),k).Ms=F(O,g);a--;)k.W[a]=F(k.W[a],g);return k}),Ud=(G.prototype.yo=function(g,O,a,C,k){for(C=k=0;k<g.length;k++)C+=g.charCodeAt(k),C+=C<<10,C^=C>>6;return(g=(C+=C<<3,C^=C>>11,C+(C<<15)>>>0),k=new Number(g&(1<<O)-1),k)[0]=(g>>>O)%a,k},G.prototype.T=(window.performance||{}).now?function(){return this.Ib+window.performance.now()}:function(){return+new Date},function(g,O,a,C,k,b,H){return H=function(){if(a.Z==a){if(a.u){var V=[XL,C,g,void 0,k,b,arguments];if(2==O)var e=(N(a,V),S)(a,false,false);else if(1==O){var r=!a.N.length;N(a,V),r&&S(a,false,false)}else e=Am(V,a);return e}k&&b&&k.removeEventListener(b,H,Z)}}}),wi=function(g,O,a,C,k,b,H,V){return(b=c[O.A]((C=[0,24,53,-28,79,71,C,(k=a&7,H=Zb,12),73,-10],O.l)),b)[O.A]=function(e){V=(k+=6+7*a,e),k&=7},b.concat=function(e){return(V=(e=-1715*(e=g%16+1,V)+2*g*g*e-e*V-1176*g*V-98*g*g*V+C[k+67&7]*g*e+49*V*V+k+(H()|0)*e,void 0),e=C[e],C)[(k+77&7)+(a&2)]=e,C[k+(a&2)]=24,e},b},c=w.constructor,oV=function(g,O,a){return((a=c[O.A](O.Ns),a)[O.A]=function(){return g},a).concat=function(C){g=C},a},F=function(g,O){if((O=O.u[g],void 0)===O)throw[w,30,g];if(O.value)return O.create();return O.create(2*g*g+24*g+35),O.prototype},uB=function(g,O){return g[O]<<24|g[(O|0)+1]<<16|g[(O|0)+2]<<8|g[(O|0)+3]},W=(G.prototype.W5=function(g,O,a,C,k,b){for(b=k=(a=[],0);b<g.length;b++)for(k+=O,C=C<<O|g[b];7<k;)k-=8,a.push(C>>k&255);return a},function(g,O){if(g.I)return x2(g,g.h);return(O=Q(8,g,true),O)&128&&(O^=128,g=Q(2,g,true),O=(O<<2)+(g|0)),O}),v=function(g,O,a){367==(289==g||28==g?O.u[g]?O.u[g].concat(a):O.u[g]=oV(a,O):10==g||191==g||283==g||501==g||227==g?O.u[g]||(O.u[g]=wi(g,O,94,a)):O.u[g]=wi(g,O,57,a),g)&&(O.U=Q(32,O,false),O.o=void 0)},p=(G.prototype.AG=(G.prototype.F=function(g,O,a,C,k){if((a="array"===aV(a)?a:[a],this).C)g(this.C);else try{C=[],k=!this.N.length,N(this,[u,C,a]),N(this,[f,g,C]),O&&!k||S(this,true,O)}catch(b){y(b,this),g(this.C)}},function(g,O,a){return g^((O=(O^=O<<13,O^=O>>17,O^O<<5)&a)||(O=1),O)}),function(g){return g.I?x2(g,g.h):Q(8,g,true)}),x2=function(g,O){return(O=O.create().shift(),g.I.create().length||g.h.create().length)||(g.I=void 0,g.h=void 0),O},hm=(G.prototype.ob=function(){return Math.floor(this.T())},function(g,O){return c[O](c.prototype,{console:g,floor:g,document:g,stack:g,prototype:g,pop:g,length:g,parent:g,propertyIsEnumerable:g,splice:g,replace:g,call:g})}),Zb=void 0,Am=function(g,O,a,C,k){if((k=g[0],k)==u)O.V=25,O.G(g);else if(k==f){C=g[1];try{a=O.C||O.G(g)}catch(b){y(b,O),a=O.C}C(a)}else if(k==ri)O.G(g);else if(k==L)O.G(g);else if(k==MF){try{for(a=0;a<O.H.length;a++)try{C=O.H[a],C[0][C[1]](C[2])}catch(b){}}catch(b){}(0,g[1])(function(b,H){O.F(b,true,H)},(O.H=[],function(b){(N(O,(b=!O.N.length,[RV])),b)&&S(O,false,true)}))}else{if(k==XL)return a=g[2],v(311,O,g[6]),v(213,O,a),O.G(g);k==RV?(O.D=[],O.u=null,O.j=[]):k==GV&&"loading"===n.document.readyState&&(O.S=function(b,H,V){n.document.addEventListener((V=(H=false,function(){H||(H=true,b())}),"DOMContentLoaded"),V,Z),n.addEventListener("load",V,Z)})}},l=function(g,O,a,C,k,b){if(3<((a=((b=F(501,(C=void 0,O&&O[0]===w&&(a=O[1],C=O[2],O=void 0),g)),0)==b.length&&(k=F(28,g)>>3,b.push(a,k>>8&255,k&255),void 0!=C&&b.push(C&255)),""),O)&&(O.message&&(a+=O.message),O.stack&&(a+=":"+O.stack)),O=F(116,g),O)){C=(a=(a=a.slice(0,(O|0)-3),O-=(a.length|0)+3,P(a)),g).Z,g.Z=g;try{B(191,g,I(a.length,2).concat(a),9)}finally{g.Z=C}}v(116,g,O)},B=function(g,O,a,C,k,b){if(O.Z==O)for(k=F(g,O),191==g?(g=function(H,V,e,r){if((e=(V=k.length,V|0)-4>>3,k.xr)!=e){e=(r=[0,0,(k.xr=e,b[1]),b[2]],(e<<3)-4);try{k.kr=Od(r,uB(k,e),uB(k,(e|0)+4))}catch(R){throw R;}}k.push(k.kr[V&7]^H)},b=F(227,O)):g=function(H){k.push(H)},C&&g(C&255),O=0,C=a.length;O<C;O++)g(a[O])},I=(G.prototype.TB=function(){return Math.floor(this.Y+(this.T()-this.O))},function(g,O,a,C){for(C=(a=(O|0)-1,[]);0<=a;a--)C[(O|0)-1-(a|0)]=g>>8*a&255;return C}),cB=function(g,O,a,C){return(((C=F(289,O),O.j&&C<O.R)?(v(289,O,O.R),n2(O,g)):v(289,O,g),f2)(O,a),v)(289,O,C),F(213,O)},n2=function(g,O){(g.c5.push(g.u.slice()),g).u[289]=void 0,v(289,g,O)},N=function(g,O){g.N.splice(0,0,O)},Q=function(g,O,a,C,k,b,H,V,e,r,R,J,E,h){if((h=F(289,O),h)>=O.R)throw[w,31];for(C=(r=(H=h,0),O.ab.length),J=g;0<J;)b=H>>3,R=O.j[b],V=H%8,E=8-(V|0),E=E<J?E:J,a&&(e=O,e.o!=H>>6&&(e.o=H>>6,k=F(367,e),e.v=Od([0,0,k[1],k[2]],e.U,e.o)),R^=O.v[b&C]),r|=(R>>8-(V|0)-(E|0)&(1<<E)-1)<<(J|0)-(E|0),J-=E,H+=E;return v(289,O,(a=r,(h|0)+(g|0))),a},Db=function(g,O){return(O=p(g),O)&128&&(O=O&127|p(g)<<7),O},f2=function(g,O,a,C,k,b){if(!g.C){g.P++;try{for(C=(k=(b=void 0,g.R),0);--O;)try{if((a=void 0,g).I)b=x2(g,g.I);else{if((C=F(289,g),C)>=k)break;b=(a=(v(28,g,C),W(g)),F(a,g))}(b&&b.call?b(g,O):l(g,[w,21,a],0),t)(false,O,g,false)}catch(H){F(177,g)?l(g,H,22):v(177,g,H)}if(!O){if(g.CK){f2(g,(g.P--,536963536053));return}l(g,[w,33],0)}}catch(H){try{l(g,H,22)}catch(V){y(V,g)}}g.P--}},Ed=(((G.prototype.G=function(g,O){return O=(g={},{}),Zb=function(){return O==g?35:45},function(a,C,k,b,H,V,e,r,R,J,E,h,A,U,M){O=(R=O,g);try{if(r=a[0],r==L){A=a[1];try{for(h=(M=(b=atob(A),0),C=[],0);h<b.length;h++)V=b.charCodeAt(h),255<V&&(C[M++]=V&255,V>>=8),C[M++]=V;v((this.R=(this.j=C,this.j).length<<3,367),this,[0,0,0])}catch(K){l(this,K,17);return}f2(this,8001)}else if(r==u)a[1].push(F(116,this),F(191,this).length,F(10,this).length,F(283,this).length),v(213,this,a[2]),this.u[107]&&cB(F(107,this),this,8001);else{if(r==f){this.Z=(J=(H=I((F((C=a[2],10),this).length|0)+2,2),this).Z,this);try{U=F(501,this),0<U.length&&B(10,this,I(U.length,2).concat(U),10),B(10,this,I(this.X,1),109),B(10,this,I(this[f].length,1)),b=0,b-=(F(10,this).length|0)+5,b+=F(398,this)&2047,E=F(191,this),4<E.length&&(b-=(E.length|0)+3),0<b&&B(10,this,I(b,2).concat(X(b)),15),4<E.length&&B(10,this,I(E.length,2).concat(E),156)}finally{this.Z=J}if(k=(h=X(2).concat(F(10,this)),h[1]=h[0]^6,h[3]=h[1]^H[0],h[4]=h[1]^H[1],this.pK(h)))k="!"+k;else for(b=0,k="";b<h.length;b++)e=h[b][this.g](16),1==e.length&&(e="0"+e),k+=e;return(((v(116,(M=k,this),C.shift()),F(191,this)).length=C.shift(),F(10,this)).length=C.shift(),F)(283,this).length=C.shift(),M}if(r==ri)cB(a[1],this,a[2]);else if(r==XL)return cB(a[1],this,8001)}}finally{O=R}}}(),G).prototype.pK=function(g,O,a,C){if(C=window.btoa){for(a=(O="",0);a<g.length;a+=8192)O+=String.fromCharCode.apply(null,g.slice(a,a+8192));g=C(O).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else g=void 0;return g},G).prototype.wq=0,function(g,O,a,C,k){(k=(k=(O&=(a=O&3,4),W(g)),C=W(g),F)(k,g),O)&&(k=P(""+k)),a&&B(C,g,I(k.length,2)),B(C,g,k)}),m9=function(g,O,a,C){C=W(g),a=W(g),B(a,g,I(F(C,g),O))},sd=function(g,O,a,C){for(C=(a=W(g),0);0<O;O--)C=C<<8|p(g);v(a,g,C)},vB=function(g,O,a){return O.F(function(C){a=C},false,g),a},S=function(g,O,a,C,k,b){if(g.N.length){((g.L&&0(),g).L=true,g).Qo=a;try{b=g.T(),g.O=b,g.s=0,g.B=b,C=WB(a,g),k=g.T()-g.O,g.Y+=k,k<(O?0:10)||0>=g.V--||(k=Math.floor(k),g.D.push(254>=k?k:254))}finally{g.L=false}return C}},WB=(G.prototype.B5=0,G.prototype[MF]=[0,0,1,1,0,1,1],function(g,O,a,C){for(;O.N.length;){C=(O.S=null,O.N.pop());try{a=Am(C,O)}catch(k){y(k,O)}if(g&&O.S){(g=O.S,g)(function(){S(O,true,true)});break}}return a}),$2,t=function(g,O,a,C,k,b,H,V,e){if(((a.Z=(k=(e=(V=((H=0<a.K&&a.L&&a.Qo&&1>=a.P&&!a.I&&!a.S&&(!C||1<a.J-O)&&0==document.hidden,g=g?255:C?5:2,C)||a.s++,(b=4==a.s)||H?a.T():a.B),V-a.B),e>>14),a.U&&(a.U^=k*(e<<2)),k)||a.Z,a).X+=k,b)||H)a.s=0,a.B=V;if(!H||V-a.O<a.K-g)return false;return!(((H=F((a.J=O,C)?28:289,a),v(289,a,a.R),a).N.push([ri,H,C?O+1:O]),a).S=D,0)},Jm=/./,FL=L.pop.bind(G.prototype[u]),zV=function(g,O){return(O=bB())&&1===g.eval(O.createScript("1"))?function(a){return O.createScript(a)}:function(a){return""+a}}(($2=hm({get:FL},(Jm[G.prototype.g]=FL,G.prototype.A)),G.prototype.Rb=void 0,n));40<(z=n.botguard||(n.botguard={}),z.m)||(z.m=41,z.bg=eA,z.a=C2),z.NFD_=function(g,O,a){return a=new G(O,g),[function(C){return vB(C,a)}]};}).call(this);'));
}).call(this);
                                    

#5 JavaScript::Eval (size: 16190, repeated: 1) - SHA256: 0c3e7e543c166d2c8d82471976b26a128d4afab32c05d4f5d4bbd7ea3cfbf59c

                                        (function() {
    var P = function(g, O, a, C, k) {
            for (k = (O = a = (g = g.replace(/\r\n/g, "\n"), 0), []); O < g.length; O++) C = g.charCodeAt(O), 128 > C ? k[a++] = C : (2048 > C ? k[a++] = C >> 6 | 192 : (55296 == (C & 64512) && O + 1 < g.length && 56320 == (g.charCodeAt(O + 1) & 64512) ? (C = 65536 + ((C & 1023) << 10) + (g.charCodeAt(++O) & 1023), k[a++] = C >> 18 | 240, k[a++] = C >> 12 & 63 | 128) : k[a++] = C >> 12 | 224, k[a++] = C >> 6 & 63 | 128), k[a++] = C & 63 | 128);
            return k
        },
        G = function(g, O, a) {
            a = this;
            try {
                gi(this, O, g)
            } catch (C) {
                y(C, this), g(function(k) {
                    k(a.C)
                })
            }
        },
        z, bB = function(g, O) {
            if (g = null, O = n.trustedTypes, !O || !O.createPolicy) return g;
            try {
                g = O.createPolicy("bg", {
                    createHTML: m,
                    createScript: m,
                    createScriptURL: m
                })
            } catch (a) {
                n.console && n.console.error(a.message)
            }
            return g
        },
        Od = function(g, O, a, C, k) {
            for (g = g[k = (C = 0, g[2]) | 0, 3] | 0; 14 > C; C++) g = g >>> 8 | g << 24, a = a >>> 8 | a << 24, a += O | 0, O = O << 3 | O >>> 29, a ^= k + 51, O ^= a, g += k | 0, g ^= C + 51, k = k << 3 | k >>> 29, k ^= g;
            return [O >>> 24 & 255, O >>> 16 & 255, O >>> 8 & 255, O >>> 0 & 255, a >>> 24 & 255, a >>> 16 & 255, a >>> 8 & 255, a >>> 0 & 255]
        },
        aV = function(g, O, a) {
            if ((O = typeof g, "object") == O)
                if (g) {
                    if (g instanceof Array) return "array";
                    if (g instanceof Object) return O;
                    if (a = Object.prototype.toString.call(g), "[object Window]" == a) return "object";
                    if ("[object Array]" == a || "number" == typeof g.length && "undefined" != typeof g.splice && "undefined" != typeof g.propertyIsEnumerable && !g.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == a || "undefined" != typeof g.call && "undefined" != typeof g.propertyIsEnumerable && !g.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == O && "undefined" == typeof g.call) return "object";
            return O
        },
        m = function(g) {
            return g
        },
        Vo = function(g, O, a) {
            if (3 == g.length) {
                for (a = 0; 3 > a; a++) O[a] += g[a];
                for (a = (g = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > a; a++) O[3](O, a % 3, g[a])
            }
        },
        eA = function(g, O, a, C, k) {
            return {
                invoke: (C = C2(g, function(b) {
                    a && (O && D(O), k = b, a(), a = void 0)
                }, (k = void 0, a = function() {}, !!O))[0], function(b, H, V, e, r) {
                    if (!H) return H = C(V), b && b(H), H;
                    e = function() {
                        k(function(R) {
                            D(function() {
                                b(R)
                            })
                        }, V)
                    }, k ? e() : (r = a, a = function() {
                        (r(), D)(e)
                    })
                })
            }
        },
        HB = function(g, O, a, C) {
            try {
                C = g[((O | 0) + 2) % 3], g[O] = (g[O] | 0) - (g[((O | 0) + 1) % 3] | 0) - (C | 0) ^ (1 == O ? C << a : C >>> a)
            } catch (k) {
                throw k;
            }
        },
        X = function(g, O) {
            for (O = []; g--;) O.push(255 * Math.random() | 0);
            return O
        },
        n = this || self,
        C2 = function(g, O, a, C) {
            return (C = z[g.substring(0, 3) + "_"]) ? C(g.substring(3), O, a) : k2(O, g)
        },
        D = n.requestIdleCallback ? function(g) {
            requestIdleCallback(function() {
                g()
            }, {
                timeout: 4
            })
        } : n.setImmediate ? function(g) {
            setImmediate(g)
        } : function(g) {
            setTimeout(g, 0)
        },
        PB = function(g, O) {
            (O.push(g[0] << 24 | g[1] << 16 | g[2] << 8 | g[3]), O.push(g[4] << 24 | g[5] << 16 | g[6] << 8 | g[7]), O).push(g[8] << 24 | g[9] << 16 | g[10] << 8 | g[11])
        },
        k2 = function(g, O) {
            return [(g(function(a) {
                a(O)
            }), function() {
                return O
            })]
        },
        Z = {
            passive: true,
            capture: true
        },
        yo = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        GV = [],
        y = function(g, O) {
            O.C = ((O.C ? O.C + "~" : "E:") + g.message + ":" + g.stack).slice(0, 2048)
        },
        w = {},
        ri = ((G.prototype.CK = false, G.prototype).E9 = void 0, []),
        u = (G.prototype.g = (G.prototype.jL = void 0, "toString"), []),
        RV = [],
        gi = function(g, O, a, C, k) {
            for (k = (g.Ns = (g.l = hm((g.ab = (g.U9 = Jm, g.fK = $2, g[f]), {get: function() {
                        return this.concat()
                    }
                }), g.A), c[g.A](g.l, {
                    value: {
                        value: {}
                    }
                })), 0), C = []; 128 > k; k++) C[k] = String.fromCharCode(k);
            ((((((((((((((g.GB = ((((((((((((((v(289, (g.Ib = (g.I = void 0, g.D = [], g.C = ((g.Y = 0, g.V = 25, g.K = (k = window.performance || {}, g.Z = g, g.h = void 0, (g.Qo = false, g).o = (g.P = 0, (g.X = 1, g.H = (g.B = 0, []), g.O = 0, (g.U = (g.s = void 0, void 0), g).j = [], g.u = [], g).c5 = (g.uK = function(b) {
                this.Z = b
            }, g.L = false, []), void 0), 0), g.R = 0, g).v = void 0, g.S = null, void 0), g.N = [], g.J = 8001, g.SL = 0, k.timeOrigin) || (k.timing || {}).navigationStart || 0, g), 0), v)(28, g, 0), v(47, g, function(b) {
                Ed(b, 4)
            }), v(476, g, function(b, H, V, e) {
                (e = (V = (H = W(b), W(b)), W(b)), b).Z == b && (e = F(e, b), V = F(V, b), F(H, b)[V] = e, 367 == H && (b.o = void 0, 2 == V && (b.U = Q(32, b, false), b.o = void 0)))
            }), v(228, g, function(b, H) {
                H = F(W(b), b), n2(b.Z, H)
            }), v)(374, g, function(b, H, V, e) {
                (e = (V = W(b), p(b)), H = W(b), v)(H, b, F(V, b) >>> e)
            }), v)(216, g, function(b) {
                m9(b, 4)
            }), v)(277, g, function(b, H, V, e, r, R) {
                if (!t(true, H, b, true)) {
                    if ("object" == (b = (R = (V = (R = (e = (H = (V = W(b), W(b)), W(b)), W(b)), H = F(H, b), F)(V, b), F(R, b)), F(e, b)), aV(V))) {
                        for (r in e = [], V) e.push(r);
                        V = e
                    }
                    for (e = (r = (b = 0 < b ? b : 1, V).length, 0); e < r; e += b) H(V.slice(e, (e | 0) + (b | 0)), R)
                }
            }), v(443, g, function(b, H, V, e, r) {
                for (V = (e = (H = (r = W(b), Db(b)), []), 0); V < H; V++) e.push(p(b));
                v(r, b, e)
            }), v(282, g, function(b, H, V) {
                (H = 0 != (H = W(b), V = W(b), F)(H, b), V = F(V, b), H) && v(289, b, V)
            }), v)(288, g, function(b, H, V, e, r, R) {
                t(false, H, b, true) || (V = qF(b.Z), H = V.ZT, R = V.i, e = V.W, V = V.Ms, r = e.length, R = 0 == r ? new V[R] : 1 == r ? new V[R](e[0]) : 2 == r ? new V[R](e[0], e[1]) : 3 == r ? new V[R](e[0], e[1], e[2]) : 4 == r ? new V[R](e[0], e[1], e[2], e[3]) : 2(), v(H, b, R))
            }), v)(360, g, function(b, H, V) {
                t(false, H, b, true) || (H = W(b), V = W(b), v(V, b, function(e) {
                    return eval(e)
                }(zV(F(H, b.Z)))))
            }), v(67, g, function(b, H, V) {
                (V = (H = W(b), W(b)), v)(V, b, "" + F(H, b))
            }), v(44, g, function(b, H, V) {
                V = aV((V = (H = (V = W(b), W)(b), F(V, b)), V)), v(H, b, V)
            }), v)(10, g, [160, 0, 0]), v)(102, g, function(b) {
                sd(b, 4)
            }), v)(116, g, 2048), v)(468, g, function(b) {
                Ed(b, 3)
            }), v)(13, g, function(b, H, V, e) {
                !t(false, H, b, true) && (H = qF(b), V = H.Ms, e = H.i, b.Z == b || e == b.uK && V == b) && (v(H.ZT, b, e.apply(V, H.W)), b.B = b.T())
            }), v)(236, g, function(b, H, V, e) {
                H = (V = W(b), W)(b), e = W(b), v(e, b, F(V, b) || F(H, b))
            }), v)(452, g, g), 0), v(334, g, function(b, H, V, e, r) {
                r = (H = (V = (H = (r = (e = W(b), W(b)), W)(b), V = W(b), F)(V, b), F)(H, b), F)(r, b), e = F(e, b.Z), 0 !== e && (V = Ud(V, 1, b, H, e, r), e.addEventListener(r, V, Z), v(255, b, [e, r, V]))
            }), v(55, g, function(b, H, V, e) {
                (e = (H = (V = W(b), W(b)), W(b)), H = F(H, b), V = F(V, b), v)(e, b, V in H | 0)
            }), v)(434, g, function(b, H, V, e) {
                H = (V = (e = W(b), W(b)), F(V, b)), e = F(e, b), v(V, b, H + e)
            }), v)(179, g, function(b, H, V, e, r) {
                (r = (H = (V = (r = (H = (e = W(b), W(b)), V = W(b), W(b)), F)(V, b), F(H, b)), F(r, b)), v)(e, b, Ud(V, r, b, H))
            }), v(45, g, function(b) {
                m9(b, 1)
            }), g).hG = 0, v(227, g, [0, 0, 0]), v)(191, g, X(4)), v(177, g, 466), v)(213, g, {}), v(255, g, 0), v)(223, g, function(b, H, V, e, r, R, J) {
                for (R = (e = (V = W(b), Db(b)), ""), H = F(139, b), J = H.length, r = 0; e--;) r = ((r | 0) + (Db(b) | 0)) % J, R += C[H[r]];
                v(V, b, R)
            }), v)(73, g, function(b, H, V, e) {
                if (e = b.c5.pop()) {
                    for (H = p(b); 0 < H; H--) V = W(b), e[V] = b.u[V];
                    (e[116] = (e[501] = b.u[501], b.u)[116], b).u = e
                } else v(289, b, b.R)
            }), v(370, g, function(b, H, V, e) {
                V = (e = (H = (V = (e = W(b), W(b)), W(b)), F(e, b)), F(V, b)), v(H, b, e[V])
            }), v)(501, g, []), v(503, g, n), v)(398, g, 0), v(283, g, []), g.eL = 0, v(444, g, function() {}), v(304, g, function(b, H) {
                (b = (H = W(b), F(H, b)), b)[0].removeEventListener(b[1], b[2], Z)
            }), v)(189, g, function(b, H, V, e, r, R, J, E, h, A, U, M, K) {
                for (h = (V = (H = (J = (e = r = (K = W(b), 0), function(q, x) {
                        for (; e < q;) r |= p(b) << e, e += 8;
                        return r >>= (x = r & (1 << q) - (e -= q, 1), q), x
                    }), (J(3) | 0) + 1), R = J(5), A = 0), []); V < R; V++) M = J(1), h.push(M), A += M ? 0 : 1;
                for (U = (V = (A = ((A | 0) - 1).toString(2).length, 0), []); V < R; V++) h[V] || (U[V] = J(A));
                for (J = 0; J < R; J++) h[J] && (U[J] = W(b));
                for (E = []; H--;) E.push(F(W(b), b));
                v(K, b, function(q, x, d, T, Y) {
                    for (T = (x = (d = [], []), 0); T < R; T++) {
                        if (!(Y = U[T], h[T])) {
                            for (; Y >= d.length;) d.push(W(q));
                            Y = d[Y]
                        }
                        x.push(Y)
                    }
                    q.I = oV(E.slice(), q), q.h = oV(x, q)
                })
            }), v)(25, g, function(b, H, V, e) {
                (e = (H = (V = (e = W(b), H = W(b), W(b)), F(H, b)), F)(e, b) == H, v)(V, b, +e)
            }), N)(g, [GV]), N)(g, [L, O]), N)(g, [MF, a]), S(g, true, true)
        },
        MF = [],
        f = [],
        XL = [],
        L = [],
        qF = (((((PB, function() {})(X), function() {})(HB), function() {})(Vo), G.prototype).A = "create", function(g, O, a, C, k, b) {
            for (C = (O = ((b = W((k = g[yo] || {}, g)), k).ZT = W(g), k.W = [], a = g.Z == g ? (p(g) | 0) - 1 : 1, W(g)), 0); C < a; C++) k.W.push(W(g));
            for ((k.i = F(b, g), k).Ms = F(O, g); a--;) k.W[a] = F(k.W[a], g);
            return k
        }),
        Ud = (G.prototype.yo = function(g, O, a, C, k) {
            for (C = k = 0; k < g.length; k++) C += g.charCodeAt(k), C += C << 10, C ^= C >> 6;
            return (g = (C += C << 3, C ^= C >> 11, C + (C << 15) >>> 0), k = new Number(g & (1 << O) - 1), k)[0] = (g >>> O) % a, k
        }, G.prototype.T = (window.performance || {}).now ? function() {
            return this.Ib + window.performance.now()
        } : function() {
            return +new Date
        }, function(g, O, a, C, k, b, H) {
            return H = function() {
                if (a.Z == a) {
                    if (a.u) {
                        var V = [XL, C, g, void 0, k, b, arguments];
                        if (2 == O) var e = (N(a, V), S)(a, false, false);
                        else if (1 == O) {
                            var r = !a.N.length;
                            N(a, V), r && S(a, false, false)
                        } else e = Am(V, a);
                        return e
                    }
                    k && b && k.removeEventListener(b, H, Z)
                }
            }
        }),
        wi = function(g, O, a, C, k, b, H, V) {
            return (b = c[O.A]((C = [0, 24, 53, -28, 79, 71, C, (k = a & 7, H = Zb, 12), 73, -10], O.l)), b)[O.A] = function(e) {
                V = (k += 6 + 7 * a, e), k &= 7
            }, b.concat = function(e) {
                return (V = (e = -1715 * (e = g % 16 + 1, V) + 2 * g * g * e - e * V - 1176 * g * V - 98 * g * g * V + C[k + 67 & 7] * g * e + 49 * V * V + k + (H() | 0) * e, void 0), e = C[e], C)[(k + 77 & 7) + (a & 2)] = e, C[k + (a & 2)] = 24, e
            }, b
        },
        c = w.constructor,
        oV = function(g, O, a) {
            return ((a = c[O.A](O.Ns), a)[O.A] = function() {
                return g
            }, a).concat = function(C) {
                g = C
            }, a
        },
        F = function(g, O) {
            if ((O = O.u[g], void 0) === O) throw [w, 30, g];
            if (O.value) return O.create();
            return O.create(2 * g * g + 24 * g + 35), O.prototype
        },
        uB = function(g, O) {
            return g[O] << 24 | g[(O | 0) + 1] << 16 | g[(O | 0) + 2] << 8 | g[(O | 0) + 3]
        },
        W = (G.prototype.W5 = function(g, O, a, C, k, b) {
            for (b = k = (a = [], 0); b < g.length; b++)
                for (k += O, C = C << O | g[b]; 7 < k;) k -= 8, a.push(C >> k & 255);
            return a
        }, function(g, O) {
            if (g.I) return x2(g, g.h);
            return (O = Q(8, g, true), O) & 128 && (O ^= 128, g = Q(2, g, true), O = (O << 2) + (g | 0)), O
        }),
        v = function(g, O, a) {
            367 == (289 == g || 28 == g ? O.u[g] ? O.u[g].concat(a) : O.u[g] = oV(a, O) : 10 == g || 191 == g || 283 == g || 501 == g || 227 == g ? O.u[g] || (O.u[g] = wi(g, O, 94, a)) : O.u[g] = wi(g, O, 57, a), g) && (O.U = Q(32, O, false), O.o = void 0)
        },
        p = (G.prototype.AG = (G.prototype.F = function(g, O, a, C, k) {
            if ((a = "array" === aV(a) ? a : [a], this).C) g(this.C);
            else try {
                C = [], k = !this.N.length, N(this, [u, C, a]), N(this, [f, g, C]), O && !k || S(this, true, O)
            } catch (b) {
                y(b, this), g(this.C)
            }
        }, function(g, O, a) {
            return g ^ ((O = (O ^= O << 13, O ^= O >> 17, O ^ O << 5) & a) || (O = 1), O)
        }), function(g) {
            return g.I ? x2(g, g.h) : Q(8, g, true)
        }),
        x2 = function(g, O) {
            return (O = O.create().shift(), g.I.create().length || g.h.create().length) || (g.I = void 0, g.h = void 0), O
        },
        hm = (G.prototype.ob = function() {
            return Math.floor(this.T())
        }, function(g, O) {
            return c[O](c.prototype, {
                console: g,
                floor: g,
                document: g,
                stack: g,
                prototype: g,
                pop: g,
                length: g,
                parent: g,
                propertyIsEnumerable: g,
                splice: g,
                replace: g,
                call: g
            })
        }),
        Zb = void 0,
        Am = function(g, O, a, C, k) {
            if ((k = g[0], k) == u) O.V = 25, O.G(g);
            else if (k == f) {
                C = g[1];
                try {
                    a = O.C || O.G(g)
                } catch (b) {
                    y(b, O), a = O.C
                }
                C(a)
            } else if (k == ri) O.G(g);
            else if (k == L) O.G(g);
            else if (k == MF) {
                try {
                    for (a = 0; a < O.H.length; a++) try {
                        C = O.H[a], C[0][C[1]](C[2])
                    } catch (b) {}
                } catch (b) {}(0, g[1])(function(b, H) {
                    O.F(b, true, H)
                }, (O.H = [], function(b) {
                    (N(O, (b = !O.N.length, [RV])), b) && S(O, false, true)
                }))
            } else {
                if (k == XL) return a = g[2], v(311, O, g[6]), v(213, O, a), O.G(g);
                k == RV ? (O.D = [], O.u = null, O.j = []) : k == GV && "loading" === n.document.readyState && (O.S = function(b, H, V) {
                    n.document.addEventListener((V = (H = false, function() {
                        H || (H = true, b())
                    }), "DOMContentLoaded"), V, Z), n.addEventListener("load", V, Z)
                })
            }
        },
        l = function(g, O, a, C, k, b) {
            if (3 < ((a = ((b = F(501, (C = void 0, O && O[0] === w && (a = O[1], C = O[2], O = void 0), g)), 0) == b.length && (k = F(28, g) >> 3, b.push(a, k >> 8 & 255, k & 255), void 0 != C && b.push(C & 255)), ""), O) && (O.message && (a += O.message), O.stack && (a += ":" + O.stack)), O = F(116, g), O)) {
                C = (a = (a = a.slice(0, (O | 0) - 3), O -= (a.length | 0) + 3, P(a)), g).Z, g.Z = g;
                try {
                    B(191, g, I(a.length, 2).concat(a), 9)
                } finally {
                    g.Z = C
                }
            }
            v(116, g, O)
        },
        B = function(g, O, a, C, k, b) {
            if (O.Z == O)
                for (k = F(g, O), 191 == g ? (g = function(H, V, e, r) {
                        if ((e = (V = k.length, V | 0) - 4 >> 3, k.xr) != e) {
                            e = (r = [0, 0, (k.xr = e, b[1]), b[2]], (e << 3) - 4);
                            try {
                                k.kr = Od(r, uB(k, e), uB(k, (e | 0) + 4))
                            } catch (R) {
                                throw R;
                            }
                        }
                        k.push(k.kr[V & 7] ^ H)
                    }, b = F(227, O)) : g = function(H) {
                        k.push(H)
                    }, C && g(C & 255), O = 0, C = a.length; O < C; O++) g(a[O])
        },
        I = (G.prototype.TB = function() {
            return Math.floor(this.Y + (this.T() - this.O))
        }, function(g, O, a, C) {
            for (C = (a = (O | 0) - 1, []); 0 <= a; a--) C[(O | 0) - 1 - (a | 0)] = g >> 8 * a & 255;
            return C
        }),
        cB = function(g, O, a, C) {
            return (((C = F(289, O), O.j && C < O.R) ? (v(289, O, O.R), n2(O, g)) : v(289, O, g), f2)(O, a), v)(289, O, C), F(213, O)
        },
        n2 = function(g, O) {
            (g.c5.push(g.u.slice()), g).u[289] = void 0, v(289, g, O)
        },
        N = function(g, O) {
            g.N.splice(0, 0, O)
        },
        Q = function(g, O, a, C, k, b, H, V, e, r, R, J, E, h) {
            if ((h = F(289, O), h) >= O.R) throw [w, 31];
            for (C = (r = (H = h, 0), O.ab.length), J = g; 0 < J;) b = H >> 3, R = O.j[b], V = H % 8, E = 8 - (V | 0), E = E < J ? E : J, a && (e = O, e.o != H >> 6 && (e.o = H >> 6, k = F(367, e), e.v = Od([0, 0, k[1], k[2]], e.U, e.o)), R ^= O.v[b & C]), r |= (R >> 8 - (V | 0) - (E | 0) & (1 << E) - 1) << (J | 0) - (E | 0), J -= E, H += E;
            return v(289, O, (a = r, (h | 0) + (g | 0))), a
        },
        Db = function(g, O) {
            return (O = p(g), O) & 128 && (O = O & 127 | p(g) << 7), O
        },
        f2 = function(g, O, a, C, k, b) {
            if (!g.C) {
                g.P++;
                try {
                    for (C = (k = (b = void 0, g.R), 0); --O;) try {
                        if ((a = void 0, g).I) b = x2(g, g.I);
                        else {
                            if ((C = F(289, g), C) >= k) break;
                            b = (a = (v(28, g, C), W(g)), F(a, g))
                        }(b && b.call ? b(g, O) : l(g, [w, 21, a], 0), t)(false, O, g, false)
                    } catch (H) {
                        F(177, g) ? l(g, H, 22) : v(177, g, H)
                    }
                    if (!O) {
                        if (g.CK) {
                            f2(g, (g.P--, 536963536053));
                            return
                        }
                        l(g, [w, 33], 0)
                    }
                } catch (H) {
                    try {
                        l(g, H, 22)
                    } catch (V) {
                        y(V, g)
                    }
                }
                g.P--
            }
        },
        Ed = (((G.prototype.G = function(g, O) {
            return O = (g = {}, {}), Zb = function() {
                    return O == g ? 35 : 45
                },
                function(a, C, k, b, H, V, e, r, R, J, E, h, A, U, M) {
                    O = (R = O, g);
                    try {
                        if (r = a[0], r == L) {
                            A = a[1];
                            try {
                                for (h = (M = (b = atob(A), 0), C = [], 0); h < b.length; h++) V = b.charCodeAt(h), 255 < V && (C[M++] = V & 255, V >>= 8), C[M++] = V;
                                v((this.R = (this.j = C, this.j).length << 3, 367), this, [0, 0, 0])
                            } catch (K) {
                                l(this, K, 17);
                                return
                            }
                            f2(this, 8001)
                        } else if (r == u) a[1].push(F(116, this), F(191, this).length, F(10, this).length, F(283, this).length), v(213, this, a[2]), this.u[107] && cB(F(107, this), this, 8001);
                        else {
                            if (r == f) {
                                this.Z = (J = (H = I((F((C = a[2], 10), this).length | 0) + 2, 2), this).Z, this);
                                try {
                                    U = F(501, this), 0 < U.length && B(10, this, I(U.length, 2).concat(U), 10), B(10, this, I(this.X, 1), 109), B(10, this, I(this[f].length, 1)), b = 0, b -= (F(10, this).length | 0) + 5, b += F(398, this) & 2047, E = F(191, this), 4 < E.length && (b -= (E.length | 0) + 3), 0 < b && B(10, this, I(b, 2).concat(X(b)), 15), 4 < E.length && B(10, this, I(E.length, 2).concat(E), 156)
                                } finally {
                                    this.Z = J
                                }
                                if (k = (h = X(2).concat(F(10, this)), h[1] = h[0] ^ 6, h[3] = h[1] ^ H[0], h[4] = h[1] ^ H[1], this.pK(h))) k = "!" + k;
                                else
                                    for (b = 0, k = ""; b < h.length; b++) e = h[b][this.g](16), 1 == e.length && (e = "0" + e), k += e;
                                return (((v(116, (M = k, this), C.shift()), F(191, this)).length = C.shift(), F(10, this)).length = C.shift(), F)(283, this).length = C.shift(), M
                            }
                            if (r == ri) cB(a[1], this, a[2]);
                            else if (r == XL) return cB(a[1], this, 8001)
                        }
                    } finally {
                        O = R
                    }
                }
        }(), G).prototype.pK = function(g, O, a, C) {
            if (C = window.btoa) {
                for (a = (O = "", 0); a < g.length; a += 8192) O += String.fromCharCode.apply(null, g.slice(a, a + 8192));
                g = C(O).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else g = void 0;
            return g
        }, G).prototype.wq = 0, function(g, O, a, C, k) {
            (k = (k = (O &= (a = O & 3, 4), W(g)), C = W(g), F)(k, g), O) && (k = P("" + k)), a && B(C, g, I(k.length, 2)), B(C, g, k)
        }),
        m9 = function(g, O, a, C) {
            C = W(g), a = W(g), B(a, g, I(F(C, g), O))
        },
        sd = function(g, O, a, C) {
            for (C = (a = W(g), 0); 0 < O; O--) C = C << 8 | p(g);
            v(a, g, C)
        },
        vB = function(g, O, a) {
            return O.F(function(C) {
                a = C
            }, false, g), a
        },
        S = function(g, O, a, C, k, b) {
            if (g.N.length) {
                ((g.L && 0(), g).L = true, g).Qo = a;
                try {
                    b = g.T(), g.O = b, g.s = 0, g.B = b, C = WB(a, g), k = g.T() - g.O, g.Y += k, k < (O ? 0 : 10) || 0 >= g.V-- || (k = Math.floor(k), g.D.push(254 >= k ? k : 254))
                } finally {
                    g.L = false
                }
                return C
            }
        },
        WB = (G.prototype.B5 = 0, G.prototype[MF] = [0, 0, 1, 1, 0, 1, 1], function(g, O, a, C) {
            for (; O.N.length;) {
                C = (O.S = null, O.N.pop());
                try {
                    a = Am(C, O)
                } catch (k) {
                    y(k, O)
                }
                if (g && O.S) {
                    (g = O.S, g)(function() {
                        S(O, true, true)
                    });
                    break
                }
            }
            return a
        }),
        $2, t = function(g, O, a, C, k, b, H, V, e) {
            if (((a.Z = (k = (e = (V = ((H = 0 < a.K && a.L && a.Qo && 1 >= a.P && !a.I && !a.S && (!C || 1 < a.J - O) && 0 == document.hidden, g = g ? 255 : C ? 5 : 2, C) || a.s++, (b = 4 == a.s) || H ? a.T() : a.B), V - a.B), e >> 14), a.U && (a.U ^= k * (e << 2)), k) || a.Z, a).X += k, b) || H) a.s = 0, a.B = V;
            if (!H || V - a.O < a.K - g) return false;
            return !(((H = F((a.J = O, C) ? 28 : 289, a), v(289, a, a.R), a).N.push([ri, H, C ? O + 1 : O]), a).S = D, 0)
        },
        Jm = /./,
        FL = L.pop.bind(G.prototype[u]),
        zV = function(g, O) {
            return (O = bB()) && 1 === g.eval(O.createScript("1")) ? function(a) {
                return O.createScript(a)
            } : function(a) {
                return "" + a
            }
        }(($2 = hm({get: FL
        }, (Jm[G.prototype.g] = FL, G.prototype.A)), G.prototype.Rb = void 0, n));
    40 < (z = n.botguard || (n.botguard = {}), z.m) || (z.m = 41, z.bg = eA, z.a = C2), z.NFD_ = function(g, O, a) {
        return a = new G(O, g), [function(C) {
            return vB(C, a)
        }]
    };
}).call(this);
                                    

#6 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 07a2e04ded701ef4b82f4e597a6100b86db9cdf97b1bb38a70dba6232cd898c4

                                        0,
function(b) {
    sd(b, 1)
}
                                    

Executed Writes (0)



HTTP Transactions (97)


Request Response
                                        
                                            GET /BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/ HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         208.113.172.25
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 06 Jul 2022 16:09:01 GMT
Server: Apache
Location: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   310
Md5:    8ee4d6bff335c83a6ed17423fa482d87
Sha1:   1f9017cfe37841486fd647bee1855413b1d2aa47
Sha256: c48e50f1fcb4df1cf5721858668d6fb74f8bfaa363ad70d35a3dab4e269289c7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 15:56:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Sz6u86jZYJkqowOqEnDFYtz0OwWz2F83rJfB17xFP6jt5X6zkYKNmw==
Age: 773


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659"
Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2983
Expires: Wed, 06 Jul 2022 16:58:44 GMT
Date: Wed, 06 Jul 2022 16:09:01 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RZNRVaGEL3ubmjVFiy5EjMaIa0veZ3KWkeH-HJ25ZlHMKcJe-Xp4_Q==
age: 45736
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 16:09:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 06 Jul 2022 15:34:56 GMT
Cache-Control: max-age=3600
Expires: Wed, 06 Jul 2022 15:57:43 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4UGLGg9Fu_OsBYSMQtmWMpKMlDmCAcGNByHRQOKmZhV0SBisT_oC6A==
Age: 2046


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4461
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 16:09:02 GMT
Last-Modified: Wed, 06 Jul 2022 14:54:41 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +ABikGEyJhKH/dBBEndYew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.208.34.131
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 938T/fCcO21g2UqZ4JxLV3hWhj4=

                                        
                                            GET /wp-content/plugins/easy-foundation-shortcodes/styles/foundation-icons.css?ver=5.9.3 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Tue, 12 May 2015 03:34:04 GMT
etag: "4c61-515da2a858300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3582
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3582
Md5:    52d3156ba0a9d1b5a50a6c511997336a
Sha1:   aa40f9f7758c913dbac70cecee66d03e2ea8b542
Sha256: 261aab1151ccfe684346606d96ea1aa9dccd949336d205bc8e08e9be7dcd48c5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/easy-foundation-shortcodes/styles/5/normalize.css?ver=5.9.3 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:56:08 GMT
etag: "1d9c-57f4402fc1b4c-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2260
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2260
Md5:    67a942e177b924df0d4056a3a122c775
Sha1:   77fcfc5e6baab7a32b1b37cdbf09a9909c884b77
Sha256: 31603769ad2c7adf6e9383837e06c2c80b1551f88180e303afe09adc792fdd4c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/library/vendors/swiper/swiper.min.css?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:50:09 GMT
etag: "3b3a-57f43ed9e7777-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2523
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14860)
Size:   2523
Md5:    a86a5ec8aab294edf961f253e4e6f6b6
Sha1:   4e98756ce7f029195991d53a90906a8cc1af030b
Sha256: 186ce3b5e2312625c5e68ae8b2a8b78abdf5358a830bb1caca2e25de9ee612d4

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 16:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 16:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/anfoundation/css/normalize.css?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:49:30 GMT
etag: "1e1c-57f43eb482600-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2586
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2586
Md5:    bf3eed80d5784f65601e957ef9ce2f07
Sha1:   a8e1e62eb8cec2e51d45f1ba2a48dc4f03cf887a
Sha256: 29ccb5fce57a7c6b68152c4f89cc80942a77bce72bf27f01a052946af2f1652b
                                        
                                            GET /wp-content/themes/anfoundation/style.css?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:49:27 GMT
etag: "32d8-57f43eb225e47-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3155
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3155
Md5:    e178cce62d3e2e65b39af126e82a933a
Sha1:   a369aa97c193b007eaf084a2b701be03fb4caded
Sha256: 59fcbacb423c9fd4735e39a764bb848deb305f2f7f6307e6527210ece870fbcb

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/css/responsive-main.css?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:49:30 GMT
etag: "12c4-57f43eb494edf-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1223
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1223
Md5:    82c4e8860be151e16bf283461c020100
Sha1:   e80b908c189113cd889be824b86287b56e3b181d
Sha256: 318801a1b1601d0e836f73650507b7cde36157aca1812aa46accc9b672da0fad

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/library/vendors/vegas/vegas.min.css?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:50:09 GMT
etag: "24c3-57f43ed9ee4d6-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1234
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9411), with no line terminators
Size:   1234
Md5:    d93dd47df3cb70231cea6776a183d9bf
Sha1:   1b530e67f23d25a81ed73d2fb16f54820920e6a0
Sha256: 27fa0422f2cb1e58b1b4d66c25e62758238081cb20644dc3fb9b9baa4ee0809d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 16:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Open+Sans:300italic,400italic,700italic,400,300,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.10
HTTP/2 200 OK
                                        
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Jul 2022 16:09:03 GMT
date: Wed, 06 Jul 2022 16:09:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1401
Md5:    60278f0072068ffe37ddfe90a310a6ba
Sha1:   a70d6cec8420545b6f76992c900d5bdb46dcad82
Sha256: 67e00bdae2d5c6695c61f60256d29c2e3b84b6eddba05d4246de1dbb71600dcd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 16:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.16 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 08 Feb 2021 17:07:33 GMT
etag: "662-5bad634b608d7-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 579
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1634), with no line terminators
Size:   579
Md5:    be4e7c39e21708aea076a259a54581e7
Sha1:   c4f5928db4c172cb152585d75a50d4c0f94586c2
Sha256: ce6b7e871f79be603a5df91cf989bf82eabb935e6c5d3e38e7531943fdc0e18a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 08 Feb 2021 17:07:33 GMT
etag: "398-5bad634b84af5-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 441
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   441
Md5:    dd0522b54816392a3952c9e910894865
Sha1:   f33b5ae78895fe0f62ec7ddea58e9e9f25b30605
Sha256: e7b3cd5f20a25303d61751a904f648671d4349199a8362f7f5a9acafcad3442b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/responsive-lightbox/assets/tosrus/jquery.tosrus.min.css?ver=2.3.5 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Wed, 09 Mar 2022 19:36:43 GMT
etag: "3242-5d9ce37a6f5dd-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2154
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12866), with no line terminators
Size:   2154
Md5:    2398869bb7dd0c66ca2c78f3ee8d441d
Sha1:   58dec9653cfe556042951ab5b603879dd4f017a6
Sha256: 067ea714c2f246b8b486b4f40496093b6a5f57e7121cf73c297af88c78ec84fc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/child-theme/responsive.css?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Tue, 29 Jan 2019 01:50:03 GMT
etag: "53e2-5808f0311d73d-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4040
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with CRLF line terminators
Size:   4040
Md5:    f91b24cc61757285dd6870597d44d9dc
Sha1:   ca80bc808123fa4b0f10c7d0907ca775af665555
Sha256: 720a65d84a1f6fd69ebb4b2381e4a26ed31e6010e20769a99ae7d8861ad65268
                                        
                                            GET /wp-content/plugins/easy-foundation-shortcodes/js/5/vendor/custom.modernizr.js?ver=5.9.3 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Tue, 12 May 2015 03:34:04 GMT
etag: "2448-515da2a858300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4117
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (9108)
Size:   4117
Md5:    dc93e774933ba30491636d3e319216c5
Sha1:   7b7780105efa9219e94fe4ab21cba126c363dfbb
Sha256: ed896c16dd335f3664f0a31960a232472f10e2c5d035a6a98329701f78db2a4a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Wed, 26 May 2021 17:00:51 GMT
etag: "176-5c33e95c20be7-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 239
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   239
Md5:    21fec527969cbcfec759744ce51f94c0
Sha1:   827130fb99b0005a5206028abfe82e93610184f2
Sha256: fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/anf-dynamic.css?ver=1655153474 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 13 Jun 2022 20:51:14 GMT
etag: "232-5e15a72e0986c-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 183
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (562), with no line terminators
Size:   183
Md5:    6cd7d587dca0d1eab1e8dea5d61ce2e6
Sha1:   23304722d36ee7d945f9b4b2308936f457123a0e
Sha256: 2b3866bb02906b50d69f946564c9513564d36f581995306128744befc3da91c4

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.16 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 08 Feb 2021 17:07:33 GMT
etag: "3144-5bad634b5e998-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2320
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12612), with no line terminators
Size:   2320
Md5:    39894f711225a61f7cce4046462c0e4b
Sha1:   59b62a3cec1b11dcb76227c96942edc00d5fbb3d
Sha256: cc714cd2c71a4f439b86b4d15188bcd41eaeae38a76abbe4bd2ec8b99c943e61

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wp-faq-pro/assets/css/wp-faqp-public.min.css?ver=1.4 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 09 May 2022 15:03:44 GMT
etag: "2a9d-5de9583ad25c4-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1728
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10909), with no line terminators
Size:   1728
Md5:    77cf063b73fb4191192baa368b2f22c4
Sha1:   6a21634e0b33da210afaed8dc30ecf7468bdf22c
Sha256: 8ad5beeee9820ad9246a86163870d7ac5ad4eef613123ecba381bf6654b67e7f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/library/vendors/font-awesome-4.4.0/css/font-awesome.min.css?ver=4.4.0 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:50:39 GMT
etag: "6857-57f43ef642243-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6079
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26548)
Size:   6079
Md5:    86ee8a99cf46ebcd656ebdeb27e726d3
Sha1:   efe607657daf76475603fbb6edbd5c7c051ba494
Sha256: f61f2d13fe73c2dbaaa1669a86e87e4a98022466006fb8da17f18ca9063f36a1
                                        
                                            GET /wp-content/uploads/maxmegamenu/style.css?ver=2c5382 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Tue, 29 Jan 2019 01:46:11 GMT
etag: "ef5d-5808ef539f3f6-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5185
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1133)
Size:   5185
Md5:    0fc5306b6b2188181913057ac9d8a31e
Sha1:   25dff69f81bd20bcb810f84d4c16e9dfd9a5c2c2
Sha256: 43ed8cf70da9af6b12c666669aaf1088a1ac2e2cd33cf490382f1e72653291ff

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 08 Feb 2021 17:07:33 GMT
etag: "4fe-5bad634b85a95-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 598
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   598
Md5:    2486b7234c15f64bb3baad264e999235
Sha1:   f7fa175ba9d232df7a3b75e62bad877127c69505
Sha256: d9dd1fef4dca7c7065b656ce076e8766d5d8de60039a590b0ed3c8e2a2d09749

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.2 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 09 May 2022 15:00:58 GMT
etag: "20d7-5de9579c898d2-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1197
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8407), with no line terminators
Size:   1197
Md5:    b0447327ec8d6dd0e91a0b27bc0c3448
Sha1:   bb0fb4075fea9a21db5ce7779c7a9a6e3ea7ff92
Sha256: 17e38cf5433d0302fc2c9eb6e99b3106ceb81cf15e5c200e0fac2d426e5fd029
                                        
                                            GET /wp-content/themes/child-theme/js/default.js?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:49:51 GMT
etag: "1ff-57f43ec8f4aae-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 275
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   275
Md5:    f6f1d070e2d69e8e58221a08b6a15b65
Sha1:   bcf722acdaa7b64e9519913a70733836f312ffdb
Sha256: 5987a91a15a125345bedd160a8be83ee2d18b76e5659630332030b56294a2c15

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/easy-foundation-shortcodes/js/script.js?ver=5.9.3 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Tue, 12 May 2015 03:34:04 GMT
etag: "13b-515da2a858300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 238
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   238
Md5:    b73c600b94fa6acd52ff3ee38bfae817
Sha1:   2105ec22d5479025ec74723b575a06fc3a9a00f0
Sha256: f3baa64dbfac957d24ee77a68f8c3fecbb59336fcd1eb8d3e9af73bc18e2859a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.2 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 09 May 2022 15:00:58 GMT
etag: "f14-5de9579c8c7b2-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 411
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3860), with no line terminators
Size:   411
Md5:    812739218d0b375d6478cf03aa6d5ff2
Sha1:   ec2889d974c14f473d612906e294849146bd5285
Sha256: 880e50751b27595336252b0fb223ac47cf60d002a80ec4d31885afee670255c1
                                        
                                            GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.5 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Wed, 27 Apr 2022 17:06:05 GMT
etag: "5fb9-5dda5d32f2b62-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3525
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24504)
Size:   3525
Md5:    47eded38311229d5b2be4ec42a86c20b
Sha1:   c16e351ea2d48fd7d89d8fbf8ba0cb06abb2edfc
Sha256: 86ca043ad18655c9f1ba67cbac73760b4665d9d5b6b8d42410f5896c1a1781dd

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /js/sharethis.js?ver=8.2.4 HTTP/1.1 
Host: platform-api.sharethis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/2 200 OK
                                        
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Wed, 06 Jul 2022 16:06:02 GMT
cache-control: max-age=600, public
etag: W/"2ed4f-4+kfuOk8lynXIin2Z82IybFv7jo"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ctW6wno49g0T8nDjMCiqsFTst2onNx75fVkdZ8BKC4RlqJza6pVnRg==
age: 213
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2054)
Size:   44188
Md5:    8add1ec7a16cb358cebc72e8967d18b8
Sha1:   2f16ef23bd93c9f6b473583e066c66579c9e8450
Sha256: 3512d36b117a8d9f14637c33908cbd58ddaa87c3478823ee9214d20ce8a552a6
                                        
                                            GET /wp-content/themes/anfoundation/js/vendor/modernizr.js?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:49:58 GMT
etag: "2c00-57f43ecf20b89-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4665
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11086)
Size:   4665
Md5:    564e9b2b67f403f3e457e45f37856a8d
Sha1:   0fa26f0f0452b8ba6ecf7755acd5b2816b88e4b1
Sha256: 62ee893a04da2eced5969f02007c785f4ab82636f2eed18e21446249213c872e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/js/vendor/jquery.cookie.js?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:49:55 GMT
etag: "587-57f43eccdbace-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 776
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1263)
Size:   776
Md5:    67ce38d7ad6312da5250dd306c6a5729
Sha1:   d47fec60399df75d4eac45d9f4f431fd68fcf1e8
Sha256: 9dd33cd5dbba1bcaee140a76db4f0861f9201d766d9d7417aa484a62fff5bec1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/jquery-manager/assets/js/jquery-migrate-1.4.1.min.js HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Tue, 15 Mar 2022 18:39:08 GMT
etag: "2749-5da461cc512ae-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4048
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959), with CRLF line terminators
Size:   4048
Md5:    d60e8f2c53cede07e29e6444e42585ee
Sha1:   d7ad5c6ea89c60d41525fc843d7075e940c1261d
Sha256: 45a527a993cbcb5ebd3984c04334d58a3785238669c39987534131435488b14f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1646758890 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Tue, 08 Mar 2022 17:01:30 GMT
etag: "7c3-5d9b7eead08b6-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 863
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   863
Md5:    d457333c689c6ed7b1758c546e8e8a17
Sha1:   117e8a7e95c1b5d75c73140a4b5caa1f19f0fc33
Sha256: 8e8c8846234543db9a7c5e185310e7de764cdf5dab6a4a0fc68543a006cc1ee9
                                        
                                            GET /wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.2 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 09 May 2022 15:00:58 GMT
etag: "781d-5de9579c8e6f2-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3599
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30749), with no line terminators
Size:   3599
Md5:    907e4cd98039dd1748051cf3d54d3fb2
Sha1:   c6df18dfc40a30e11be4a77f8105aa8f70f832e6
Sha256: 1f3fb0b346bca7d037d76bf75b6dbb3956462df513017393919a8080251a93ae

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /font-awesome/4.3.0/css/font-awesome.min.css?ver=8.2.4 HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 733e37acd0daf33e87865ddb13826614
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 10796524
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 72699a452a6ab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23577)
Size:   10028
Md5:    a121ae268bcd8519ef48cd7259bec1e0
Sha1:   12b1d73d706f3e799db0a01919f063097547b248
Sha256: 562d0a6748160ae8adb6292ee793d9aaa06bd3348b8147b6f14aa7e2540e7b46
                                        
                                            GET /wp-content/plugins/responsive-lightbox/assets/tosrus/jquery.tosrus.min.js?ver=2.3.5 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Wed, 09 Mar 2022 19:36:43 GMT
etag: "544b-5d9ce37a7057d-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6434
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21579), with no line terminators
Size:   6434
Md5:    74a66d2ece15a88f23be37c68521c767
Sha1:   840e0b9952538653903377ca1e7f29ecdf891781
Sha256: 0d57275a58d98a5902f38e442d194b57bb2d768ce816478254d3e3d74e3f9b4e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.3 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Fri, 13 Aug 2021 14:15:01 GMT
etag: "4705-5c9717a257420-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4998
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15224)
Size:   4998
Md5:    23fc4a7f3651200447f67b033f1811b3
Sha1:   e65356632b8cac3d437fcca557389e30675788dc
Sha256: 0e71c797d19c77767d9f1e79403ebd12f02b612a547aa98fef9ca7d92d65404f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/js/vendor/parallax.min.js?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:49:58 GMT
etag: "17b9-57f43ecf3d0a7-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2104
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5890)
Size:   2104
Md5:    b897e80bec9b38cb710b40deaf5de051
Sha1:   21d9af3012803530c2696253c198516b5fc0c726
Sha256: 977e9f9044052e6e86fcc314d0a3c6b5d214f700ca1d85c1be970c5ad4fad559

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.13.1 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Fri, 04 Feb 2022 21:47:57 GMT
etag: "4a7d-5d738343b3ac0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7388
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19034)
Size:   7388
Md5:    1b6b69cbde4c1e5e8428cdd26b2dc8c3
Sha1:   fd62cfa997d6df0b748cf058cca7ff2f7d7d46ca
Sha256: e82683a8e73fd73ddd3e457164689a02d4ae3f1ce0c55e99718af441fabc2124

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.9.3 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Wed, 09 Mar 2022 19:36:43 GMT
etag: "581b-5d9ce379dddc7-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6811
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17739), with CRLF line terminators
Size:   6811
Md5:    9225428df7cac27c006611adc8584e90
Sha1:   05842304bf975d288847d3d8b3059fc94ef617c0
Sha256: 5c54640c383a90a82517dc7355a6199c36b6d0714ec41b9d28c363b659b83a8c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Fri, 04 Feb 2022 21:47:57 GMT
etag: "bfd-5d7383434a347-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1188
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3033)
Size:   1188
Md5:    30f5628c6cfbc3b0f84e5012b4831c67
Sha1:   26d0aa275f5317fb25ddb8238f097a0f3b0dab8d
Sha256: 39708bf2fb5b345241f55ea47352678438b9b7992953559a8b4935a3ee755c18

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/responsive-lightbox/js/front.js?ver=2.3.5 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Wed, 09 Mar 2022 19:36:43 GMT
etag: "6718-5d9ce37aa7079-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5695
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (641), with CRLF line terminators
Size:   5695
Md5:    253fb17a5767a749eeccdf46ce205176
Sha1:   2401cc7166649fa47e385fd88ddc2a45c9ce62cc
Sha256: 6f5dcbb60b006ba684fea65ffea6ac65e134409a0c65ccf927e154fc3b5d2989

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.3 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 01:50:01 GMT
etag: "145db-5dbf29464648c-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11694
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39791)
Size:   11694
Md5:    ac05cf8dbe70ccbd70189d00834959a8
Sha1:   53b03cb981f571dac912d9af526ecd6bd985df8a
Sha256: f1915505b274ee892f6bc69c1576204615e4d8806c42103e4cbdd41d62636eda

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.5 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Wed, 26 Jan 2022 20:03:52 GMT
etag: "6591-5d681b364ee77-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6424
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25961)
Size:   6424
Md5:    b85898c21414880d0fda1de12513947e
Sha1:   04d43a95b5e8ea722a7483e51c0777fe93a39545
Sha256: 9c7d5e264121cf6d146b092907bbe986fed96ea58b67123c938df1a1cae39e3c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/library/vendors/vegas/vegas.min.js?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:50:09 GMT
etag: "2590-57f43eda0c934-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3127
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9128)
Size:   3127
Md5:    96004b45037331e749c4d7765c1ac466
Sha1:   5a4cc9c9d6837d3b5c6d41490da72fd8a16b32fc
Sha256: 8f13e8118ca66792308eab166e4a8dde645d6fc90b534f772991a56f9b3965c1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/library/vendors/swiper/swiper.jquery.min.js?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:50:09 GMT
etag: "f372-57f43ed9c5499-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 16399
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32015)
Size:   16399
Md5:    ba8d6bea85b34667b7b7ad5862ab10f1
Sha1:   a8abd9df191649439d03e43f185358609680e67b
Sha256: 7f3c2f8081d67726cca0e23bb18bca840c9ee766779bd0b199d008bb90f01862

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.2 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 09 May 2022 15:00:58 GMT
etag: "730-5de9579c6f2f4-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 926
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1840), with no line terminators
Size:   926
Md5:    9b03b8b236a0f11c6b99e5e85cc27d72
Sha1:   68d6032fcbd7265a3c542e078c877334c3900c0b
Sha256: ab02a62be1b84045551edc3c5ef7470e3abbd2af10c861342d894af74487db84

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Fri, 04 Feb 2022 21:47:57 GMT
etag: "5dc-5d738343b3ac0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 705
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1465)
Size:   705
Md5:    19bbc441740a1a6f3a64155bdfc3dba5
Sha1:   55a4beb22cd76a1d66c4a6947968408f337b4890
Sha256: ed5fdb40d566079267ca224b2d9bbe7235a66ce393c083c28c64be9c24a0dfda
                                        
                                            GET /wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Fri, 13 Aug 2021 14:15:00 GMT
etag: "4e9-5c9717a119e16-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 604
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1222)
Size:   604
Md5:    fbb2962c1c339f98b1c11925b073b13c
Sha1:   debcc9203a0cdae60117b0c18f3e6d27f3fe8a70
Sha256: 6e770ec064427e44b0b928e05deb11ba0d0a8c55275badd4c07bc14071b963ff

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Fri, 04 Feb 2022 21:47:56 GMT
etag: "163a-5d738342b9ad1-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1871
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5655)
Size:   1871
Md5:    5deac8aef99fa22b12900a9defc3dc72
Sha1:   2dba9890afd73a47be35e261f448b7e1a0a7de48
Sha256: 4b57c712163b6fda2db664a30bae312df64a658724312a1ed80beb26dd731cb0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Fri, 04 Feb 2022 21:47:55 GMT
etag: "195e-5d7383413fc0a-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2424
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6494), with no line terminators
Size:   2424
Md5:    c6495fdc9ae787edde0ae55be9d2769e
Sha1:   a2e096ec452cede4cb6b19ac4b1c11dc73820944
Sha256: 6a56ba0996fa2e684e2beca4e4c0af44a250a498b7f1a0fd8988f5f8353ae571

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/js/vendor/wow.min.js?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:49:58 GMT
etag: "1bf2-57f43ecfaf4bf-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2450
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7124)
Size:   2450
Md5:    92de466db33be0a528e5398fe8f6a3fe
Sha1:   d58f9e3e4c7ce9f34f93493b8033e83d19343dd7
Sha256: 860fd267277ee6d43733b0b4521e375a7c27989c7df61d5da752148262106a58

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=5.9.3 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Thu, 20 May 2021 15:55:37 GMT
etag: "e688-5c2c4f965b350-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 35786
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58981)
Size:   35786
Md5:    02644dac0833b538d40484f69906c1a7
Sha1:   8c3d127e866a25c8e0ef06fd9c7bc02bd2e4adad
Sha256: f5a63fc4c2e37e536323351a5b52bd2a8675609a2884db74aa8f34fcc1ba93b9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Wed, 06 Jul 2022 18:17:21 GMT
Date: Wed, 06 Jul 2022 16:09:04 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.6 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Wed, 27 Apr 2022 17:03:58 GMT
etag: "7741-5dda5cb9d84d6-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5024
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (315)
Size:   5024
Md5:    b38504021fd8504d56fdd98efb99259b
Sha1:   daacec4971ab1c639977e787951934547f8e31ae
Sha256: 4ceb7faaeb583c2458408845a2739616d07c9386384796e6f9cd7a03fb420335

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Fri, 04 Feb 2022 21:47:57 GMT
etag: "28a7-5d738342d310f-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3997
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3997
Md5:    c65c906fa539d61948cf20c25e0e0335
Sha1:   ef9e2f4c8027fc0db868b63884a2b733f7d7220c
Sha256: 565fe03b08ebcdf82cb787e70bcef5ba1febb9e1a0c92febdd9afe95c9ac3333

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2018/11/img_logo-1.png HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 15:53:46 GMT
etag: "7f85-57f44d11818ee"
accept-ranges: bytes
content-length: 32645
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: User-Agent,Accept-Encoding
content-type: image/png
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 433 x 191, 8-bit/color RGBA, non-interlaced\012- data
Size:   32645
Md5:    2ac5a183920364b8a78853da17746ce1
Sha1:   3f6f465be12bbf42e4e8c0d51d7088dd397886e8
Sha256: 4b1b35553dc6c61e60addb941fa9d38153dbf93be8eafad0a36a08c491f752e9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Wed, 06 Jul 2022 18:17:21 GMT
Date: Wed, 06 Jul 2022 16:09:04 GMT
Connection: keep-alive

                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Fri, 04 Feb 2022 21:47:55 GMT
etag: "4b3d-5d7383413fc0a-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7118
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19111)
Size:   7118
Md5:    1c6455f37a926425bff99872cf185dc2
Sha1:   023930fd0bd294600d11383854d89080dee17d72
Sha256: 34a196e46221283c7643e081a39e43a947c554a04314d33c16bd1d8997d4e4d3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.2 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 09 May 2022 15:00:58 GMT
etag: "ad0c-5de9579c6d3b4-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13467
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (44300), with no line terminators
Size:   13467
Md5:    7fb62d31e0e35a157b098b204965bcd0
Sha1:   67f125557538c5d835cbe6302c50aca20029326d
Sha256: ce46d45e870acb642f9ab67c1a187c060ee85fdd1dc30a87e921895071f9d586

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Wed, 06 Jul 2022 18:17:21 GMT
Date: Wed, 06 Jul 2022 16:09:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Wed, 06 Jul 2022 18:17:21 GMT
Date: Wed, 06 Jul 2022 16:09:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Wed, 06 Jul 2022 18:17:21 GMT
Date: Wed, 06 Jul 2022 16:09:04 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb6c586-bb86-4a54-bd48-f2b5da763e74.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7117
x-amzn-requestid: 7cfe344b-f098-4260-bb50-6574786e6ee2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BW8HnbIAMFkrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af5f-14a960ac060d2d120cb0ad7c;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0F6ZVkqKywgjh9Qa1DJw_-rdOLcc1tzEll0J58NeawksoIu9nY1a-g==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:50:32 GMT
age: 65912
etag: "01efbdf6b2ab79332bf6a22d36472e294732aa17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7117
Md5:    b4ead2bdcbc998a5685d65a26e40ce1a
Sha1:   01efbdf6b2ab79332bf6a22d36472e294732aa17
Sha256: 04399a91345db4f89bdbbb9ddb30db0f2a0c29654491b38bb1a30bd40c4f3e48
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb087c84-cd12-4097-af17-4de6bc39bfce.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4983
x-amzn-requestid: d9f7641f-ba3f-4c3e-801f-40b65f532f0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BVvEO0oAMFTgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af57-5b5650e20436832a5c98c963;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:31 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aZUFUF9lLOJeBA5orP49mjnP1_jG2CWyb7TkybkVjlVeV_-mtHEoWw==
via: 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:50:58 GMT
age: 65886
etag: "dedbc8565770c9e8bd618141ccf5a379a80c15ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4983
Md5:    2ed3ce023fb4daa968a877d0fffb8ef5
Sha1:   dedbc8565770c9e8bd618141ccf5a379a80c15ea
Sha256: bca74e6849eac0a016f7923b3102c0b871b4bc1c02d0a75c636b2c1c86a2961b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8553
x-amzn-requestid: 2c1e16d1-357b-493e-bcf7-b4de1a34757f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Utd8tEKYIAMFbmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c21051-7382cb3050c6f13d70dd3706;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:55:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wcT3TQNc1zixQ773IGnG_ghBAa2ELekTK0IyHJ3q_7RrgUTZ83spGQ==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:11:53 GMT
age: 46631
etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8553
Md5:    e6f97e6b64100081e8bed56216564854
Sha1:   303f4efaa9b98e39a935fc6514d3731d40d2977c
Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc072e61d-3b9b-4f2d-acc8-d26a8adf968d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 12165
x-amzn-requestid: 796ca673-2ab5-4bd9-b4f1-d2c250c34e3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BWXH-HoAMFhkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af5b-51c7abd54a523a1f479a7d5b;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:35 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _-zkK-6DIfDVDzXmTOTigF2tM4pfh19MReGO_X26eRhLNFGL3Jc9Aw==
via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:49:54 GMT
age: 65950
etag: "604b4cc5d50ca494df1de2ab8baa486da20d1e4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12165
Md5:    29949330f4dc3b69747d5534e745fde3
Sha1:   604b4cc5d50ca494df1de2ab8baa486da20d1e4e
Sha256: b98faa2080573124f84254a2f87df3631f257e9a040cf34ebe267a1784d4b954
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a269baa-7158-4db8-9b1d-e4e22ec22920.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6711
x-amzn-requestid: 5b99a31c-9224-4862-a43f-544d6fa3dbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BHsEkmIAMFg_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aefd-571078525a01c4dc72c6ed22;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:37:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M_5qYzlGkpOjdTFFURDkWp4_qVLELvsu_RGFmr6Fovkjdf5GajzcTg==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:37:38 GMT
age: 66686
etag: "b06f33b2742c3c6de4a449f4227d85e6268bafce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6711
Md5:    d82ae97bb9569fa288a23c3380a4f4ef
Sha1:   b06f33b2742c3c6de4a449f4227d85e6268bafce
Sha256: e99961f561aaa3ded5fd1c19ce10505a7d016d5d67bbbef5caebad09ba233b56
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde8f4008-69f3-4766-a957-006ebc39d2e4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9047
x-amzn-requestid: 8e0eccf9-7f3e-4333-a5d7-a35dd0e068eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BU0HNmoAMFaQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af51-1d81f8e10200694125ede95f;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:25 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4HkBGv-aAOwIfyBaFSIlfMPFqYYUaIDzTfUADctfm1g3COtQS_UojA==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:50:58 GMT
age: 65886
etag: "7aa6cd994a565c8b6832d48c1e36b17f33621e90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9047
Md5:    bb2f16af747cd633f71de1966771b532
Sha1:   7aa6cd994a565c8b6832d48c1e36b17f33621e90
Sha256: b61a354007e630a3be3ae0c2c2336d3dd71cec02eab7b4234ebb40f69561acf0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magicalmindsstudio.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:46:31 GMT
expires: Thu, 29 Jun 2023 19:46:31 GMT
cache-control: public, max-age=31536000
age: 591753
last-modified: Wed, 11 May 2022 19:25:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16812, version 1.0\012- data
Size:   16812
Md5:    ccc4fae5b3a426b89f4245f50715e416
Sha1:   7f036f96dc68e7981c5cc5322ecbbd4628b439cd
Sha256: 25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magicalmindsstudio.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:34:58 GMT
expires: Thu, 29 Jun 2023 19:34:58 GMT
cache-control: public, max-age=31536000
age: 592446
last-modified: Wed, 11 May 2022 19:25:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16720, version 1.0\012- data
Size:   16720
Md5:    c416910cae8fe4258cdf8c35933e9f4c
Sha1:   4a768ba0a3abc49b572c08c235db9f066ffc2b18
Sha256: 9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
                                        
                                            GET /s/playfairdisplay/v29/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magicalmindsstudio.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:32:53 GMT
expires: Thu, 29 Jun 2023 19:32:53 GMT
cache-control: public, max-age=31536000
age: 592571
last-modified: Wed, 27 Apr 2022 16:55:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19784, version 1.0\012- data
Size:   19784
Md5:    2afc074b0a28a247a63a4bf7821476ee
Sha1:   bf13679b67c48e47947b3a044732b1cc55abc094
Sha256: 23a38ec96550f1c1cc8d6e9f83f9dc7dfeb046bd2d0d67db1590c86e7a098a70
                                        
                                            GET /wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.2 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Mon, 09 May 2022 15:00:58 GMT
etag: "13aba-5de9579c8d752-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   29056
Md5:    8fd1365fb425a34b6595f9b6f18b947a
Sha1:   e3276aa6532d93b1668d4a67b1015e1f5a01936f
Sha256: 0b3ecb7b188ed9bc78a7b8ebf52ccbcb715074991487138db77c36d539baa713

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/anfoundation/js/foundation.min.js?ver=0.9.20 HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:03 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 14:49:42 GMT
etag: "1aaae-57f43ec0460be-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   46222
Md5:    f9a1c1745b9f9a86988899cf9185b7e7
Sha1:   5786f396601bfed335f20485444a9a01750feb65
Sha256: acf3a4bae08d9ae3528129b83b846fcc7958fb28531df2926cfd08e854b3a57b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magicalmindsstudio.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:35:18 GMT
expires: Thu, 29 Jun 2023 19:35:18 GMT
cache-control: public, max-age=31536000
age: 592426
last-modified: Wed, 11 May 2022 19:25:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16796, version 1.0\012- data
Size:   16796
Md5:    f39b602d1b08fc398343e5c11cf8cd87
Sha1:   944ea7b3ca302c92a6414f203ab47803da20948b
Sha256: 511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
                                        
                                            GET /css?family=Open+Sans%3A400%2C600%2C700%2C800%7CPlayfair+Display%3A400%2C700&ver=5.9.3 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
                                        
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Jul 2022 16:09:03 GMT
date: Wed, 06 Jul 2022 16:09:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (618)
Size:   147441
Md5:    22736b65391d0d95022eb262dbc21072
Sha1:   1b3f3a6cbe60769ad1a914cdf8650f20a8ea8930
Sha256: 0c4a7cce20c43c0a2dd2352475e6326a5e8674a4cb8ed90066509f483905bc13
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3608
Cache-Control: max-age=138172
Date: Wed, 06 Jul 2022 16:09:04 GMT
Etag: "62c51e44-1d7"
Expires: Fri, 08 Jul 2022 06:31:56 GMT
Last-Modified: Wed, 06 Jul 2022 05:31:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /en_US/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 35bddd73f7c321c82c4b143b8340a453
etag: "e186160d52cc3c2228ce290b1785e494"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 06 Jul 2022 16:12:09 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: IWQiOqhNNgW6YEBMrYf3rw==
x-fb-debug: tBR3yo3Y+z0A15FJqMkZFM1xYFBfGg0YivYnxVYi8itzjP55qt/nvq3fNN83FuW0IVqFNrsIvqqscnnP2K9pNg==
content-length: 1686
x-fb-trip-id: 1679558926
date: Wed, 06 Jul 2022 16:09:04 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1686
Md5:    2164223aa84d3605ba60404cad87f7af
Sha1:   40ab346fd65284c2ab63508f9ed4d5dcb18f077f
Sha256: 9392ce172a004bf08939fdb6b865a1631687aeef9bb69ec2437f566a7e60f85e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3608
Cache-Control: max-age=138172
Date: Wed, 06 Jul 2022 16:09:04 GMT
Etag: "62c51e44-1d7"
Expires: Fri, 08 Jul 2022 06:31:56 GMT
Last-Modified: Wed, 06 Jul 2022 05:31:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/2018/11/favicon.png HTTP/1.1 
Host: magicalmindsstudio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/BlMDt-Ad5GQb81w_ckHx-vO/PaymentStatus/INFO/US_us/Invoice-Number-558936/
Cookie: _gcl_au=1.1.1797869471.1654531901; PHPSESSID=4e35550ae93bbcd06e9ad683a39c771f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.172.25
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 16:09:04 GMT
server: Apache
last-modified: Sat, 12 Jan 2019 15:52:59 GMT
etag: "105c-57f44ce4a657e"
accept-ranges: bytes
content-length: 4188
cache-control: max-age=2592000
expires: Fri, 05 Aug 2022 16:09:04 GMT
vary: User-Agent,Accept-Encoding
content-type: image/png
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 79 x 79, 8-bit/color RGBA, non-interlaced\012- data
Size:   4188
Md5:    9a1ca8fe82fd9b4e57f9a3032adb0802
Sha1:   2e5dc10fba703d2c13598fb704ee56cd86372210
Sha256: b20802ca932f43e785219a2c741c0818ac6a680931d4e5cb1ad1d06139c743eb
                                        
                                            GET /js/62448dbd49378f0019370576.js HTTP/1.1 
Host: buttons-config.sharethis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicalmindsstudio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.11
HTTP/2 200 OK
                                        
content-type: text/javascript
content-length: 30
date: Wed, 06 Jul 2022 16:09:05 GMT
last-modified: Wed, 30 Mar 2022 17:05:02 GMT
etag: "e6e1643313740711175f51662a65b42f"
x-amz-server-side-encryption: AES256
cache-control: max-age=60,public
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XOMX9RLL7GeJXJTLzab-2ks_tsQ2qZ2oamoGx3AcRx5_dCMUsIRbbA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30
Md5:    e6e1643313740711175f51662a65b42f
Sha1:   c3fc7a03fea3138a1497dab12d5b4e40fd4aeaef
Sha256: 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
                                        
                                            GET /en_US/sdk.js?hash=88295a164df0a926cae626b1ce03384e HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magicalmindsstudio.com
Connection: keep-alive
Referer: https://magicalmindsstudio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e08cba6f7fde11306173f28eb4b70e70
etag: "1b78836d9f43faf0eeb0e043498896c2"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 06 Jul 2023 14:04:27 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: hTg2eu0GzRzHiIJK7kPNGA==
x-fb-debug: ff9g+WLpd0zGwgIBCF5+/dtldSJuD50K8GDyUJr+RnkCGqYbdgCyDj+oNkm6kBLQeb1FHwmjJW36cAti5Lg9Ew==
priority: u=3,i
content-length: 85936
x-fb-trip-id: 1679558926
date: Wed, 06 Jul 2022 16:09:04 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13071)
Size:   85936
Md5:    8538367aed06cd1cc788824aee43cd18
Sha1:   67beae0e60a06efa498b006ae467ec6f592b4378
Sha256: 09c14c0128036cea45710956cb138bd9c92b03ab55389bf2fe6ddb29e6a49154
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101173
Date: Wed, 06 Jul 2022 16:09:04 GMT
Etag: "62c4937e-1d7"
Expires: Thu, 07 Jul 2022 20:15:17 GMT
Last-Modified: Tue, 05 Jul 2022 19:39:42 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oE0EQAQdkM9_oqyriGNzboGVRp9LEtpf0UuR4oIzQOqNyeavCW0AYg==
Age: 2135

                                        
                                            GET /pview?event=pview&hostname=magicalmindsstudio.com&location=%2FBlMDt-Ad5GQb81w_ckHx-vO%2FPaymentStatus%2FINFO%2FUS_us%2FInvoice-Number-558936%2F&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fmagicalmindsstudio.com%2FBlMDt-Ad5GQb81w_ckHx-vO%2FPaymentStatus%2FINFO%2FUS_us%2FInvoice-Number-558936%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Page%20Not%20Found%20-%20Magical%20Minds%20Studio&cms=unknown&publisher=62448dbd49378f0019370576&sop=true&version=st_sop.js&lang=en HTTP/1.1 
Host: l.sharethis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magicalmindsstudio.com
Connection: keep-alive
Referer: https://magicalmindsstudio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.120.20.111
HTTP/1.1 204 No Content
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://magicalmindsstudio.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 06 Jul 2022 16:09:04 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN