{"report_id":"d7fc48df-38be-4b1a-b866-f024df33b4c1","version":0,"status":"done","tags":[],"date":"2026-06-28T11:03:13Z","url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"172.67.206.183","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"title":"Bavomex | Decentralized Web3 Gambling Site with Provable Trust","dom":{"size":682660,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (53360)","md5":"29ff7f390c99d492b3a0004ac7b3419a","sha1":"45c4607d6b410adb448ae5908b357e283252d28c","sha256":"c88dd6d2067e943a5a975f421a9ba4fabc009e83574167e5bb982a86a6f3a375","sha512":"77b208c3e93877c905205e035e602766c58cd18eb9502bc6ac1190fec484b71878a0c74eedcbe9cf521c94916e145d6310315f72f12d7b37fdf2e1260572836c","ssdeep":"12288:EULCdVi6NxNTiLAvU/FvzXf3lf3Eg/Fv7AvghHBS:EULoNxNLvWrOCsvghHBS","tlshash":"67e4d073b15047d3a20f8b8cf87169289eac70ffa7d689d8f21849d55345cbed5b2882","dom_hash":"domhash1b624a42c9d10dcfe6393d311a93fd74","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"172.67.206.183","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T11:03:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"bavomex.com","ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-20","domain_rank":0,"first_seen":"2026-06-28T11:00:46.667211Z","last_seen":"2026-06-28T11:00:46.667211Z","alert_count":104,"request_count":104,"received_data":5450863,"sent_data":52983,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-21T22:19:08.810882Z","alert_count":0,"request_count":2,"received_data":99812,"sent_data":1115,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-21T22:22:12.048317Z","alert_count":0,"request_count":2,"received_data":12348,"sent_data":1135,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-29T14:31:46.098572Z","times_seen":174851,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"63a037a4aa03386094dd0e93e826dd3f","sha1":"589ee4e19f0db786a0dbc8ebec18ee52a2c15e90","sha256":"fd3d55f53fe109a7d1ed983dfb5da4237e0833ac6ba3aa53d66ca6bd1a0ea2b2","sha512":"3ef8277b105fa10a9d4a2f4d0c3ed4a6aa2ffc8369ab4c00819c7f6079587688770309789bc5ee93d4f4554ccbbacf6b27a6c8a7406b1b9a01e59855e3b85643","ssdeep":"","tlshash":"c051694ae94ff9116930de9f062f4f3a88d0d97b82b5916cf79cc9c94162db70388d81","size":2545,"data":"","first_seen":"2026-06-17T18:29:29.994146Z","last_seen":"2026-06-28T22:47:38.506982Z","times_seen":291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71c3dfc709a64767b78820626b75cf12","sha1":"ad76433ed52a7e9625c6a6bac9a841c6ab094512","sha256":"ba5a5ee87048fcaccba5178d3175d20d4e7394da2e07e2d9819760de354b7f76","sha512":"19880c0a7b0603ed412754e30856f4b0be5525a3492f78ee409b2bc9fd923f8fd16c1018431c4a0ba54b56652a7754523dc834578db5f32bcdd997ec5b499cc9","ssdeep":"48:LZVODbWa/+aJ3QhV1fhV1ZoWnnBn6V062/XnSBnBn6V062/og65pbX73O+x/+fyP:LCDA131ZBmMcmMxgp/MR1DmDP","tlshash":"01c1051f6809de06dc3e7c69023e9d3754ccce7b8764dab5c18ece991a065b62bd8c81","size":6133,"data":"","first_seen":"2026-06-20T05:58:58.522553Z","last_seen":"2026-06-28T22:47:38.507491Z","times_seen":187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d272da3a9b09210f4dcc16a89c5ad139","sha1":"af672ed622ef035da837f84c4d60dd22f6ad235c","sha256":"ad146a41054785a01620614b59e02ca6b0b8cfd0a8871d751947994107118fc9","sha512":"dfdc9b90c57dbe296e15394b5f12d96c3249d12f61fe6c3bff42dee4875cf4ff97dab3859a889bda322207959b2e82588f7fe8e51407c6469d0f0b9b76a94969","ssdeep":"","tlshash":"15b09b64f015fff555a91571653de445325f50cd595c1470151391a51709d142717ec0","size":123,"data":"","first_seen":"2025-12-17T10:01:40.746958Z","last_seen":"2026-06-29T05:32:55.548087Z","times_seen":557,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cde1220258a0ac4f98ce24972b2503cb","sha1":"b1aaa250b15bfea94c39a28d82e32287252d6643","sha256":"8c86109b5ed00e9594541eec16aee2ad26e11888c01124da7d8676fea0833751","sha512":"e78b962007d08d0e1cc694bc59d202f052e6f7fff1350f65d609e653facb4f7af6f9f17e8aba6fe434a4a884c30ec43f37772c0238acc74ac648291f2787ecb9","ssdeep":"","tlshash":"b5d02ba1cc13cc0dc2560f19287e6c3521ccc9b403055107a895c97c1d86a3449e0d86","size":268,"data":"","first_seen":"2026-06-08T19:33:12.080994Z","last_seen":"2026-06-28T22:47:38.51268Z","times_seen":410,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0900c31ac674b7bebf329eccaeb97a3d","sha1":"adafd200139ece30fef3993957bbafa37d3da0b3","sha256":"20974bfa2d80b85d7d2a68308ff0a16912aace68712ec13a78846aef94ec1f3b","sha512":"2f13f5b3de73fc500df330df52efe6699aa26d96948570fbea220cf4b0b8410f12a9fcf919066edb9dfcd4335f8a10c3bed8b61f77a8638e90721484d60b9cee","ssdeep":"","tlshash":"05e0ab329c11ee428eabd83a2f3e9cd120ecd57546044384b5a4c81c42436348cebfc2","size":410,"data":"","first_seen":"2026-06-28T11:00:53.693919Z","last_seen":"2026-06-28T11:03:20.789602Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/16rmwuk.q6kce.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f5cbdef62f70832a02868c81bed4d0cd","sha1":"4d77c0b7342c6700e8dce963de3136d937d75b23","sha256":"1772b49f52d973040f54ddfecd3ec3c5333a06566491f44d881a06852d94ab32","sha512":"fcde5221d5f85fd6c9077fe4092dfd79e9901552845905b925e095b1be1cc2de0d1ab165ab5aa309fc9db126316de67fab111f21da93129d2c8887c87f886d9f","ssdeep":"768:7AJ81OugdCHq8di830F9Lpl/v+GMd9mML03RnyiGM:7AJ8I+xdi830Fwq3","tlshash":"aa33d6b172d5faa2429380e4d43f2017f23d0c7124ad7470a7e89cdb754898da6bafe5","size":53814,"data":"","first_seen":"2026-04-17T19:00:52.214884Z","last_seen":"2026-06-28T22:47:38.46841Z","times_seen":414,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/07b~lfkhc7~f6.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"109cacd54b4cb00227ca58e34d8168ca","sha1":"9af3b7bed6b65acca8080874a47307e6a0d6b3a1","sha256":"4de148ca2676f0ca606715a307cd028d1cfa6f63a59f5ec45f259e0bfea61faa","sha512":"9c40e0ce244052efb8a56fcb6146993d50584716e713a4880726a2dacc446dec383d3f16b1e2f3888a414c83f0b633b3cbd87752e4d338764dcaedef96abdbf0","ssdeep":"3072:79zcwGUN94sY8YzaPnx1ll779zcwGUN94sY8YzaPnx1llX:JbBN9nQwZJbBN9nQwB","tlshash":"5ef3ef35d8d0aeda231c7be4d9051ac64bd1f0920022e9b6ef76709be8f4295f7d1836","size":172200,"data":"","first_seen":"2026-06-08T19:33:12.017045Z","last_seen":"2026-06-28T22:47:38.422449Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0gtqnwqp2jd2_.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fbcb0a523d301ba7e15c269d3a124232","sha1":"fd263d422ba3e2f5182f6a75b8a96fa1d3ed4112","sha256":"96fc85ad0a723d02940ba6592f17047ebd25055c1fc7e4fe0b171ab0a8b1cb10","sha512":"f9b75df2b08996a17fd9a03d7107a02c50487bddd3fc081e685f5400206f13692a054c49917a6a720ab7e70797d72a6a4e4dea29ccf7f320431daf86a5d421c8","ssdeep":"1536:c5gCTP3oPWPyx34NhAG2CGpDWLmLFCKxgogH69pca719HnZh57+rzDgdjruQ8CpS:o//PyxoN/Lex1gH6JRRwDXwpVol","tlshash":"72b31a17d24423f217512695740f69c8b3bee9c41b62946cbd99803d23ac9e8b1b7fec","size":118151,"data":"","first_seen":"2026-06-17T18:29:29.90313Z","last_seen":"2026-06-28T22:47:38.399063Z","times_seen":289,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/136wspufxw6fc.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4004a07390e470c485dba5c61fa4b70f","sha1":"46e8e42a20cfe1e766d29da65f3b071143863fe9","sha256":"35d73b5e32141bc85bd97a3d47e035e94d9cbcc49c3b2a1fec84bbfc79a2934f","sha512":"89eb61b2f4b2ecdec634a576527c4711a93d977ed01666ac5bce8b8a290cf8197a41c6665ca696193e5998b3510716eb241ca5128c3e8ab408f16cd710949917","ssdeep":"96:8NpZW8YpPMg6npt1npYA7npUvWh+bLYhfnp0Wkc9OIUdnpzp53anpYvZ0Bep0WJe:4KbshpdclXZ0B/Me","tlshash":"6491fb1a514932e13b222a8c303bdd4ea11ab05cc6164df56b6584bc27dafc4f867fcc","size":4529,"data":"","first_seen":"2026-06-11T16:29:30.477923Z","last_seen":"2026-06-28T22:47:38.397581Z","times_seen":226,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0byi9c1kdhku2.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"470004d83dc17ce8a5af09b41645873f","sha1":"4dd466d16f5d678758739f65ee505d7bd1a9f3eb","sha256":"aafac24663931328ce86e1020ae08240ade0ed88483fe7b49857003e6117ed77","sha512":"88b8a0ca2bc6512349653c965bd1c63cf7a36581d7655266f96718a2a4dfab1e2183f0f87d30cac385dbddf38ab8d32c84e371b83c44572ef2dd5eb9cb920179","ssdeep":"96:2p9YtpkojrYpGpUVFwAchp91tpexVfQApjFpBTpcFpe6UuWHSvUpp/TMvJ/pPg:wYbjr0wT1O7P0TUudYUg","tlshash":"bea1456fb04823902752199d21bfe4cdb02aec799b05186cbb91c17d27d2d98b1b6fcc","size":4922,"data":"","first_seen":"2026-06-11T16:29:30.421395Z","last_seen":"2026-06-28T22:47:38.401624Z","times_seen":225,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0jpn43~1tadgx.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"44d3f771d51cebca746ae90b7fd29171","sha1":"222d34425bcb4b09d6f07233cfa92bb27f13d374","sha256":"6de8d036e910b2b6651f0f95a676eb246d0aebebc69893664f2a88740a1da09d","sha512":"72b6accd7430d60ec64f89b5657fa75143959dfdaa6b1b86ac72cbbe69f895ff2af6e06b25cd9569e54fd22f3ef222faead746e4b4fa9a692399d2b638504fdb","ssdeep":"384:KxPN/B22tHV9MqujRujtPdZjWmmzQ5DKW0KInG/as1D:SP322tHzMjOlrLJ0jG/5l","tlshash":"0b720a43b498fdea0757d39cec6b8004a16e297ed8cc807d8f6cdaa0317598a7194f69","size":16882,"data":"","first_seen":"2026-06-28T11:00:53.686645Z","last_seen":"2026-06-28T11:03:20.780882Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/00txjv18y81xp.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ce6fc1ac19a91ab9b96e5e1a9f282b0","sha1":"8d33c689780551b67888eacf406466aac6275d6d","sha256":"401596fdc663801d8d4aaf96a476f9d2468c085d11f942979cd2b2f4135715d0","sha512":"3d41e06e4f96724a69f2f40c00f8966c19f3e32e9f50aff7ead5fd7bf3fdbb2f486bd228fda15f4804451a5bac96cfeb96d3df1b54f322059f03494fa536655f","ssdeep":"1536:M8udv/NqM7t3AKjSkmE5P1tISAAjJp7BmWok8EO3KqI8GYDNFR9QJn5QExF8:oBAoSkfvtHXjJCOsjI8hJtQ7nF8","tlshash":"be93a657e3241b9a1872727afe4fe181f61d8cbb0799cb50b878e51927c18b87834bc5","size":90224,"data":"","first_seen":"2026-06-08T19:33:12.041169Z","last_seen":"2026-06-28T22:47:38.468996Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/twq.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","size":308,"data":"","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-06-29T14:31:43.713407Z","times_seen":24419,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/turbopack-0ecgschtaudos.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6ba2cb91d34ea9e9369784ebe9af4389","sha1":"384f6cf4bd44ee8abdfd3c2b3239164fd7d59351","sha256":"54a5acf97d9eae9f3ec52b7fa09d3b076f41747ab972ea5c3a84d6ac1cc71439","sha512":"c7e178c33990e900f1d7720cea3451698680da7947b01a43114f47f2ed2c308964cd3f024a682e9937d87485ac64f3e708048a435e3bbbdaeef1641c78a0dc62","ssdeep":"192:z4gMFB683Esgdo2YE0hBG/lhjTNWn+S3sBT4fCT3cXXqroor2:z4gMFVgOQ/lHW+ssqCTMKA","tlshash":"8622c8da37a6f07343af94e7906b4004f17d84a9145d141cd3aca8eb2c394ae85e7f76","size":10581,"data":"","first_seen":"2026-06-08T19:33:12.036767Z","last_seen":"2026-06-28T22:47:38.474602Z","times_seen":412,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/06jljm--ci~tu.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aedfeefa1e80779099b9587ea3b1db29","sha1":"6a48447697ef6c01db549d36c6e38f1d20060ced","sha256":"1f315feaa50045554919b51284afb4ac2967751c6f67f84fe41687a3f01c55f8","sha512":"db2350c028befd1718dc036246f4541da89160807ba1159f058fcdf8d99e885a6b0eb8a266f3a7d35c64ce5938a06ebdf6b3a08a252b94c0b5e6ecf3710ed20b","ssdeep":"96:UXsY3Gv2/EP3DwgZA4b/WMJYBSaWHn5GdYLIa7sbc3DXTNDXTrv2P:UX33h8PDwgZNWMJYBbWo/a7sbc3DZDGP","tlshash":"0eb1c7b776c6fc70415685509837834bba182e37309eb0d497eaccda327ce4a85d1f9a","size":5218,"data":"","first_seen":"2026-05-18T06:46:56.921829Z","last_seen":"2026-06-28T22:47:38.427977Z","times_seen":414,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0.tq3hqv052nt.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3dc8cb2a59489c1561ab34843f6ea999","sha1":"5af3abb3d1dbb398bb131d6cc4976c6df6113a9e","sha256":"07b5b0a411a49989495c74530e109e477f9342b2dbf476217bfff08e0be0af3e","sha512":"5b14c7c64ba184c60488cb10d5096482538946ccda7801ecdffbec8c2b2cc70394be8baf3924aa04b70b00963afff814b388e8429a9f2bf476ef3c381da6c289","ssdeep":"3072:pbPzjb93YLLBpqE2O4dwg1ZoIUtQJ0aqMuB:pbPzjb93YLLBpT2O4Og1Zit2qMuB","tlshash":"8be3e6f935d1f88207ab50a6c03f0006f22c4d77189e6860e3e5ddda756465de2b3faa","size":144579,"data":"","first_seen":"2026-06-08T19:33:12.034645Z","last_seen":"2026-06-28T22:47:38.404914Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/155bi7ep2xvb5.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"10849f5c50fd247b8474e2fa814c102c","sha1":"29ec98a9b1d4011dc2915ee1f8e2647b5d5bf95c","sha256":"172af026257cc0c461fb8a91b872fc6a36615b13af56fe7203737bc181e0fc67","sha512":"8270248e1a353e9d5e53f5c5b698d97f75e6227b3f6c3d96b1c1647dd9d0414ebbe61ca93b2c11f3bf444fe6a1337150ed13593b1b2b46ee9ab21fe1a97d277d","ssdeep":"3072:t1wANU+dlIu9NMBzhtW+fYuJ1qci4fn4NHDShvOsN52TItb0:t1wAm+dlIunohHfUHD+FN52TItb0","tlshash":"c134fbe83955f6626ab302a710af1803b338252b280d4d60a351fd9db57845fb17bfde","size":231723,"data":"","first_seen":"2026-05-17T01:00:58.350766Z","last_seen":"2026-06-28T22:47:38.394445Z","times_seen":471,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/12lp94j-.c_mt.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e739de1547de36405dedb135277b1f71","sha1":"a2ae6c5a9ccd2a7b0a2c3513af23ce6027350983","sha256":"516e6be72f41061589fd880467eda5e65367f672bf3965d39f04192c54064b22","sha512":"38d927879984614c350d69095ad051428407df75b772003b1a9a02349b8cb9fc11ed9e4f70e82db8494ece45b4c391f9686b521446c0a75b74d4fa7b7c8287ba","ssdeep":"768:YhBJUosw2zWLEImqD9nhKFXA3tkBOfCCDkZRQqwQV:YhNUAEI/3na13V","tlshash":"8943c8b53291faa342db91d9c0370012f2780d71309d64b4b3a4d8af799dd8e92f6f69","size":58029,"data":"","first_seen":"2026-04-09T01:35:59.256618Z","last_seen":"2026-06-29T12:44:16.919442Z","times_seen":421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0o_e~241j7s70.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"492fdde27434ccb64638e746574c542b","sha1":"41d99c26c55c106d7b2020ad4173e7b8b104dca3","sha256":"f95f7bfe0c9178ebccf3e88b7dea3aebd7d1965a2ac72d02a55123515bb62e60","sha512":"8b277899f0d2e7df00f734282480b99110b1d4f303a1e4ef9ce1251cb8ecbfcfdb6e130264d9e6116bb0413ad2dcb3a7a6e6cd3d8a0026fa324cf32ab9c2375e","ssdeep":"768:e8qFuVuuWew7F7sKaMrxwkXRoOiRLhFHM8XzR46XOUYpJ7NzWxaHuPMbtJpy6xkj:e8qFiuaiQKa0oHMUR35ZV","tlshash":"a033fae2f1d4e2d9e4061b80f82f9808e52e39bdde45ddb466bcaca11f204d4b985fc5","size":51449,"data":"","first_seen":"2026-06-11T16:29:30.444636Z","last_seen":"2026-06-28T22:47:38.477783Z","times_seen":410,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0v0ixs97.v7n5.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"95ef99c841282f013e4d316bdbf10391","sha1":"f80792622b31b0dd0d1e74be890cd66f97e0d423","sha256":"7235294725f74bc429f63b3c0547001aa7e7e3f3d41af140d53b973f5e2d9368","sha512":"8a0be5bb197316d7444f9b8f3a62d528e5a286c8cddf782fb8bd0ea1fcf5c488c7d422dca571d7d0efc18eb47b3ef33e19aad8b9c097396fbbebf3d80388d481","ssdeep":"3072:yXi31G2FJlN+XTGKDXKBGchpLjdLWVwNrJqhWq15014BWiJLe:yXi31G2FrIhz15G6WiQ","tlshash":"dab37dea7342b435836b805e416f8506b23e2d64580e0c19f2b9d8dd39b4949d2fbf7a","size":108049,"data":"","first_seen":"2026-06-08T19:33:12.050394Z","last_seen":"2026-06-28T22:47:38.397058Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/06ckeshtm0g8~.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"70d35d970122715b75f3401550d567bd","sha1":"b96c2fba56490ad4ddee640a8cdab875716b42b0","sha256":"2b4ebd17db6fe464a0426144bfd298917c680b72671b64ee25eda5f71ab2298a","sha512":"749f3769c7df943e5e09ee7157209202840f80f724a39d332b76e2db5a4555bbb80e0d83ae3d106880f3876e77360ce3ecc3f566744bfff35651107e031b547e","ssdeep":"384:KxPN/B22tHV9MqujRujtPd6jq1mzQ8+KW0KInG/as1ey:SP322tHzMjOlUgJ0jG/5Iy","tlshash":"f9720a437598fdfa0757d39cec6b8008a16e297ed88c807d8f6cdaa031359497194f69","size":16964,"data":"","first_seen":"2026-06-28T11:00:53.657569Z","last_seen":"2026-06-28T11:03:20.786626Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/03fg85j1c363f.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"05cda99838f3df07eb438b054ce7d2ae","sha1":"5d7ba1308daf2a223c780b365a7123a12d2a56af","sha256":"72a35adf797fe33e0548ce20a161ab102a616803284bfb50f3755bcf8a8ae9b3","sha512":"b5a255650f22adcc0c518c24a86d52d2ac36bc52845302fa088afff62f41fd3467d822b72ca1f20045b35c4f9e9abbb7754bffe1d4355563a6cf60984e3348ae","ssdeep":"12288:yibu0iI0QXDQnq5u0FxIijiw9LUoXQM+M0qizOVNkUoReh+YoJLPP8v0hxQ0zPV5:tbDiX+NRv8tB","tlshash":"fae45c696025213897956090c15b3446efb1682f2dc944acf7b8ecef57b4e8e332af71","size":667746,"data":"","first_seen":"2026-06-08T19:33:12.046227Z","last_seen":"2026-06-28T22:47:38.40209Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0pui-sg~t8d6m.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"84d46429db8f13524085bf5cb4043f4e","sha1":"c8639b27a2d4c5c0ff179b54e803f38b579cff38","sha256":"d5a55ce3f19056582492201fac7b6a73fb75943a6e08c7549d08d639c1364276","sha512":"83647e3eb8526db32d31c08df7e661e8c36c3f5fb550e0edd6abf88b9eca9a1f6c52f01dbd68aaa0d69034f6c577be866362346c8c03f5c9003d9bc1f47d987a","ssdeep":"","tlshash":"8b611066524923f53f322a4c203fdc9e510ab21cc6464cf5261584bd27abf91b8a7fcd","size":3259,"data":"","first_seen":"2026-06-11T16:29:30.36988Z","last_seen":"2026-06-28T22:47:38.440684Z","times_seen":226,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/09m28z2r~.w8j.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"295cb7b39a766115859fdd340bd5d661","sha1":"4f8bc00001417248ceee285064417928d803a6b5","sha256":"ec7bce2e98540116bb9d28db10d536e7080f5ddaa0857e69c61ed1be3eb349e2","sha512":"68efe9be524b8e18376d1e860d1005349b1f4a730ff580d5234cb768e006104667501bd4df92408b23368685d37bcaee494016ed18cd363cc1a939069a6493e1","ssdeep":"192:m6QqMOx4O2NbkLEOrd6kFJwiKDcyfKm4i5LEzCQ6aspmi+fQjgEzmQ:mqKZBaj6kFMJCm7Ezsasp/vP","tlshash":"2c62e8ad7155f0a10fa36465407f400bb33929b6286dc5e0e3a2ecf5a9b456ec133f6e","size":15910,"data":"","first_seen":"2026-06-08T19:33:12.049499Z","last_seen":"2026-06-28T22:47:38.391012Z","times_seen":412,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0514pcijmsasy.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed3d466c2d251d739ca14bdd80caf061","sha1":"38eabd2cd88e7589c09720b23fe926fb69e7bf2b","sha256":"290816770359c2131dc4f5bced87b4de8567a75148300b6d38673561b0e80fa3","sha512":"b56e083f791bc181b92e28bdedb61e18924c835f4b3a50de7cbb37862ac0dc18305a4621ecf1f2ab5615551286ef133723ee259929a8db034d10c06dd5f4d370","ssdeep":"192:k21OmPkG5HtOCdVC8+BrTvk+0tDq1ZT643MN3WYtdUo2RBRmuk:J1ZAEKcDqf23Tso2RBRmuk","tlshash":"8c122a94f1a07936035746a3a1ff0702733a89595c1f84ecb1b888882b71e8d11bff9e","size":9691,"data":"","first_seen":"2026-06-08T19:33:12.061464Z","last_seen":"2026-06-28T22:47:38.396527Z","times_seen":412,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0yqs7g~fkgxvh.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"56e046cd0054aeb3c7b9fbf97d0251b7","sha1":"cbfc4a9b8adb52feb8784859e08cd0769264c22b","sha256":"f558ae27c46605d6a4057db1efc6a9bddb378ab38c8808393d6683b82829ab9b","sha512":"c0793cf733e03956b13c5cee9b42c023f95b69fdcf8a653360efdcd82d0c3d8aaf7046e6df58d4cad4ecb4df4457aee60ca4e4b9b66055a900cd89e5760e42a8","ssdeep":"1536:q1otOBTamMABecSsuowgKh8YTyNerjq+sXYzlb1:q1NavDh7q+sXYzlb1","tlshash":"2483a846f0f4e7faa44d0a5ce41f4018e79e2dedda846df8d7acacb012114e4768678e","size":80970,"data":"","first_seen":"2026-06-28T11:00:53.652914Z","last_seen":"2026-06-28T11:03:20.748947Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0li9mgra_8nfx.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c1ca7911b574ce20daed1f833b108d6","sha1":"bee0a37c5dc9d23fa8e592d34529399de963967a","sha256":"eebd59a42ffd9f0a8cb12ed2797fba5025977de2ab885cfb28df20d9d2f92ef5","sha512":"628e8fcb0dc70c2b54ade8cb8b86552ba3a81882c1d3ef21162f7eadf578a7f1e1f03f0b59fccd849bb2e5e4fc4bf4df4dd9776c2ed575969f07a23c0416619f","ssdeep":"768:6jWexfqnDkUHRqSEyu+bauIS75xh+3BdOkgRt:6KetAkURzRb7xwxrit","tlshash":"c5a342476395e41e8f73dba0e91fb767c2184cb959638926d10d0ea4c94f8e1caf603e","size":103921,"data":"","first_seen":"2026-06-17T18:29:29.887806Z","last_seen":"2026-06-28T22:47:38.391511Z","times_seen":292,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/fbq.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","size":408,"data":"","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-06-29T14:31:43.700347Z","times_seen":24425,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bavomex.com/global/twq.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.176Z","timestamp":1782644569176,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/twq.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PAj6BuHQfQOX5QbFCEjBPBSlFF6oHnYnF3h3Lj5WpVPJqnvJFxNYC%2FbQF5MkkbYSaVXvaY4lPZfJTVpm1mVsKqsE7XqfxzXSPeP6VZeTENIuwoQSn2oCi7g8yfzvIA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338d5bf05699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":308,"size_decoded":866,"mime_type":"application/javascript","magic":"CSV ASCII text","md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-06-29T14:31:43.713407Z","times_seen":24419,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/sigma_asia.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.789Z","timestamp":1782644569789,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/sigma_asia.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7314\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pZxEWD6iQ2wctqgdQz7S2C8pQDu9LGqfI4CvcqwWJspXPz2OH4ShaVg3icsT0inBmOzNpT8LG3l4v6IdQakNGNb%2F1jqFfAueH8MTItemUfJ9pN71H1E73g8pVEq7XQ%3D%3D\"}]}\r\ncf-ray: a12c339138735699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7314,"size_decoded":7945,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b445895bab59165c728be6f9311eb77a","sha1":"aa063ec5f7114da40efecc83cba8927b20531199","sha256":"5803c79829793e691a94899e1badcc98a5f164ba2acbce51dd6a2b0df1d215b8","sha512":"14f13a1a932c6c8c6c789a90552e29954fcee766cd07289878e68bb1dfac0b48823b52dd4881479f53939c10068931959d5ecfc301a8e09201101826517c7134","ssdeep":"192:5JfVRd94jqovgtziFozgcoGqWclHjy8Xw2uyMS7:5JfVv94ebziFaFqW8bf","tlshash":"dfe1c03ebd66c165a649723d71d02392362406a40d430fc27cea25d3f7a56d333ea6e7","first_seen":"2026-06-11T16:29:30.436798Z","last_seen":"2026-06-28T22:47:38.504798Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/footer/ssl.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.813Z","timestamp":1782644569813,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/footer/ssl.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1e8sKCgXlsyL%2F583%2BsYJIsigfvFwIxiaj5RYqQbVK8j2sNQqfjFdBu5GMC1dlctuzDOuBgkCGwZWhm1Uqt%2FErr0d4WvwcZbz83uhJsZdSBpxEUdgRDDZ55eGRs4n6Q%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3391589c5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5759,"size_decoded":2827,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"a87540537d4556d223239dc0c6c49a88","sha1":"25d10c01b2d39cb7f053412aa8229be9aef9c714","sha256":"dfda4f7d1cbf365b02cd1a31280471a6271721148a5dbeda4e90000f9f34e77c","sha512":"d4368be86e434f3d1a3bcccda8613c6e49fe8f5e32c93dc522f93e27a58b5877c9d79a8ce44e7a3c29fc7830f593e20ac81b64a2dd6e294047849764ffa15a73","ssdeep":"96:NPfADU98+OsYczGoQvcTC/qFRqZF5pP5yD8dj6BbXrnd9Gs8tYG1eMGxg:RfAwuIfzEvce/qFRqZFH5yDg6BDrnCsq","tlshash":"4ec196a0b3f5d2f4a144e7f8533d28307dab24fb1a62852d87a12ee4a55151dcce68d2","first_seen":"2026-06-11T16:29:30.464934Z","last_seen":"2026-06-28T22:47:38.392505Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0514pcijmsasy.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.895Z","timestamp":1782644568895,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0514pcijmsasy.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fby3WoZjF2cQ9c01AavdQ%2FyuzaTUaXYAvkEYXwqYpHPKnNAGC9cP6edn5gq%2BoXFYbuIWMDdG40663OPf2X4jg6D7RioxHaK2OnKWJudZyeOG2IJgxYG1cP6dNcC7Rg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b998a5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9691,"size_decoded":4756,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9691), with no line terminators","md5":"ed3d466c2d251d739ca14bdd80caf061","sha1":"38eabd2cd88e7589c09720b23fe926fb69e7bf2b","sha256":"290816770359c2131dc4f5bced87b4de8567a75148300b6d38673561b0e80fa3","sha512":"b56e083f791bc181b92e28bdedb61e18924c835f4b3a50de7cbb37862ac0dc18305a4621ecf1f2ab5615551286ef133723ee259929a8db034d10c06dd5f4d370","ssdeep":"192:k21OmPkG5HtOCdVC8+BrTvk+0tDq1ZT643MN3WYtdUo2RBRmuk:J1ZAEKcDqf23Tso2RBRmuk","tlshash":"8c122a94f1a07936035746a3a1ff0702733a89595c1f84ecb1b888882b71e8d11bff9e","first_seen":"2026-06-08T19:33:12.061464Z","last_seen":"2026-06-28T22:47:38.396527Z","times_seen":412,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/trustwallet_logo.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.764Z","timestamp":1782644569764,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/trustwallet_logo.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SXggkLWVG7Y0scBYONx%2BNvCzr9Zv%2FuG4jkS7q7vjPWUzKlBAjFL7qneuMpoijVlImgCUph5jHxcJTOiYJQOvaaaiYSwqX%2FTqK7G4VYvjbvYd3UkQz2fJhmwyzA%2FR5Q%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339108395699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":676,"size_decoded":1008,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"95610a9779844de79d298cc54ad0cccc","sha1":"5f38a98338359e3564cd16454b8f152a3fd785b1","sha256":"33fcccb18ca22aa02623e434700a645c7935da1be547753aec410f6d9866396f","sha512":"98d76f3a1c01b102e25d4e6b5cf241d9a23faa31c19a2be0f42f5cfa1b03c5a900e6a88ebfd3c386f23c0d1e2681c5351f23c974029f78dd5f9f71b5ccd8cdfc","ssdeep":"","tlshash":"bc0178a992ecd822e548c31ee91cb03239a960c775818aa0f2dc5f5d5b4a1830d1b3ec","first_seen":"2026-06-11T16:29:30.448684Z","last_seen":"2026-06-28T22:47:38.434003Z","times_seen":226,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/clover_bg.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.959Z","timestamp":1782644569959,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/clover_bg.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jk6AInF31ZPGDfGkZXi5YAml2PHujClleO6NutFEMz%2FVobDXm6NmX%2FTnTnRj2AosCovzkDRrtw6udOoSNpFRbXh32UhhE6A%2Fro8RSWNZFpi6q9csr3dM3iNpMqXedw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339249ff5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6183,"size_decoded":3627,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"a15718f7a3c7e8a0dcac6bcc183dbd31","sha1":"fc6a988355e4cb5bf9f69b0b30da8ac04a6002db","sha256":"4e77bfd97a131a34ad255b4cf9e6495df4629ca67157bceb57885359d971603c","sha512":"e262fbf720c155124553e381938c9624664d62405f3eec1829b51cddd32c8a698b0e1b8a00dc616fb4ecce6f0840cefa774f54de5f8a9ccfd955d2a6bd194d36","ssdeep":"96:s0rPKoKaC+Bh6N5kx4hVD1Pkj6WTONs3Bgxd0IGPvg+UapwlIB0gxdncSu:3KxgBhy5kx4zD1PkOIAsusTvzlpLqOc/","tlshash":"fbd1a49c7ba942bcf105a2fccd0204a47e0e24f77601857cf76d2e11e71689dc85b4aa","first_seen":"2026-06-11T16:29:30.399632Z","last_seen":"2026-06-28T22:47:38.406032Z","times_seen":225,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0a21ve5v9f8f~.css","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.173Z","timestamp":1782644569173,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0a21ve5v9f8f~.css HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w%2FIpNbr1LEDoJf88ZBcybzmtgq8%2B3bDMWbHrVPrUr5zfyUf%2B%2FjXqqP89Joj0yNPxeud0O%2Fqux9lj2zDp9XLIZ83OrqbfQ2zk41KuhNX8iMi3K1bq3IBhYEfMizYd0w%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338d5be85699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2687,"size_decoded":1347,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (2686)","md5":"73412fe569e1f16f6b670c83c1b7fec6","sha1":"fad9338a1b36ee3fecd68653cee6c826390b1df4","sha256":"de4bc1ac4c5c1364679bb70a6f6e16426987f6f3d0ccdb18e32dc374212fbd93","sha512":"c77bf771f7bd0383ff28e3382a3819428c13a42a5f7b1651b4c01caeee04808b4250f9924cd247b70a11476689c6dbb9573e317c6172695e4ee8a72873be0caf","ssdeep":"","tlshash":"78518b199cb483ffc8496012f5582c588642edd4dde29bd14c0b2ce38386af32ab1739","first_seen":"2026-06-11T16:29:30.383583Z","last_seen":"2026-06-28T22:47:38.404361Z","times_seen":410,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/main_banner.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.922Z","timestamp":1782644569922,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/main_banner.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/090a6r7kb8eqn.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 247446\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HXX6expWXPUlL6jWeeDBsY8QIdAUeklrUznvYOMyBWnc1JYP6NQWN%2FMZ042bunqxeJWxVKDeXfC1B6HKSBJfOZ%2BXMas7uxrDttDk4MObMTWB9QfTXmb2t0l3hEPBnA%3D%3D\"}]}\r\ncf-ray: a12c339209885699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":247446,"size_decoded":248081,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2328x1120, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"42021d65c9c0715b21a1d32e6ccac73e","sha1":"2c708a7315dc9cb1b4de1dcc07ad2a204584ce7a","sha256":"b66c82fbab4dbb067cfd9b5c2d1bcb75a7967b22101bd3c3b185affc1ddcb70a","sha512":"ee91dcdde5201f1c0477bf2f943a9ff1030219694da8fc68098b0d12e29f3f537f689ef02efce952f9a278c18e36c9d319b7d6cdd29888805e714653411f7ca0","ssdeep":"6144:FOD6Mem/6xo4Ys8DqzrSaB3C2C4JEOL9MxwEALaN6Gm:Vo/6Sy8DqzrSaJC/47aA2N","tlshash":"b63423bf3258491ffcd0f8f5e31bab2d57a508e4a5819c35bbe8574297e0a3ae10811d","first_seen":"2026-06-11T16:29:30.424317Z","last_seen":"2026-06-28T22:47:38.440037Z","times_seen":226,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/trustwallet_bg.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.947Z","timestamp":1782644569947,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/trustwallet_bg.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/090a6r7kb8eqn.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YNzE5CQNgBEhFw7gvf3E4VYN4IedttcF3rtYNfctolT92l4eT2CKvVchnUlmr8oUhsg9uihXiRhms76KuPvOm%2FSAV78NTD3GO3rsw9adRRFz9gAQMRe96DRiIGU%2BNA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339229df5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":869,"size_decoded":1066,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"a06363a3cd4efcc760d786a6b83281ea","sha1":"cb8ed03fc84a624643b2ebf6a048c87cba69bb84","sha256":"94a2a386817b82f41fdf8e90bbf962cf347638e4fcd2c86b716de00dc11871c0","sha512":"89d9ee2d7edea50e41774fcae527dc7befac77afa3b4e4311a212b85152dd388b856b435abe732791d6c6dc243645fedd22163f09b189a0ed0c37544956980b4","ssdeep":"","tlshash":"9311b1f456ec9513d208899ade0491155e2680d39e888155b14d7f5e7f1dcd34d13bc9","first_seen":"2026-06-11T16:29:30.324259Z","last_seen":"2026-06-28T22:47:38.475585Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/top_block_partners.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.746Z","timestamp":1782644569746,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/top_block_partners.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qkZ3Px8i0nPLD12794qxReR5EG%2B4DpryXmcT08Bdg6s7fs8DDe9Sh%2B9el%2FcAp8Oqdh0ECk630DoQf2OXDpmhvHmG3bHIRC4Kkj2EzS%2FsmTAhhqFd5AYlxkyccDooZw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3390e80d5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17717,"size_decoded":7364,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"6084c40ee224566f3461c7ddb7fc93aa","sha1":"207affc69d2774609ed581b8bd4a8817cfcf3c8a","sha256":"afcb08887e9a332c3b4dcec9316bd4ebffed6706cca6f70b7eecde5051fd292b","sha512":"4555a84c5a3810d1e0fdafcb2f8370b8671e7eff8f548c5f6733cf67bc77891c95e9da970ba8f653d95b7f6bfd5bf1b89868c911157bb8e4fbafbb5dc52dbb45","ssdeep":"384:3mHQD+XVmeF2dDTXOzgmtu6zh7bJ4cerYVu+hg9rprN9daIp/VVYSpp:h+XzUXOzgmtxxF4cerYsHzDp/VVYSX","tlshash":"2082e6c927b893f8f961e2feda3a919ab91727ed36444c35c72d9d04eb8105d0d0b8c2","first_seen":"2026-06-11T16:29:30.388742Z","last_seen":"2026-06-28T22:47:38.441352Z","times_seen":226,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/blockchain_com_bg_out.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.781Z","timestamp":1782644569781,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/blockchain_com_bg_out.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 62374\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9Q4sAZwgJWKznaHCYqlPBm8JWymKOPAkTf51JN%2Fl1gsC1i2%2FTX76z%2Bt0CO%2FkWS89zH3NgswlpiSSea542%2BYxZ%2FYd5fSN6m2Vei2DdB%2BlUrZcPaHfr8hFCA%2BeTlM79w%3D%3D\"}]}\r\ncf-ray: a12c3391285c5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62374,"size_decoded":63020,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f9c8c27a8d9a29cceedfd9b374e5d239","sha1":"681f688923a53b406074bfc4bde478edf55a0617","sha256":"870a431e162bf824cce39456d459efd3a67b64a2b1cb290d6526a39bc1fd596f","sha512":"2bc89baae2e1d57a9bd8630f00a4341a144e33bca85fa019ddf58b6d5706c387d70c0cdf441e5cdc6d3a3b2f2aaceecf8ad2d8c85aa077ab7bec791687704df3","ssdeep":"1536:su6lQCXDT8qeCniOPdA5/yeX4xdtJwJAhw/hCeum:s3eCHgCniOAR4hs/hzum","tlshash":"dd53020d4197b3caa83b1529fbe2cb51580530df53e7ef7ef25eca5ac09548a4c2358a","first_seen":"2026-06-11T16:29:30.32327Z","last_seen":"2026-06-28T22:47:38.471735Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0v0ixs97.v7n5.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.910Z","timestamp":1782644568910,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0v0ixs97.v7n5.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UpnQPuSkkkjD6X3ubBeQ0kpD%2FqUNgmXrD1hhKLiG5N5e8TE9BUnEZS4p%2FtyCazQBN%2BfFLVO5jkcahQvfzHbGQEN5GS3NYDqeiFzqrPE6BB31LOjc1nguf%2FxJd8IaOA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338bb9a65699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":108049,"size_decoded":42849,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33805)","md5":"95ef99c841282f013e4d316bdbf10391","sha1":"f80792622b31b0dd0d1e74be890cd66f97e0d423","sha256":"7235294725f74bc429f63b3c0547001aa7e7e3f3d41af140d53b973f5e2d9368","sha512":"8a0be5bb197316d7444f9b8f3a62d528e5a286c8cddf782fb8bd0ea1fcf5c488c7d422dca571d7d0efc18eb47b3ef33e19aad8b9c097396fbbebf3d80388d481","ssdeep":"3072:yXi31G2FJlN+XTGKDXKBGchpLjdLWVwNrJqhWq15014BWiJLe:yXi31G2FrIhz15G6WiQ","tlshash":"dab37dea7342b435836b805e416f8506b23e2d64580e0c19f2b9d8dd39b4949d2fbf7a","first_seen":"2026-06-08T19:33:12.050394Z","last_seen":"2026-06-28T22:47:38.397058Z","times_seen":411,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.017Z","timestamp":1782644570017,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://bavomex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 72964\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 28 Jun 2026 10:31:09 GMT\r\nexpires: Mon, 28 Jun 2027 10:31:09 GMT\r\ncache-control: public, max-age=31536000\r\nage: 1901\r\nlast-modified: Tue, 09 Sep 2025 18:33:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":72964,"size_decoded":73775,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72964, version 1.0","md5":"91247c94dcda6ff52b445d71d6bbfb81","sha1":"ad2f62363ed047b430b91f32afa31df51fcd7c5e","sha256":"6a3c3e024b31eeacbf1f19c3c7be78612d91c623186f64035a50038241dad4f9","sha512":"a12dcac84e9f9ae02df3aabe29d76994281cd1005edca471194605cfcd6a0456eec872fd28c63c72ae124804d0b47d8377048caae49c40b0a18b5d6be4d6213f","ssdeep":"768:zbw+rLBkMxbCkupj4Y69/Yr71+j9pWiKahMM6+AWEqXB0oGuNGku+QCcIKE205C7:zbw+iwuS/iZWeaO1zP1/9Esvf8fXnm1","tlshash":"8f6302244e3c50c2a54d33aa286940f6f6e79c75b2b79ba4a69c589cd410f329cdfdc4","first_seen":"2025-05-29T18:51:13.223047Z","last_seen":"2026-06-29T14:38:43.818288Z","times_seen":28123,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":32,"send":0,"wait":17,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/136wspufxw6fc.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.071Z","timestamp":1782644570071,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/136wspufxw6fc.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hs0cbk%2BqWsrg0Ko3Ls6cXxP6nlR6LBmCUc2qeVNz0RRQkJJfxBaHh9EtEv9aoLlERPyyUCACdvFsWNjxVOAIs6oouRH1ayB%2BoVLEa%2Bi3WLcXvErYyHianDfdtwAjxA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3392fae95699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4529,"size_decoded":2221,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4499), with no line terminators","md5":"4004a07390e470c485dba5c61fa4b70f","sha1":"46e8e42a20cfe1e766d29da65f3b071143863fe9","sha256":"35d73b5e32141bc85bd97a3d47e035e94d9cbcc49c3b2a1fec84bbfc79a2934f","sha512":"89eb61b2f4b2ecdec634a576527c4711a93d977ed01666ac5bce8b8a290cf8197a41c6665ca696193e5998b3510716eb241ca5128c3e8ab408f16cd710949917","ssdeep":"96:8NpZW8YpPMg6npt1npYA7npUvWh+bLYhfnp0Wkc9OIUdnpzp53anpYvZ0Bep0WJe:4KbshpdclXZ0B/Me","tlshash":"6491fb1a514932e13b222a8c303bdd4ea11ab05cc6164df56b6584bc27dafc4f867fcc","first_seen":"2026-06-11T16:29:30.477923Z","last_seen":"2026-06-28T22:47:38.397581Z","times_seen":226,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/crypto_com_bg_out.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.763Z","timestamp":1782644569763,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/crypto_com_bg_out.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 66668\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ppsdJFoUNGlsPtix2eE9eKVqWMre%2BmNk6AkXO4TUK9USw84eQdZH%2FMVAFuoFmYbxfTG4cT%2F9Kx2Eq9Jc39Vsz1tUPvrim88Z%2Fv9zmTuerkJbGTsEf84rbhQPBzJ0JQ%3D%3D\"}]}\r\ncf-ray: a12c339108365699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66668,"size_decoded":67306,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8f83bca3a53d9ec69b96a60f4914953f","sha1":"2154887948793dcad22c53d341427a3ddb4a8fc8","sha256":"5259866451d6e67d7a2741eb51895fd85bfde6a784fe9e65e4ad17a645a14e0c","sha512":"f266d81908e488e197bf4f5e8995113f4b1bee0eb5b4a1cc521dd94309cb27c6e6ecd8d0c720d6588eeb151f13b525083cbbee6f09f23acdeb5c41526c01625d","ssdeep":"1536:JjjbWA9pz9EB+u0/aEP0uRcmd7/eKxJs6FJo8NfZoJ40:Nbdz9EAhSE8uRvd7/fLFJBFZO","tlshash":"365312616873882ce6e93b1bc5f33be3476426d4415a602ef0df6a03065e0b27d4e5f6","first_seen":"2026-06-11T16:29:30.331854Z","last_seen":"2026-06-28T22:47:38.387258Z","times_seen":226,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/fragmentmono/v6/4iCr6K5wfMRRjxp0DA6-2CLnB4NHhg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.018Z","timestamp":1782644570018,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/fragmentmono/v6/4iCr6K5wfMRRjxp0DA6-2CLnB4NHhg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://bavomex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 25224\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 07:57:52 GMT\r\nexpires: Fri, 25 Jun 2027 07:57:52 GMT\r\ncache-control: public, max-age=31536000\r\nage: 270298\r\nlast-modified: Mon, 08 Sep 2025 18:00:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":25224,"size_decoded":26037,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 25224, version 1.0","md5":"989b6974406960015bf5a28c208cff42","sha1":"7fc5fa2c4774415df54117102f667505d521bdb7","sha256":"44c4e39bff5e76652a24a872cbebabccbcfb20f62c4633b27c1f2745cba86b56","sha512":"7a8e04ed1e4494fc2acf491d5a30c29d5a3848fab9c8d4fd7a6244307ffac7ab5c4fa177e58a846d50bb4ea0ac1ecc67bfabe4987d54f3a3d39c14f5a2757f44","ssdeep":"384:gLMHdCiMiFK9zbo8ewJvvw05YrqtY5B8UOb9C5v9079K0jPyc9GGE70+eY0:goHdwNRbmwBvw05YvHnOeS9PPXsdfeY0","tlshash":"a7b2f190fb5d22baceb002310645c5e11ab483be446231172fa926f69b715e7e7f12ad","first_seen":"2025-07-07T14:09:38.817243Z","last_seen":"2026-06-28T22:47:38.390431Z","times_seen":407,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/exclusive_bg_right.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.963Z","timestamp":1782644569963,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/exclusive_bg_right.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0tjlo5.08~sm_.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 276112\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s%2F6xZYAYDiWHCyEZl5B9qtt5J7hVFmQcAIuyU33JB%2F580u9Jac65brroCj8HVpE2Fc5ENtFoQQ4NQLHtjaYF9QdXnAkhZwDhZq%2BhXF3uAqGUPDg%2Ff4CzREGfjIb2NQ%3D%3D\"}]}\r\ncf-ray: a12c33924a055699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276112,"size_decoded":276751,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c531d7f8cb8daf31fc8bbd374f809203","sha1":"844f0b6fe50511cf3a9fd21d3f0fc302f4c0784a","sha256":"e3268194c37dd9bcdb7cd323832d208e727401f2889a00a6a9420ef732c5e447","sha512":"15585b839620691b74cc1ef7a43fa045e120cd3c1a897ced71c76141c551dfc6b2c5c9f6fac6b4e5f875ceaefb92264aeab3eb62e35e4e26d618a414c9c160e5","ssdeep":"6144:tO+H/+2d9iwCyfoT9kliXc+P6OJGN9AmVNS0HnVuPOPIZ:tO+f+QtiM+P6OJGnnnjHnM9","tlshash":"1f442317fcc3d141ee4d29766c9e6bdaf77a9befd4c56c4d8140a4858b6038306b8a34","first_seen":"2026-06-11T16:29:30.419562Z","last_seen":"2026-06-28T22:47:38.467479Z","times_seen":226,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/blockchain_com_logo.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.776Z","timestamp":1782644569776,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/blockchain_com_logo.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PnPJzsIhyrFYQadpgCYbu32YW1%2FXvPiZYDw4xrmZ%2BOV48ljYQDumQjR4RYqQlI2%2B9lhRxwfI6z25pzUEB56fj07UOMI5q0mP%2BgkvFJZIA0b5NwPyBkmg68FFRLckWg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339118565699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9197,"size_decoded":4175,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"d2f44273e127f4fc487a433df4d0d2b3","sha1":"dbcea3bfc6321a54bbef208352e5cd9a9f25e657","sha256":"ae25a6e25566b01fe7712c34417466a79111b5b9f1b2f6d6130f69a6bc5733ed","sha512":"8f8cfbaf1f7b848f87b5192d2ee05763bf2bf2244f9ba52951c0356b12714be3b1af7ae5d71394eef78419799f9f2e5fe9a311eaf095f6f4f6944442923809c4","ssdeep":"192:WufKt8w+yCrJvR1zWf9ONQAvisMPwcBcM:Wufr2a5PRviT","tlshash":"251293ee37981ae0e80263f8dd32127eb94f64b3bbc39794e35d9a446652454c948ec8","first_seen":"2026-06-11T16:29:30.472602Z","last_seen":"2026-06-28T22:47:38.385521Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/about_bg2.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.757Z","timestamp":1782644569757,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/about_bg2.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29594\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7hN5IN7er0boccGTii5IAoTcKjonFM96KxCEL5Qurj7mVal1%2FwHYjk1spOiSi0PJLHJDicaWCuZrMrvCrdMP6JEKB1EaktS0l1UccU7XKXprKsjd2eKuPbmmFrnwoA%3D%3D\"}]}\r\ncf-ray: a12c3390f8245699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29594,"size_decoded":30226,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"86ff8b43854e7729ad418df70be40c4c","sha1":"a7b4ac23121c2d11db75b2b2c12d09987b8acc33","sha256":"b54b3eaca701f498bd6f338f80c9e09ed381d47a6cc919ac66a8dd8196c8a6a0","sha512":"b9fa28fdeee963587b9690e70f2aa77aee7b72565a4c6d13126d7e6309db6e4c6d1b9bcbfe061abca8743ec52b69bae5e11632c05e9b744305554fe32cdb6fdc","ssdeep":"384:yfPTXiezMR38bcaqLn7G1OIZOUtNitDj9yNVEWuWq5AH71czg7JG4G:YXVMR1XeE3tDUVEz61XG","tlshash":"f4d204c6e0abea72c67bcc78e5465c465357f51ce2d38dcd1f4ab02489dae3613a8072","first_seen":"2026-06-11T16:29:30.394669Z","last_seen":"2026-06-28T22:47:38.439022Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/feedback/13924686.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.795Z","timestamp":1782644569795,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/feedback/13924686.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 119786\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aY48Tl7mZU2rXug1dZSnNtpLSrm%2F%2FfOPr3%2F03ZNhMcqHOHda%2BE7kKzI4vd2s31Oam9AfGiJo0pJEx1d4mbDS7eJSEFfx4yEAA3PLt6cilUEncT0FLvUumgkZnmgQAw%3D%3D\"}]}\r\ncf-ray: a12c3391387d5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119786,"size_decoded":120425,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1600, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0537dfd0b1e5a586aa9aa7292f36e4a1","sha1":"aa216bd36f5b0b10e550a3ad4cb98a90c43acfa2","sha256":"305593a4b0fb7e87f23a8a259ffe6c464ac7f052b8a05622092f3835f61ab98c","sha512":"4a74f6ac7450300176660e8a6ec83e75717f793ed0ebf4044626a4bc193eb744d12c1a646c8022ddc78663d974fbd777c460a224a5a86b22e6dd494e5fe39def","ssdeep":"3072:6yaFjJQN9aj9o0gW9pApzjlU5BUXm3R2DpXaMK1ENUr7:6PFjumjOVW41oe8RiKzCNy","tlshash":"60c3124d38609fa0376b9e275f3b4d119c5358fa7cf18cb02f1699e236a5b9c850d6c2","first_seen":"2026-06-11T16:29:30.384557Z","last_seen":"2026-06-28T22:47:38.425264Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0tjlo5.08~sm_.css","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.884Z","timestamp":1782644568884,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0tjlo5.08~sm_.css HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QSfRhub%2B0yk8kNNRhu8PcEdm80ehhChU93lKvUReP4%2Foj2HpNGiWF999EJUEo84lyoAF08ke%2F%2BxBcb%2BDllokfZnqP%2B9yHSIMux00Pb91G0oojtB54Hb4kWzRuBwWVw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b896e5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118300,"size_decoded":14798,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (14358)","md5":"0bd486ce6c18512e789079ea01b91dd1","sha1":"8ddc0e6ce0cd4a969e66582ffac9d5d86ed6de14","sha256":"1a14298d013b289acce457f73de23a6fd3a49d167e08ea2ff74db9b9300d0493","sha512":"630fb56b50f84b82b4bb56f1972cf3c3c640b89238926f8325faf7303a9f8020213a553a4d2683a01d6f524fd90ac36e6efa62078d924a42995279509a60d554","ssdeep":"768:QVbrAx2I1l4B/mkzbBy8ZeqpCLHlbcwTDQ5lojKekw3T8IDN2Q93+scCvmV2ff9S:T4PzbByJpbcw3Q5lojKek20","tlshash":"64c3e17d50b057bfe81db442f6887c58caa2e6c5e8964ee6480c29a743c2df115b3b37","first_seen":"2026-06-11T16:29:30.395699Z","last_seen":"2026-06-28T22:47:38.417782Z","times_seen":410,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/clover.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.785Z","timestamp":1782644569785,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/clover.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j2J9hgw8D0grSspw9bdobd3x1y2%2FGkq9UYOU6TKVQPVaPUeDxUgr8np64hoY0IpSYb8t6zcHDD9sKCyRyU%2F2Bs%2F%2BuHt3xRJgqFwfyEctopHy8r9JKdrgMLvqpNLcrQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339128675699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3043,"size_decoded":2180,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"4213bb84020cec5fbfd069cd780d9c32","sha1":"96a0bd72a226d74bcb911762b044031bc350058f","sha256":"ceacd97ef39f08a350b8ca4a0cc1e627fd9376fb32bef5cd608f5dfcac9580f1","sha512":"cbde1be90f8f4a8eb53a89a0f44c95347ac5c9d1c16023cf8784f5dc57d3858261980eacabab16322b05eb05c1b636833dc6163b4b0a2416d38f7b996b02ed09","ssdeep":"","tlshash":"8151b7f4f3e4e2f1d209d7e0c6569c31bb1718f35e26c2681688ee98eb0504e849dcd8","first_seen":"2026-06-11T16:29:30.486235Z","last_seen":"2026-06-28T22:47:38.475101Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0o_e~241j7s70.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.906Z","timestamp":1782644568906,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0o_e~241j7s70.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ggK3B5kfjupjCaS6qxXJgdsseqGsTQa4vA3uy4qQ11mdAs0Q3JJBysre5kYNCrQvi5B8xGDjCvbLeyVAW65KPwEmbRhsYOXy69oWXH6fw26m16%2BRKskQKB4RPI%2ByAQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338ba9a25699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51449,"size_decoded":18160,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51391), with no line terminators","md5":"492fdde27434ccb64638e746574c542b","sha1":"41d99c26c55c106d7b2020ad4173e7b8b104dca3","sha256":"f95f7bfe0c9178ebccf3e88b7dea3aebd7d1965a2ac72d02a55123515bb62e60","sha512":"8b277899f0d2e7df00f734282480b99110b1d4f303a1e4ef9ce1251cb8ecbfcfdb6e130264d9e6116bb0413ad2dcb3a7a6e6cd3d8a0026fa324cf32ab9c2375e","ssdeep":"768:e8qFuVuuWew7F7sKaMrxwkXRoOiRLhFHM8XzR46XOUYpJ7NzWxaHuPMbtJpy6xkj:e8qFiuaiQKa0oHMUR35ZV","tlshash":"a033fae2f1d4e2d9e4061b80f82f9808e52e39bdde45ddb466bcaca11f204d4b985fc5","first_seen":"2026-06-11T16:29:30.444636Z","last_seen":"2026-06-28T22:47:38.477783Z","times_seen":410,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/question_circle.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.803Z","timestamp":1782644569803,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/question_circle.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BVj6Ev5uDS8ac6gv1X85GBHtFpcUIKKTcAW%2BabtgebDqEQQDcK2iF9MzLgOd6HGJffbWSWKdtBzoqsR1vvtSXjTm3%2BNPB01PzjCpvu4oBfaAcuHGBSK%2BBkFCw%2BMxfw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3391488f5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7281,"size_decoded":2466,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"b9b5108ecebdb639d3b0399d10703077","sha1":"e860492e644a7cdd6333e5e1db97c620593202e7","sha256":"eaecbcc09b021f2276fe5dda544ca474316bf14ed8bcbdf72551c25dd6f7e3a6","sha512":"4fb064887402f7d3919a78fd9d76749e78184d93be017df629b57a4f6eaab2aa3a20f35b79318b7c11c01d026f54f97fb99af27e57ce8204471d9fae4998e0d9","ssdeep":"96:0yfkJRlQF/ykJrI2QwrmMQA/qFk/WklrmMQA/qFk/Wkdu+wOe5r4y5uS+wOe5r47:Tpik/Dpik/eq8r4y5uSq8r4y5u84","tlshash":"10e184f867bced96e684c28eea8255883e0d40c75a89c645f36c1f3b1f21cb91d272d4","first_seen":"2026-06-11T16:29:30.480685Z","last_seen":"2026-06-28T22:47:38.472267Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/ae.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.177Z","timestamp":1782644570177,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/ae.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lS4%2FlbQ1%2BXt3uLU6DZ0BdVxtdbWYOSW%2BAOUQgx%2F2SkJylwQYLEXEy4OjnLAHBT30E6LduBMd0tbABpMMSpFRZZKsGWRF%2FY%2FP4wFoJ5o344IDe9Zr7StJG5njClitag%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c33939bb95699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":309,"size_decoded":849,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"1e0f8ea8b39c7c12501b0a0deda991a6","sha1":"3aaa0708283a38e0826e96f2e479acb5aa85e9c7","sha256":"a826a33f6fd1cebceeea5d5b559cb241a94110cf9dde6ad8af447513ecb4f6b3","sha512":"840d907a3886f59a19322989eee0345f67d297d8a6700da02ca377d982f130724198119917c90e70155d66fe19a9afc4ba37316073c4d1e6b8fbe3905cb9bfba","ssdeep":"","tlshash":"cde0cddda17bf6d54c47cb607d5d72c1608a1246254500deb043562465c93df7b85f50","first_seen":"2023-08-14T20:47:06Z","last_seen":"2026-06-28T22:47:38.393941Z","times_seen":671,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/rewards_bg_out.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.750Z","timestamp":1782644569750,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/rewards_bg_out.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 52940\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RkLp7Q049gPcvYOhgi%2Fx%2B6OLNHtXBa2Rk4e%2BuyZwJXj0mGP2hLNVg4Zn8loURpUWCAjiGL7r1GaoIUzCkmf0Zms%2BAwJsEZVacF0pGggRumkI3Nd8J3mLdJeO43j%2Fqw%3D%3D\"}]}\r\ncf-ray: a12c3390f8135699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52940,"size_decoded":53580,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0ddc20350f34080e2d4914c6227ae7eb","sha1":"b5acc8f43a25f66efe1aed522a6161b1f5100ac9","sha256":"6471b8e1bb0be5285be8e74c0e5205c7ad8644c002e19881979894bdfdc253a6","sha512":"0f76a96c7d1c73cac004370995594fda035b1612f23ef2bb7a140154e33c23fee53c15a1a48734530ee1bc56064b26aaea3ebf59ff6e42224a7cec03a98b2e21","ssdeep":"1536:YN2P5sT2M9A3fMlQ9FDDh8dAZQJB1rUnWJ7:YNA5sJneDDKCQJ/UnE","tlshash":"a733f1cb70b2863eee4f27a14e6e2476584e5b497d91f15ec01c0b3b819f17cbb82856","first_seen":"2026-06-11T16:29:30.392779Z","last_seen":"2026-06-28T22:47:38.442014Z","times_seen":226,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/assistance_bg.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.943Z","timestamp":1782644569943,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/assistance_bg.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3458\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NRLikVHWaRfAAAmwutcszPK%2BIHj%2F%2FhwhHBjvCCFCU0QU8%2FpTlCNgS9aK7CUt0e3yHYKHNcgtfFEMz8KPI9t83FvjMnDHIUSlzFs0fpkdcXoWHxceXGvq1komVUkrPA%3D%3D\"}]}\r\ncf-ray: a12c339229d15699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3458,"size_decoded":4095,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 636x536, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"14981feb44a77f724cd54b3471a995a9","sha1":"fffeaaf9bef47afd2f968c803eeaacfe4e7969af","sha256":"b75eec4ccfcf02c1bc391a29f4685119e2737e5b4b1b2341d2d08d516d46d7aa","sha512":"7db20d684b5e098871cc154c08ce0a21fb5655f3a0f262e2e76a94a3bcb23b42a84135167e57a11ef8b56e15d3a606ad62bf209197b36887112d4fc31be95ece","ssdeep":"","tlshash":"9d613dc592d65fa1ea6a8cfb94b1d130606b5a28828f70274470bc83cb6c3571b8ddd9","first_seen":"2026-06-11T16:29:30.385678Z","last_seen":"2026-06-28T22:47:38.392989Z","times_seen":226,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/tr.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.176Z","timestamp":1782644570176,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/tr.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d%2FMBB5sGSJrHJEhHFb%2FqOJ3a%2F3FVKXWTBmgAzDzGOhSCidPFrP0%2F15k4oMx3CCXtKsAWJUKTESH%2B0MacTCtREVdza0AVpBBAnGEbvEKwHXCESKuwNGxsPO3jXMrkKg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c33939bb75699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":556,"size_decoded":977,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"5c1ddcf25e62845a09ddaedb534eb028","sha1":"38d813431621d223dbd2bee482a0beca2eb6f087","sha256":"f750c5329bd8315e6575d5f357ca9955468a15321bcb3c7f74065b2ca6abc6ed","sha512":"67270541fccf6a0b81169c4bdeffb48a593939f42ccb8fdbe8d0fa3953f3b4bf80fd66aed8d086990d62b8684d1e15fde720137450622d8e701ad002ed9925b2","ssdeep":"","tlshash":"8ff08b848bf4a4c018955ef8ee6ff4d2674ca6baa7001095f242ab04e0cd8dd664ac14","first_seen":"2023-05-08T01:55:44Z","last_seen":"2026-06-28T22:47:38.436289Z","times_seen":781,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/fbq.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.174Z","timestamp":1782644569174,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/fbq.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hzRkCxO1wirWWYkvc%2FZ%2B9N%2BQW6J9tGfJaCVCCpYYiv%2BdmPYhBUvQqFx3PC8phfJRl0wHtKlzyVbrcn9OFhK3LADa2jJNTmzdvjs4LwC6TtVJ6n6q1p9fuoLzgL%2FX8w%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338d5beb5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":408,"size_decoded":926,"mime_type":"application/javascript","magic":"ASCII text","md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-06-29T14:31:43.700347Z","times_seen":24425,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/awards_bg2.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.783Z","timestamp":1782644569783,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/awards_bg2.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 46902\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dUD0PW7BbgprYt6uaUJrm8E1aggTy8H3OwJj36bd8ubOE8Pr4Kj2GRc7YattvOnbYutHqj%2FaInoSJXInqt1lPw9jL2A%2FSLlwCZfs9xwxi671ySIw6y8mWygAtubtsQ%3D%3D\"}]}\r\ncf-ray: a12c339128665699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46902,"size_decoded":47536,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d6b8d428b1accd6c1528b9816715af11","sha1":"a0bf20c9b56c5294da4e6146680a49d24899cfc8","sha256":"142c528af56ffe197219f00734c512553cba0bd8ce7435f3d499ae2174e63250","sha512":"c969609b71d2f18c6dcae3a8c16f4cfbd1f16f0f172219fce36f3fcebab7366d2115c8bd30eba703886bbc9761cbca737e2040eb30146b802c920a340850cff4","ssdeep":"768:uW4SsjfBRq1QUDOtoO5g5ODFLcT98fte856n32nrvX9T/wdLrYuc1pXEtEKJd0E:8dJIRO152ODFLcJQJUn3shzwdhcrEtEg","tlshash":"0823bdd4a7761080ef6634393bbe862d53b0f99ee68c32c98293d934e3515859e49cfc","first_seen":"2026-06-11T16:29:30.430475Z","last_seen":"2026-06-28T22:47:38.483762Z","times_seen":226,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/avatars/51.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.797Z","timestamp":1782644569797,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/avatars/51.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 23188\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nnxx8FAjJ3XeTLB357WYByDkt2%2BqiTmUohLFYm4MKjOt2VIJxHT7v7Ho3IgiFWqG6vWikv%2FFOykcGHvPFLn%2BJZ%2FNgsn7zPOLapIVtfx4PH5UoSLzmfyQNkMj3NV5%2Fg%3D%3D\"}]}\r\ncf-ray: a12c339138805699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23188,"size_decoded":23828,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 256x256, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"14e3380f09f4cce12d233a676bb0e085","sha1":"bc9b5b97ffe902b52e5e6b78125e6c3709f8b248","sha256":"10b6377327e0d25d24422779cb508c4b075e95d2b98e5e8a532038aaf49ca171","sha512":"863cd9cbfbb107be8a2a60062b99e302d0b52a1fb5afdd79462729f0e381f5fcbfd3064ff8658723d7bb95506d08d384fc417fb9b1b18ec21b3324e9b06919ab","ssdeep":"384:Jcn2jiGIsbMR+FgiGEJfqQCHyuXKIgw9nNqGheM5WCt7sWxBuYJogMd0fj+VQS95:q2RIwRgiHq2uXsw9nNqGBb7XPJJzJSkE","tlshash":"cda2e1f57d68cb003bfa49ef7a91dd158bdc8e4592d5880a9ad9731430ba37c3973860","first_seen":"2026-06-11T16:29:30.351948Z","last_seen":"2026-06-28T22:47:38.469569Z","times_seen":226,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/feedback/3815216.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.800Z","timestamp":1782644569800,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/feedback/3815216.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 62260\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nGjkjcqJpnycUaowlJHmGP289Iu2iqIjWgIu2HwZfbCAD9i166FrY9%2FxPppUK8cm4fhTshNktkIPkuTeoC6TQSu6EHr6FATaMDCZPXwYcrk4WwtbQL%2BbwGszUAterQ%3D%3D\"}]}\r\ncf-ray: a12c3391488c5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62260,"size_decoded":62894,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x1280, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4f40f8ff6e1ae4780072180beab03343","sha1":"c8effeadb49c361db3952781b86686e850bbd39b","sha256":"e8bcdff3606247a9fc22b66d876b5ce10d4310e6164416398c90f449ffb18b56","sha512":"5db33ad9c20600b01d8da6b34bf8fde1669e64e1e5a8e7c2aa597ef891b0f0f027abe8d73ab320477e282bf5f181f8f259d5f6ccb2f737890afbee0757049a35","ssdeep":"1536:afQMyMcmcKXDmzUrGZgOVUWMzUGISpS1SHEoJz:afQMynfKXqzUPBRS1K","tlshash":"5c5302b394466a74c29732735d8fecb3ea79ad8968bcd124761b9763b0c2337781c046","first_seen":"2026-06-11T16:29:30.4516Z","last_seen":"2026-06-28T22:47:38.491608Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/about_bg1.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.931Z","timestamp":1782644569931,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/about_bg1.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 144080\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mT0ceTF0FJqea7ME6vdd9T9tHXeKfc4JUulPoztEuZKQmDw9g%2BCkG3KmeOeN36Kmds2JbYOm5Ko465ai4%2B%2BLzSQg1vFN9VGyA8ca9BRzaVyWJYtaryRhHQ3GaTR6DQ%3D%3D\"}]}\r\ncf-ray: a12c339219aa5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144080,"size_decoded":144717,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"14d7d8959bd2556af2cfa71fe2d03552","sha1":"b1ce9ac92b44e6ddcf2e3dc8b5dd976115af9262","sha256":"25e0e3c67a035c74cd59768485bf3fb31d6b87647e564e06d370d202ea804522","sha512":"f2487ba16b9887e294510bfda9eb6fd3716739279ebb23c517bfe01b9382db38c7b116a716792904eb00b85e46546053823613dd757e854a5625ed62cddb3b43","ssdeep":"3072:lKTdSL592GZYo0Rs13KD8F4M0qEUHtxBLGR:3LjfZH0Rs13KD8fxBSR","tlshash":"53e3013d87758733dc95e831c992f68f8e2038cb2564529ebe0ed93054be4ee5b9580e","first_seen":"2026-06-11T16:29:30.340975Z","last_seen":"2026-06-28T22:47:38.443204Z","times_seen":226,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/crypto_bg.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.935Z","timestamp":1782644569935,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/crypto_bg.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3826\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rqr9xjA0KEBDZQmbm7wSHM4shlUHKUiCSuszRhn2z%2Fsgzh6WPcCjYZnbpQr%2B1yTVNPYnqFChj9BRGBq4Z%2FTihBiAIaNtIDUse9zvQuaxXHtxpjqOYGwg4Zmm0voeyQ%3D%3D\"}]}\r\ncf-ray: a12c339219bc5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3826,"size_decoded":4461,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 592x536, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c1cdc31b37aaa7ecd23f822ccc3d4686","sha1":"4cb4545fe65530070d0a13d2e599c7532597c034","sha256":"f84880011d8c6af1aec2658ce6fb0bcd86e0c38bdc98ff1ab1da5764844faae1","sha512":"e9ea731de3f9ffb27f8095e834ae5049c127b5752afd11f63a54cfa2600da25d3b6b59b44fc20d8cd3f9abfba19d793551e3935a83dc915da78afa9838242f85","ssdeep":"","tlshash":"6a816d4ac23338421c7736a188375467d045ed24d09ca1b62bdeb60fc64c377cda7472","first_seen":"2026-06-11T16:29:30.459808Z","last_seen":"2026-06-28T22:47:38.392016Z","times_seen":226,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/fonts/klarheit/ESKlarheitGrotesk-Smbd-TRIAL.otf","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.019Z","timestamp":1782644570019,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/fonts/klarheit/ESKlarheitGrotesk-Smbd-TRIAL.otf HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/04dt9~~_c8v5s.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: font/otf\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SLweGb%2B8el%2FvQJ%2B4sdtUFg3hLznJcMly02Nkj%2BKqGu2N8wru1FCbIvzKntiEOG5QEn7eu47xZw%2F2NXWt1C32KV2ePyvypXaXd7v0auSUm%2FUTbDCNograhSl%2BfAE76Q%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3392aa895699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8636,"size_decoded":7299,"mime_type":"font/otf","magic":"OpenType font data","md5":"5cfa653c156c665d569a48b53c56ceae","sha1":"16dacfab55dd75db79453fce084375ab084e152e","sha256":"f5ff34dc6823a5bdf0841549d371241ce06d53c0cc3ffa70e8d5df337d069041","sha512":"4349c60782a7d25ffecc1a09acf4150600ae324636213c5006f40972f62a278e12092a956dd0e6dec4b6c827c1be5f9ee75d29a9203217f139cb8bbbfeb815fe","ssdeep":"192:vM2wihiu51LGN561ciPHy3DnI0sr5LSoi2EadPy6Y:vKAzqN5MRS8jrY32Eadg","tlshash":"80022b50c3e49700f2e7af3245fb178a6726bd00a035d7aec6c417450fe67480e257ab","first_seen":"2026-06-11T16:29:30.428343Z","last_seen":"2026-06-28T22:47:38.488431Z","times_seen":331,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/news/bg/deposit_bank_card.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.970Z","timestamp":1782644569970,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/news/bg/deposit_bank_card.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 234480\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QgvwFpzdCFcw6%2BBVtcWrxARYsIe77CLGkXrTk%2FQJy9Qp6oX0fAT%2FExvaH08A3gU5pkKScEfFc7FNCPm8bb8Iv5rq3l%2BSehxnj0S6D%2FNROQTrs8c7lLnExrs%2FRxay4g%3D%3D\"}]}\r\ncf-ray: a12c33925a265699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":234480,"size_decoded":235123,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3b0fe231a1f56284a3a4c7f220466698","sha1":"33ebbe9b7d338331c0538dfef98d4399c184b368","sha256":"b8bb22422f587abc0c8a440b8f682731ccd99f872659cef4d4189d515fe35e68","sha512":"5229c2ee1c8c2cf80dea6adb965b924856734d13dfb441807ec4d45240a62eaf73e936cbcca8101c1343f25664de3686b519f054560857d18400f43211ac3df1","ssdeep":"6144:xw+rAvrOKHT1WUzgR2bfWjtv+dAYtBBYP+N67By77KG:xDrAvrOKHAUEkfwtvqAYpQs6NyCG","tlshash":"4934238f569e6b8ed5a94eb5c1466394c3d0173ba3ae432db9f55723af0600c2d92324","first_seen":"2026-06-11T16:29:30.51015Z","last_seen":"2026-06-28T22:47:38.398544Z","times_seen":225,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0yqs7g~fkgxvh.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.912Z","timestamp":1782644568912,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0yqs7g~fkgxvh.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Coool6bO8%2Bf8%2F9geiXNBd2CYTqJE3ZNnzrWIHGmyAZB8lOunPDiaOqvOcY3byTVsLfUeihRuVbpPuap1vGcfkrLoau2lnbnBzVo7hRk0tsARrggBoiqljtdW%2FN8EPQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338bb9ab5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80970,"size_decoded":23315,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators","md5":"56e046cd0054aeb3c7b9fbf97d0251b7","sha1":"cbfc4a9b8adb52feb8784859e08cd0769264c22b","sha256":"f558ae27c46605d6a4057db1efc6a9bddb378ab38c8808393d6683b82829ab9b","sha512":"c0793cf733e03956b13c5cee9b42c023f95b69fdcf8a653360efdcd82d0c3d8aaf7046e6df58d4cad4ecb4df4457aee60ca4e4b9b66055a900cd89e5760e42a8","ssdeep":"1536:q1otOBTamMABecSsuowgKh8YTyNerjq+sXYzlb1:q1NavDh7q+sXYzlb1","tlshash":"2483a846f0f4e7faa44d0a5ce41f4018e79e2dedda846df8d7acacb012114e4768678e","first_seen":"2026-06-28T11:00:53.652914Z","last_seen":"2026-06-28T11:03:20.748947Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/avatars/88.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.799Z","timestamp":1782644569799,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/avatars/88.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15284\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jf1blr%2FzqvX%2Bhz2vPwSkEYI5mgxcH5njwyJcR2v2B%2Fsq0QdzOqIrkl7xyYOAeqFzDwwLdRsRgqY%2Bj8fm%2FP3shysBfkTBm6Owk8K3w%2BHFeMF8Zr%2B3GSU8fUipLJn%2FxA%3D%3D\"}]}\r\ncf-ray: a12c339148895699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15284,"size_decoded":15930,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 256x256, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8b64c959dd0e62a386cd317e1de0aa07","sha1":"125a4cb5f83d47e02ec7515f7780c18b58da125d","sha256":"f34e000f338e7dca94e9ee5dfa5a3f860f1224d45f58fc40671e768db13872e4","sha512":"105b627319b17c697e45b7749f34caf00b7cbf35e06af3eae16cbebe453c9d534a49c99d2c2cff91cf3366e317fe1add41d6258ca976d1684b39b10110c51640","ssdeep":"384:JDLeB5Jmfg9ooE6RA3Tx99fxiTKq7eCJ4gNNdHd9U2rIfd0:FLebJURKYFDfxiGZCJ4gNN2Wg0","tlshash":"af62d080e89838845eba530ef7199d721c685178fa09d4fa35bf048423cf9c19d7fa61","first_seen":"2026-06-11T16:29:30.345951Z","last_seen":"2026-06-28T22:47:38.401102Z","times_seen":226,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/pt.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.173Z","timestamp":1782644570173,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/pt.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bMyjDa4az%2BIbfm5%2FNb%2FSdG5ZsE1P5z3bi1n31dkFNX8cbubGnzzvNPf0zR9%2BJQ4sMBMZLqEKj5FuuM1oDWEzlZFb7Nd0VvxDxabZGNqqQPBjuljVKS2gm%2FLjwdu7KQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c33939bb05699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1445,"size_decoded":1391,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"6e9db125513715df3ec213f701b912d8","sha1":"f0fbb6a6e5b7a068d28792280f397a4b879deeff","sha256":"3054e3bbce0d049b0ab3d157a16b24f7a572a7a45e73d342e3b7b8d5f28f0a4b","sha512":"06c04e06e44b97fc2b4379173dcaa7003f3cc5ed58db1697e0934f96878fc16928e08eef9a0be085cafd61b545718da8e8a7d8b456b57b194a51c1e22128c775","ssdeep":"","tlshash":"4a3174c9a335b0c24a17cfa87f2ef3c2044a67f8291c9884708ba90c3955bcdbac4d00","first_seen":"2023-08-14T20:47:06Z","last_seen":"2026-06-29T13:13:55.716939Z","times_seen":10478,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/03fg85j1c363f.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.911Z","timestamp":1782644568911,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/03fg85j1c363f.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LLsIALPpzI5yfjWBnwsFP6I4malP6W%2BuGoRgEMiBIofZ4%2FN70KXG2Ditoe%2BIn1y95d6Q3GPFdFMPwTJ4pSuNDLFgiAAEdIteVpWLmWrRj1VdtGknDTcjcWa8JKgWNA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338bb9aa5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":667746,"size_decoded":266801,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators","md5":"05cda99838f3df07eb438b054ce7d2ae","sha1":"5d7ba1308daf2a223c780b365a7123a12d2a56af","sha256":"72a35adf797fe33e0548ce20a161ab102a616803284bfb50f3755bcf8a8ae9b3","sha512":"b5a255650f22adcc0c518c24a86d52d2ac36bc52845302fa088afff62f41fd3467d822b72ca1f20045b35c4f9e9abbb7754bffe1d4355563a6cf60984e3348ae","ssdeep":"12288:yibu0iI0QXDQnq5u0FxIijiw9LUoXQM+M0qizOVNkUoReh+YoJLPP8v0hxQ0zPV5:tbDiX+NRv8tB","tlshash":"fae45c696025213897956090c15b3446efb1682f2dc944acf7b8ecef57b4e8e332af71","first_seen":"2026-06-08T19:33:12.046227Z","last_seen":"2026-06-28T22:47:38.40209Z","times_seen":411,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/api/extra/pixel","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.477Z","timestamp":1782644569477,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /api/extra/pixel HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://bavomex.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HAhIvuUM3OMqqL8kaOlyo0r9%2B5LdVz5Dv2NX0Iwh3tNGb%2FEQekzHL7qyIbzJ1JYewcsYvsidyuy0tmNp13qu3CkacYgqVZlMTPUiP9IL%2BcjQFhejKsMRD5APKV%2BHvQ%3D%3D\"}]}\r\ncontent-encoding: zstd\r\ncf-ray: a12c338f3e425699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71,"size_decoded":613,"mime_type":"application/json","magic":"JSON text data","md5":"428647be4acae0d85bd0799a59237001","sha1":"25b1dbe5aaaf5fe53a11fdb05fd14bcad3e92ebb","sha256":"edad519cb99926a099d84224b6b7427bbfbaa60c6ecc1673c039a0723be93006","sha512":"8ed0b8ab8b00e7883301e4dc47e6ae3c38abe1686e6de48d43983fa8105203f86c36b86cff1a09c9bdf9406ac7c4ac2f8b6a8654a42e1b5d03d843b5085428dc","ssdeep":"","tlshash":"f4a022c30a200bc2cc00000008203b22eec823238300022bc00c0200caae0fc30c333e","first_seen":"2025-06-04T11:30:16.150294Z","last_seen":"2026-06-29T14:42:30.145894Z","times_seen":16653,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/api/extra/promoIp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.479Z","timestamp":1782644569479,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /api/extra/promoIp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://bavomex.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: application/json\r\ncontent-length: 16\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f1Epbolpl3zBTE5oeWjRJlQ9wzrWtWwEkZtGp7at%2Fs1U5HKQecfwrSzNZkAPRhlanbbK%2FSdS5947TI%2Fl%2BIZEWU5r%2FznwsyYWenNHUuUNGVDVT2AqqZI7QAaQJD2qKg%3D%3D\"}]}\r\ncf-ray: a12c338f4e455699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16,"size_decoded":555,"mime_type":"application/json","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-06-29T14:34:27.296265Z","times_seen":168939,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/in.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.179Z","timestamp":1782644570179,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/in.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mPTqOJqC0VlLQy0lqBU4tqIN3CeDiZ0HkPieRTzh%2FPEfeI88nOCJ6NdL6SKkAGreyoKs5UbOCwDa%2BVNfb9uQjgN3K4dbFUM5jlN1%2FDn70laqw4MkjZg3Cwla0Mo06w%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3393abba5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2301,"size_decoded":1429,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"f0c892dde95804d59b20416b8db9fcbe","sha1":"41f09b07a8c26144aff93575ba4a07a0122bdae6","sha256":"aa82222076d0dd86dc6f37947faf10333212886549a33c4fcf6b44141b702018","sha512":"8eadf55e31f49edebffdb864eeec76900caf6f5163d2e3cf1988757271bb7c5e2c26c3986b4fe5b2f8953e733ea0c4bf4fb3cce0ec4d1010e20f5125abde3ac7","ssdeep":"","tlshash":"2e4165a9717df8cd9b01c6fda63bb9f1b00f50496b12d3a9b55b0f0a481a4fbb0056e0","first_seen":"2023-06-13T16:46:48Z","last_seen":"2026-06-29T13:13:55.672955Z","times_seen":10528,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/cn.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.183Z","timestamp":1782644570183,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/cn.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FadYQqqY0eYGP%2FWu8HXuJSesTULwlIA%2FgqO5%2FNJU8QB4IDD2OAK4giWN3I8Hp2IvXtEhczQYmqGhpxrdRgxeNHu3CB2tpoIu6jDvcwGZ8WTlx7iIXSTPzZV8%2FdeBxg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3393abc25699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":696,"size_decoded":1025,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"d39728b84718665ada444d92579fadae","sha1":"11fb0d75502abe17cc325fc4c77fe0d3f507236d","sha256":"4db67ee7fc03992f7c0d6cc737441c67aac931442267bf896cd78d4c3e97ddcd","sha512":"3e0d290cd9f2b52709fe020527c4888c2a14d0f617de2ac2e4410526838f7b46df1e78cd9d15f6558cae357d8da73cba72efa824b1063dfa36e876d0661c0b88","ssdeep":"","tlshash":"1b01c09dc135e2c845ccc9987f4535ea141ab27a40b134c164c7ba58600bcfcf649a2c","first_seen":"2023-05-17T19:49:17Z","last_seen":"2026-06-29T13:13:55.708713Z","times_seen":2914,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/feedback/1877471.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.798Z","timestamp":1782644569798,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/feedback/1877471.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 117186\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KwP%2Fqzqv%2FRuCohgTd%2FNC7EZRFCB44yWVjyQUoG8IAnIeHbb4zMqcpF%2BwxMxVVM1AoeY1X6sXAS8B5r9LoP%2BTTAc5ui66Wv26DnAywNHrooInFurkJv9vdjvj%2BoIplw%3D%3D\"}]}\r\ncf-ray: a12c339138825699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117186,"size_decoded":117829,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1017x1516, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"988ce044a2c9927c7345499bb65c9e27","sha1":"e28866f85257817a29bb9c5aa06bb93e0bfa3fdd","sha256":"105fa93f108b376a24ae7acbd2690553d348b6fa45c4773d90483306275c561c","sha512":"781f9c20b6d543e35fa46dc7440792fc40fea11687eac5d5ba886a23ecee9f2fee0e9fe2386773477e144b8626e97d39beb841e9129e1cd691c6c1f07a872b7c","ssdeep":"3072:zrdF0OImj0txWLUSqIwVeLNr9252M3/ID2:zTc8LSIhcxn","tlshash":"f0b302abf63935c0b4071a77489e216e1d74c2ea8cd277096c2cf97b98a09ec1d13b1d","first_seen":"2026-06-11T16:29:30.344843Z","last_seen":"2026-06-28T22:47:38.451923Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/footer/support_bg.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.808Z","timestamp":1782644569808,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/footer/support_bg.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zhUxPPwzRDu8dZden6eBHtuo8wn6eXVkx%2F8Wo2oKhcU%2FHgTIHpSRfyMVzNVSwU9JRW%2BY%2B02gDDxp1yLL55YYnsbHk5kyRIT4Umz%2ByIRqZwHhyflS0ZOZxH%2BnUPKgaA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339158965699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6555,"size_decoded":3838,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"74da0a988581d3182c97b5b8ed18a838","sha1":"89e81f812109330fe50e025e71355631acf9aa04","sha256":"0d905bcdd2da3e9c6ad16d05095188c2cdb5de7789ccb58f8d7d57b2815a1efb","sha512":"d08d39bb223d344b8b4f7e475a0f7a0a3b69027231c08fa551a3fb411fd87f224c3cf21191c4fd6a0eb79066758fff3b67d90d29ec87017bf27991ebf982b1c9","ssdeep":"192:ZymxxpT3BpuhVymoA8TztZJBNoH9LyAnF6f8S:smxbeuVFXNodOA0J","tlshash":"06d1c8dc1fb40af4e882a3ebef2210887f0264f765864a35e32d8f4636224adc845dc5","first_seen":"2026-06-11T16:29:30.326879Z","last_seen":"2026-06-28T22:47:38.452817Z","times_seen":226,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/footer/crypto.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.811Z","timestamp":1782644569811,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/footer/crypto.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ajbg7sKNXh211Xl5XTh4Iv9kY6UxZsd0TxWOmsUigUUd9TU4ESPhLbJRbMGLKAKsSmaNGwIPeIQxL1G22Ty6jSdsybpmpbBmoC2WFsjn2kdMLbzF%2FTU%2FU2ESmC3CEQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339158995699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5827,"size_decoded":2566,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"8d8f9e1d212d806b50213dfd24ae8941","sha1":"73d942bc8cf4f575839024a4844036212a5b43e7","sha256":"c037acd3b6c1ecd1f2a05995623193f8449b91e5a77505fad21aad7de4dfc39d","sha512":"31178a84c6f4496c977390787e56908aa8611ac052d4ad6fd6883eb9a2487a5eb675ace306beca16ce30ea0cba9c787c3012566568f1ebe2e562708fc3cab9c8","ssdeep":"96:KCClbBTlm/2KjpjdHRMIgb4R1rVgwgNJqMFDIcB+iKqOO6jF:KCC7lmOKjpjQUTcJqMFkiKY6B","tlshash":"eac182e512f8a2f66514d39c5718a4fc3d3b30eb6b1a8645b7cc1e782b600ae4a679c4","first_seen":"2026-06-11T16:29:30.470732Z","last_seen":"2026-06-28T22:47:38.442594Z","times_seen":226,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/top_block.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.920Z","timestamp":1782644569920,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/top_block.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/090a6r7kb8eqn.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YNp5zsf5UK6Ljo2YJ7HaTVamcLrFs490Z6UG%2FIDAHrDhydx9HUQiM0LA6kxNHs1St5zI4pdOkC6%2BqPJDFKhx7t%2BeYEMFGGB5bIv0Z6Sy0I7PYss2xbRYZ5zmVngwnA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3392097d5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5406,"size_decoded":3267,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"5806656ac69db0674fed322e975835ab","sha1":"d662a90777d72b28bfcb23bbfd6211c64128abdf","sha256":"bbbaccc12198e60bd52727d4635127433c88e2466fbd170c281d4277f5f6b613","sha512":"2a72da3182b770f262b69589f72aea8d8453aceba724c6b251a68041ee9899c031258cd668c92ac176068536a8fcbe288306b934a5d5a19b722c7a8cf4fd13c5","ssdeep":"96:YinLIhYkH3kj17+4C3R2VVdQW6QfcyofBykXeJ1ra8AINeTuDVOEj9VoZB6c:YinLIGkkjljWRsd96qqMdaINeTu5LXoX","tlshash":"90b1d6dc63b483f8db86b3e9da3394447e4520eae6818638c34c1c80ba669bded15dd1","first_seen":"2026-06-11T16:29:30.4571Z","last_seen":"2026-06-28T22:47:38.394986Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/de.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.165Z","timestamp":1782644570165,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/de.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yhAhj0QhmtjcyoGroW6hT6Coo1P3u5m2Dj2zal8xnwWyJ%2BbjraV5RmJCVgNRK0dVCWDXZMLB3mJtUs1n8fToK8HioVF6XuCR5ET7HryKl0bObXRpQRpX1xMQn8aOdw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c33938b9e5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":271,"size_decoded":823,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"939afd91bea7074f84f4a328ca095295","sha1":"1a8edb7520cb812fd35996134ae823fe8ade03d9","sha256":"8e3c8f938c6fc4fc97c81f398a71d0d789b44b6be458469d7056372a2c05837a","sha512":"a3922e78b9ac5209cabea2c0945d474d24035a4e78297b3105779cea945b931ae83a59ffbf73e2877f2da42e0ff7fb5f23c297c1d7f7d09da3644ed63d82ef6c","ssdeep":"","tlshash":"c7d02bd8506ae8c04d16c7603e6c32c1288a6259238800dff0835338a6cb7ceb745f50","first_seen":"2023-07-03T07:07:12Z","last_seen":"2026-06-29T13:13:55.662656Z","times_seen":10932,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/it.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.171Z","timestamp":1782644570171,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/it.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8STIJCQzd1L%2Fkreia9U86Ku3q3pGweYkGSuXZ27c3gDKnEOG4cPgJ7m0OJUijwaQLhWFK9amNDGTfnu3ttPQ25Hc7ZUVtlTIc3bcMvKNG2a2UzYRTfizxAu6C1RhNg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c33939bab5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":822,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"4d4f20f2f1c88447480002bbf675404a","sha1":"e4a918db17e02d130c9733d7457211389b459535","sha256":"41b974254f3dd5b0853af7585c0417998a1ffa52e97e000fe2af3eee2c916d57","sha512":"04e180d7684ab9fefd920a74433c7fdea73380c5ec2588d6174ea6c14a20bdf1ebaf250158977863fd79051cc5012e5da4b9453f88998262b5cdc1672810ad79","ssdeep":"","tlshash":"e7d02b9dd07de0c448229bb03e9e31c142962327364500daf04b271861cc3ef7e41f04","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-29T13:13:55.689355Z","times_seen":10942,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/16rmwuk.q6kce.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.887Z","timestamp":1782644568887,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/16rmwuk.q6kce.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sgflq1HHpNPy3dTIpZfeKqlMi%2FDSxnJg5dMtcZxiIJMss7zUcaFpNUiNDZbyQfNHNMaDc95W5x4JgZrFcZKMcE1RQ%2BHmk1cV27lNpt0RJdqAZ9lhkCT7SsdiP74xvg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b89765699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53814,"size_decoded":12428,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33781)","md5":"f5cbdef62f70832a02868c81bed4d0cd","sha1":"4d77c0b7342c6700e8dce963de3136d937d75b23","sha256":"1772b49f52d973040f54ddfecd3ec3c5333a06566491f44d881a06852d94ab32","sha512":"fcde5221d5f85fd6c9077fe4092dfd79e9901552845905b925e095b1be1cc2de0d1ab165ab5aa309fc9db126316de67fab111f21da93129d2c8887c87f886d9f","ssdeep":"768:7AJ81OugdCHq8di830F9Lpl/v+GMd9mML03RnyiGM:7AJ8I+xdi830Fwq3","tlshash":"aa33d6b172d5faa2429380e4d43f2017f23d0c7124ad7470a7e89cdb754898da6bafe5","first_seen":"2026-04-17T19:00:52.214884Z","last_seen":"2026-06-28T22:47:38.46841Z","times_seen":414,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/crypto_com_bg_in.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.761Z","timestamp":1782644569761,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/crypto_com_bg_in.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 75808\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ThUgvs8vDnqkVgvgh6DmieBNt%2BdpboYyCnntrSQD%2FbTUOOdor43Kf3AcX4%2BuzIcrqhtRKms%2F2ibaRzYeC9PvIEzMuD35Oz6k116fFnmMsMXnfT3TSfsYfR0syM3xgQ%3D%3D\"}]}\r\ncf-ray: a12c3391082f5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75808,"size_decoded":76446,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7f531fd76a341cc23ebf555221b365f0","sha1":"3ce715c3d12b8b197bf91eef1644b90969557aaf","sha256":"ec76e2092835aa919f1f86413703dfb6743b89aba08375bf7b003358ae358736","sha512":"b9cc78f192e75c02b28ab34f139492d7b2ccaa3facc1c873d657b59494903acf43bd0502762b5fb5ab296ec2bab0193914dfc2a87e7095ee9b818c890cbf72eb","ssdeep":"1536:fgHEsWBKkFbHPkIJkvMt2X7TNJqDW0Ubylj+jglnwOG743G9H9AdBlISgg:fgkBBHPVWvXTNYa0Ubkj+k93yAdwg","tlshash":"e473021a3e9bc240e3a16de7cb306e6b27d333da918b648508d52ac8913d76cd93ed54","first_seen":"2026-06-11T16:29:30.44575Z","last_seen":"2026-06-28T22:47:38.405475Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/exclusive_bg_left.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.961Z","timestamp":1782644569961,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/exclusive_bg_left.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0tjlo5.08~sm_.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 270064\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=viE9tf3TlaOrcvf%2BWLkMB2t%2BmgM0KTW%2FrlrSihMOwDFUWvP0wconjXvCa3oJbqZxFOiwK1Sn1EhSXlI7tqKvX2Wphu783R9%2BxWjz%2BMPvqQvfMOSv3jU%2FeH6vkKJEVw%3D%3D\"}]}\r\ncf-ray: a12c33924a035699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270064,"size_decoded":270707,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"aead9187f9cbdfddc5ca171d47639172","sha1":"3e9014afeaefc3c74cb2ca2537a621a4678daea9","sha256":"6b9196b9638b9f0fd035f1db17bfcbf4fe56a695b1b75611b9ef589b79e0d2e8","sha512":"6fea944583124b5314053c85e1612d64aa025e3867236d097e7a67b52d877aceda91d32cb725cd24a96d5ecf7ff19b0b3149c003f353e97870c209320522c09b","ssdeep":"6144:D+O8bHNa/794UDGmGgLC41aH2sBdzQUVak2rZPVFvJza:D+FRaabmDLZ12d729PVPu","tlshash":"7a44231b46117598dcff5db540a38b071e73008ec65ae8269e182dfc5a656e0cbdc8be","first_seen":"2026-06-11T16:29:30.401181Z","last_seen":"2026-06-28T22:47:38.47614Z","times_seen":226,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Fragment+Mono\u0026family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.171Z","timestamp":1782644569171,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /css2?family=Fragment+Mono\u0026family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 28 Jun 2026 11:02:49 GMT\r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6093,"size_decoded":1472,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ce2aa8e898f250b7c0242ab9077f31dd","sha1":"d002f148d6d3f9736e9014bc0d6555b0fe0d3613","sha256":"8aed4ac843c06ce642e2cad43271e538c73868098e3b5d20f8f339ded465332f","sha512":"4104bae1e0ea8a5db1b0cd1699f68cbcf332c291476e81506501e9b04c97a573d3042b0339f07226ed5bb1d5f4a15967f917dd5592f57d766b6dd587825fb44b","ssdeep":"96:lOEabOEapJc+uEOEa7ONDYg4aMzqYg4aybFZHYg4agkYg4aUJ3vYg4aERYg4aYGX:68J05ywfydyGy63gy/yFVyR73xpmj3UQ","tlshash":"89c10c92046f9004ea431cd627cf3e32ad8e51556082e57daffe2ccaacdbd221324b4d","first_seen":"2026-06-08T19:33:12.052545Z","last_seen":"2026-06-28T22:47:38.474112Z","times_seen":408,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":16,"send":0,"wait":48,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/card_currencies.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.752Z","timestamp":1782644569752,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/card_currencies.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hPyYDeziZ4sq3g6K%2B52VOaZUKqd0TO5hIKnzyit1cozPujWWGeitKYFwRqsMsQzPKBAfeQ97e3JdxZmt%2FfY4SI0AQBjEasqUzCJA5yc%2FzSENMQhbkYSfdEzvnMuC3Q%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3390f8195699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6922,"size_decoded":3505,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"deb2dadfab7896d467ae2bff37ca6895","sha1":"b768a716f2a4664bf0c828363ba82f4b9ce3d304","sha256":"215ecc2e2772aedc12f56fd44f6194e631c4880ee2b9be09d6ca310462e0fa66","sha512":"01d25940ffb112da1b55faea4da368f39af328c7d298269debd9c7e4f7a41d36e41ea7e6aa9bc610090b58eee33e5a25a0e711ffffb2136bd7741e20e76810ef","ssdeep":"96:gAyGlgnFHGJZxom/088m+kw8o822OxZmJpoOePhOiYg4TvygHBgMFRt5uZp/Uzxq:fKnFmj2887kK8FOxZe0ODbKr/d5GqT","tlshash":"e3e197fe26e805e0f44297d6ee33a4793916b8fe6f908795f2888d9437514c8c85adc1","first_seen":"2026-06-11T16:29:30.397217Z","last_seen":"2026-06-28T22:47:38.384896Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/trustwallet_bg_out.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.774Z","timestamp":1782644569774,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/trustwallet_bg_out.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 54270\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vYPgamlRMeKqFA9euaW0gEs3SFlyzvfcVR5EjOlft%2Bk7aCZAwRMZoN4Y4rQaPib2HEYkIbBPGCJahOfuy5Vpb%2BqNCSUWjb4ViArSCWTWkA9vep3i%2F7Njs%2BgePjLStg%3D%3D\"}]}\r\ncf-ray: a12c339118535699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54270,"size_decoded":54908,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7d993ded140645482be0caa9070143ca","sha1":"7283c2ed5f33469f3e05543bc31bae96e4e6e223","sha256":"c977fb933ae7a448898858959d376b1f9ec68dff5cc2a23539cace00914b5210","sha512":"017d87f4987af80a6b488099d5137eb218f4ad67fd181893b6929807e4bc2943d59fc50ba9807bab1413f2480232353438a2e6db5cf8716ce02da60d8df418e1","ssdeep":"1536:L6aKLrMVmfIRaANIUAzxf3DINuZZJgt5P83DeztCtGrXv:2y9RhGzpm8JOR83at","tlshash":"8233027b1e1a3b5ec95c9d70d109e43a050f1bc9bf076de355b70407117aea188af692","first_seen":"2026-06-11T16:29:30.450371Z","last_seen":"2026-06-28T22:47:38.387829Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/stats_p.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.926Z","timestamp":1782644569926,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/stats_p.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12952\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k7IFEusjs4KA0%2BweBqNYlMzEwFd2Gy4JwlL3eVuZhQgxspPJ1CDW1QvQhbKUqpxIGYHAbEEAQi5xUuEh%2FOzNvojvZtsx1VWjK6Iza5GF%2BID82qOVX38bq%2FlyahUHCQ%3D%3D\"}]}\r\ncf-ray: a12c3392099a5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12952,"size_decoded":13590,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9f4f9a14052b63203bb9dea22f6e911e","sha1":"e3c7e59aaa3ed2be349cb57623314c53ddb0aa25","sha256":"3eb4fcc599a3702a75eee108ddba0eae8ef6145ac97508be01754777a6d3c610","sha512":"0a792f1fd969658ecae25adaa877d738eb306c65034fdc8d66ff0c1c6726cfe470f566c45f1bb1a63e35fa6bc38bef15a5044aaa0f1285b1015dcc6d649d0d11","ssdeep":"384:ivIeJMVQLTwGzHZfGmag8wxuYQONSJLN9OYKp:SIeJnwUZfog8mZlNQLTfKp","tlshash":"7f42bea0a77af281e54c9754d30945b803d3d8af1a3b09c4af8b456629cbb41d3e9bc5","first_seen":"2026-06-11T16:29:30.366353Z","last_seen":"2026-06-28T22:47:38.388404Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/promo_bg.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.938Z","timestamp":1782644569938,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/promo_bg.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3344\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gyQzxCmfB%2Fur5wwxysqlyurrkXGD0jMPH2KbVEvuOvOeljM%2FIIbsbzwmDenb6IdmQvkRlEFEXoyYukK9z7VIWA2u8MVoW9iHi6KRg2kGpyPkkL67GWCyxomXDJv4nA%3D%3D\"}]}\r\ncf-ray: a12c339219c15699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3344,"size_decoded":3977,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 644x536, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"83c101d01e491436472d8628242a86bf","sha1":"2560c27721ff67d971fb4f83ccaaf41f859dfcce","sha256":"684e62bf3c2ee72f52b284c19c85ff006d79ccba830841ee83c47e29c3165e1a","sha512":"e3f141a3e8567e645956ffc902cf86cfc38272aeaefa4dac929b18ac19e5ac6715a572071a1c4d7e59bf5f6d0e87ea1da15f12f36369a37aceb1d987d6ec5880","ssdeep":"","tlshash":"09611b1850d9039bdf681ca64cfdc5cc16b8cd6ba8367d2531b50782ce970ab66d9154","first_seen":"2026-06-11T16:29:30.508058Z","last_seen":"2026-06-28T22:47:38.466534Z","times_seen":226,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/12lp94j-.c_mt.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.897Z","timestamp":1782644568897,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/12lp94j-.c_mt.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mm5rYhMN9XqJxZLRJsRQShv5DXiu4MQZ6EcsY9uJnxat1kzUGX1VZm9UKR08pUYzRUlpD%2BhN2tSet0Q3kjYzwl3X0r3QaTIPtan2wK0gAMcu6CcYDsGyLE4j3VA%2B1w%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b998c5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58029,"size_decoded":15191,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (58027), with no line terminators","md5":"e739de1547de36405dedb135277b1f71","sha1":"a2ae6c5a9ccd2a7b0a2c3513af23ce6027350983","sha256":"516e6be72f41061589fd880467eda5e65367f672bf3965d39f04192c54064b22","sha512":"38d927879984614c350d69095ad051428407df75b772003b1a9a02349b8cb9fc11ed9e4f70e82db8494ece45b4c391f9686b521446c0a75b74d4fa7b7c8287ba","ssdeep":"768:YhBJUosw2zWLEImqD9nhKFXA3tkBOfCCDkZRQqwQV:YhNUAEI/3na13V","tlshash":"8943c8b53291faa342db91d9c0370012f2780d71309d64b4b3a4d8af799dd8e92f6f69","first_seen":"2026-04-09T01:35:59.256618Z","last_seen":"2026-06-29T12:44:16.919442Z","times_seen":421,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/07b~lfkhc7~f6.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.901Z","timestamp":1782644568901,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/07b~lfkhc7~f6.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MJpYV%2FwZ0ZyBazanzJwLct1eypN9ha7NPgfuvbFmC9mHOcP8eZ%2BKxj1qkZ21Ln4rAqzKGvbaEcFXzeO%2FOtri7WrheGJpwQhaVRfvKJBC%2B4Li9LlgGcw2nwsZ5qPqLQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338ba9985699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":172200,"size_decoded":13536,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"109cacd54b4cb00227ca58e34d8168ca","sha1":"9af3b7bed6b65acca8080874a47307e6a0d6b3a1","sha256":"4de148ca2676f0ca606715a307cd028d1cfa6f63a59f5ec45f259e0bfea61faa","sha512":"9c40e0ce244052efb8a56fcb6146993d50584716e713a4880726a2dacc446dec383d3f16b1e2f3888a414c83f0b633b3cbd87752e4d338764dcaedef96abdbf0","ssdeep":"3072:79zcwGUN94sY8YzaPnx1ll779zcwGUN94sY8YzaPnx1llX:JbBN9nQwZJbBN9nQwB","tlshash":"5ef3ef35d8d0aeda231c7be4d9051ac64bd1f0920022e9b6ef76709be8f4295f7d1836","first_seen":"2026-06-08T19:33:12.017045Z","last_seen":"2026-06-28T22:47:38.422449Z","times_seen":411,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/09m28z2r~.w8j.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.886Z","timestamp":1782644568886,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/09m28z2r~.w8j.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yZTk%2FyGn8Kjf79fCxeOnzRLcr3PUJBm6T4SEJ4oqkCkkg%2BObNvDRPzxTdvqIJDPWaHQUhA%2FFOKUEr3ZYAWUlmOsfa4zpYHNG1LaaTuT3avcwADn%2FR0Vxy0mhob%2BkPw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b89725699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15910,"size_decoded":6510,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15910), with no line terminators","md5":"295cb7b39a766115859fdd340bd5d661","sha1":"4f8bc00001417248ceee285064417928d803a6b5","sha256":"ec7bce2e98540116bb9d28db10d536e7080f5ddaa0857e69c61ed1be3eb349e2","sha512":"68efe9be524b8e18376d1e860d1005349b1f4a730ff580d5234cb768e006104667501bd4df92408b23368685d37bcaee494016ed18cd363cc1a939069a6493e1","ssdeep":"192:m6QqMOx4O2NbkLEOrd6kFJwiKDcyfKm4i5LEzCQ6aspmi+fQjgEzmQ:mqKZBaj6kFMJCm7Ezsasp/vP","tlshash":"2c62e8ad7155f0a10fa36465407f400bb33929b6286dc5e0e3a2ecf5a9b456ec133f6e","first_seen":"2026-06-08T19:33:12.049499Z","last_seen":"2026-06-28T22:47:38.391012Z","times_seen":412,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/api/mammoth/auth/check","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.504Z","timestamp":1782644569504,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /api/mammoth/auth/check HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://bavomex.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: application/json\r\ncontent-length: 38\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mvNjWYd1ZnJDv4M0IbjwhYDFvtFle3Z3eYjdrKgFbOEFFOykWq2hVz7J%2FgI4pJ67Kn95Ica3x0tDtsYfbgN30EtzBC7rjsYswe8E%2BL0nzLZ7MbwwKCMSimrTxFQm2w%3D%3D\"}]}\r\ncf-ray: a12c338f6e615699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":571,"mime_type":"application/json","magic":"JSON text data","md5":"aced0d4c1bf7b416bd8757e86c69b12e","sha1":"242609e9dc75daa64e55af8d8254cdc02722ee92","sha256":"831690950d50aa783757553ff7dce0e549b2bf0c29fcc850ee8ef7a7f6bb54fa","sha512":"8c854561d71566fbd9d1e18c91f1bd391cbedf2b2e8b52d84205d4f773f36b14bfd5d3ca2cba9f5a300b8d96b025ab3eee5d5e3a19985e78386e04584e24d0b3","ssdeep":"","tlshash":"8d80040115000173f4001144113c1d115c54533745410014fc7cd0c4c7530d53043c17","first_seen":"2025-09-13T11:18:32.558363Z","last_seen":"2026-06-29T14:42:30.146547Z","times_seen":17892,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/stats_pp.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.930Z","timestamp":1782644569930,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/stats_pp.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11582\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g1E2%2FRk2pJLtZQ%2BmpTh76u3U7Eqq9lEojavSRvzG4OeOeo4yGFBunqV1uCpYB1PouzqF0i4I1WZe9Id21peA%2BcGxCmIhfRgHENIDpjCm9OAtuxNP5%2F%2BWKjNJ%2FXXcMg%3D%3D\"}]}\r\ncf-ray: a12c339219a35699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11582,"size_decoded":12224,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1148x368, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c48dd0edef173e4054f47407473ce867","sha1":"381dcc8a414e38c75ffb6f89a8f205e72d9b83b2","sha256":"734212c805cf0d1ad7a310ba32e45aa2aa0736180f7ec931067c204b2fa34ebd","sha512":"99f01907ffcf0e035aca03ab996f9b45685f79122060e4478556d7e9a57acb3835b7f762dc8686fea224de6f32fe39297289703e7fdfbda7876b15581b6e08ec","ssdeep":"192:wP1Ch5P0vCAsstjTA5S100x+jJXSW5OQr4YhCOo49FesgHIm57hCHG/3KwjUWO7R:acsYsZTA5S20xML5OudCSeVPIGZUWER","tlshash":"f932d0db9c45b2ac54f7926b54f65382f6d44183e6e3ff3a0ba1142bad0cc2a8004dd3","first_seen":"2026-06-11T16:29:30.418475Z","last_seen":"2026-06-28T22:47:38.400074Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/es.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.159Z","timestamp":1782644570159,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/es.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uT2CDHBO36AfiXAwoxfUjdQo9JBqt0l6ihDboI2yT%2FQsMOf0XimfW6LbBrUrKlFacTpoxJRtc6zCCeREP7HFOshcO7JC0MdXa1sl0t%2F37%2Bo%2B6%2BbPFHJoz7h%2BHry8Kw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c33938b945699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":629,"size_decoded":989,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"a8224968196d0dd6d84e44c98093c280","sha1":"882b8a579de32e24e13e999b411abd814071cc2a","sha256":"f8cf69e4d0d285ff8e9be18f239b65e38fe1a235086a8daae53b1baa1e7a3557","sha512":"096da45f1e9c9fd020364a51f387110fe6b08969d607a52acd6acf7f01215e15ebb88c93484b7aef1392143f744ca491f8862151d5c4850ec8f7b9d4d419e870","ssdeep":"","tlshash":"bcf049c5743db18388098b742d6e70e6408e721b554814dd70079b28a3aa3df7ac2f6c","first_seen":"2023-04-17T16:03:39Z","last_seen":"2026-06-29T13:13:55.660337Z","times_seen":10928,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/155bi7ep2xvb5.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.889Z","timestamp":1782644568889,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/155bi7ep2xvb5.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GQ3MIUd8zeKXNif5wD3U5OUsPvVoMpeF%2BcOVMGAAR%2FT9Q18lhubn934eAdsAMv2HNhlEAFVlacV%2BImdrUaIYSXuT4nHhjpP2uksoHqefxnIv8FF%2BjtidBTSo9YSQEw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b997d5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":231723,"size_decoded":74641,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"10849f5c50fd247b8474e2fa814c102c","sha1":"29ec98a9b1d4011dc2915ee1f8e2647b5d5bf95c","sha256":"172af026257cc0c461fb8a91b872fc6a36615b13af56fe7203737bc181e0fc67","sha512":"8270248e1a353e9d5e53f5c5b698d97f75e6227b3f6c3d96b1c1647dd9d0414ebbe61ca93b2c11f3bf444fe6a1337150ed13593b1b2b46ee9ab21fe1a97d277d","ssdeep":"3072:t1wANU+dlIu9NMBzhtW+fYuJ1qci4fn4NHDShvOsN52TItb0:t1wAm+dlIunohHfUHD+FN52TItb0","tlshash":"c134fbe83955f6626ab302a710af1803b338252b280d4d60a351fd9db57845fb17bfde","first_seen":"2026-05-17T01:00:58.350766Z","last_seen":"2026-06-28T22:47:38.394445Z","times_seen":471,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/news/bg/soulja_boy_signs.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.973Z","timestamp":1782644569973,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/news/bg/soulja_boy_signs.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 218156\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D9maTnkz9szCViRwWSAj5mYsFfGJXJSUhSY%2FtDBsnYJSk4NC3XL9F%2BKdJGhyxjAdrucISV6nIJlhFQ3WLOA224LQGbK00YzLhHbO5rbBCIpBUbbVk2%2B6FEv01Lg0uQ%3D%3D\"}]}\r\ncf-ray: a12c33925a315699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":218156,"size_decoded":218793,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a13d510af36c4c6c4392d64ba20a53a2","sha1":"8201109eef3dd5e08ae7b5c1ec9a14f28a0e0aa3","sha256":"e161c9b5e5d6f57f428cde068a84a0c98661c5653da55be0e729a6146f3f785b","sha512":"38c5b0c16388d407fd0f7a0c71bb54b2f81a87c8f7449e55529b06f6bf537a8849f93e30819e3ca5fff164ddddcf6db3bdecdbf7d4da94f220b7e3a158a10a43","ssdeep":"6144:fnNZrHZ6LCwtOKTn+Zf3cr6K+E3aov4OBqfgS4Lff:LHZi5YKTnY0uEKCqfp4Lff","tlshash":"96242390ab0c7668f41f793d8d00944aac8d3ad827fde70bbec721715b91a9507a3387","first_seen":"2026-06-11T16:29:30.368321Z","last_seen":"2026-06-28T22:47:38.435036Z","times_seen":226,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/06jljm--ci~tu.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.904Z","timestamp":1782644568904,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/06jljm--ci~tu.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=viq9z8tKLPtI2oCsu2IO6UYpt8CXCTR%2FzyG5r2FR%2BIzbLPgWYoRHWVJD%2FN9ChywXEA6l4KsGrLDqayHWXAYzGmWtA8o85tN0hWXOSRNqqSeXzZ6Damlc5VlVO7I7uw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338ba99f5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5218,"size_decoded":2623,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5218), with no line terminators","md5":"aedfeefa1e80779099b9587ea3b1db29","sha1":"6a48447697ef6c01db549d36c6e38f1d20060ced","sha256":"1f315feaa50045554919b51284afb4ac2967751c6f67f84fe41687a3f01c55f8","sha512":"db2350c028befd1718dc036246f4541da89160807ba1159f058fcdf8d99e885a6b0eb8a266f3a7d35c64ce5938a06ebdf6b3a08a252b94c0b5e6ecf3710ed20b","ssdeep":"96:UXsY3Gv2/EP3DwgZA4b/WMJYBSaWHn5GdYLIa7sbc3DXTNDXTrv2P:UX33h8PDwgZNWMJYBbWo/a7sbc3DZDGP","tlshash":"0eb1c7b776c6fc70415685509837834bba182e37309eb0d497eaccda327ce4a85d1f9a","first_seen":"2026-05-18T06:46:56.921829Z","last_seen":"2026-06-28T22:47:38.427977Z","times_seen":414,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/footer/gcb.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.814Z","timestamp":1782644569814,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/footer/gcb.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J%2FmkMC2%2BM5ssM%2FKTKwnpotA%2BkzzK7wuj6XkA1VFZbPWUwNKPM%2B2FWAXOs5rM9vKttNk1TtTHVWuYKB1zAToKWN%2BJw3F8XkGXcBtpT%2BPRKsxCBPzKi%2FCEwDjQFUaMtA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339158a15699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17387,"size_decoded":5530,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"3ab213188845bd9dc6affb0063e46882","sha1":"a202aadc312b2e1dda1ce62c2e306d54c00df38e","sha256":"5084d91da49963d53fe53102127101bcb9b146611896ac7c59caf25099ccca87","sha512":"321675bfcd9ec0d8e7735196270da774161c5ec86a2ece62092b012a66b9eb51cdbe318b69cd732f9bd5f93743bfb60fce81791aa0615baf96715554d1018825","ssdeep":"384:/U2I2gjDtY+kkcVTLd8JVswOpgplLmvvKU8U+kkxY0lRtodEpjzPgtSHzLL:c2BgQTVTLUswxHavKy8lIdEZjgsX","tlshash":"ed72944ad3f87288f042e3b091ea18397f775de67e12d91563ec1c66cbd500c98b98a7","first_seen":"2026-06-11T16:29:30.43945Z","last_seen":"2026-06-28T22:47:38.49228Z","times_seen":226,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0.tq3hqv052nt.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.891Z","timestamp":1782644568891,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0.tq3hqv052nt.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sJgw6ry8FbETV04VxiDiuUTEW0BTO2%2FnbV71FwsdaQo36YK2GnjPDnuk7ib6okpdwsrx2w7YTeFScZD%2BB8svwIspRY1bj5c9gQH8%2FBWlRQtbAybsOMN69TqleSKSLg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b997f5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144579,"size_decoded":40735,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3dc8cb2a59489c1561ab34843f6ea999","sha1":"5af3abb3d1dbb398bb131d6cc4976c6df6113a9e","sha256":"07b5b0a411a49989495c74530e109e477f9342b2dbf476217bfff08e0be0af3e","sha512":"5b14c7c64ba184c60488cb10d5096482538946ccda7801ecdffbec8c2b2cc70394be8baf3924aa04b70b00963afff814b388e8429a9f2bf476ef3c381da6c289","ssdeep":"3072:pbPzjb93YLLBpqE2O4dwg1ZoIUtQJ0aqMuB:pbPzjb93YLLBpT2O4Og1Zit2qMuB","tlshash":"8be3e6f935d1f88207ab50a6c03f0006f22c4d77189e6860e3e5ddda756465de2b3faa","first_seen":"2026-06-08T19:33:12.034645Z","last_seen":"2026-06-28T22:47:38.404914Z","times_seen":411,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/favicons/mainDSGN.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.327Z","timestamp":1782644569327,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/favicons/mainDSGN.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 210\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AuD9oLcBEiOV4dHOvDA%2B%2BXs3BmWv8smyvrQ2yxkaTGPmyavknibioMVm82ZnjE6VsBpbq1IBWSVRbXC6FlwpCYp2uqZwxAphrKgRYcqoFTVAc0nkFDsGdos6QVqp6A%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 10:59:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338e4d185699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3381,"size_decoded":2301,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"85832dd14b68f7c185518b9cae58dc90","sha1":"44e6994187000a898e560adedd361312cf4bbb72","sha256":"10e29cdd99c910ab70fe5f32761698fdd78b1d3b9b7e7285b111d0e31e1b4011","sha512":"815b88cd18486371daca030e646adca4ad91a1bf7ce7a3c365cc9ea39c3d6cf5a6cddc311c3dccaf18f131f83d7aaeae18a18f4023e7a898e16142ad00da8b4b","ssdeep":"","tlshash":"30615199d7eab9ece205e3f48b1684347ba224ab6621c1ad37cc6d82ef4544c04d34e3","first_seen":"2026-06-08T19:33:12.024795Z","last_seen":"2026-06-28T22:47:38.388901Z","times_seen":410,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/avatars/14.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.793Z","timestamp":1782644569793,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/avatars/14.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17240\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8EMZof%2BOGYCRKWtMYUTjprlgFtRTmhT9HIzEQhj6qMlx%2BwfQ8O3o420ZYukmAxk7rP%2BvgJohJgdy1d7HlGogMJBZdlNin%2BSqk7l%2BBZXiTdi3Qrs4pYLOJEvoy77ubQ%3D%3D\"}]}\r\ncf-ray: a12c339138785699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17240,"size_decoded":17880,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 256x256, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9247d3c672f654dac24b345879ac9495","sha1":"da265cf72c1f4ca85353b29384403b7247eedc6a","sha256":"1e8b1df4869e1058e4165d6354c6920463b7e2e77ca1d54193dea9262e2a4937","sha512":"d7e49769e3b267883659334ec12f74cb6fd24f15c3fb4c3a94005b330f066329453f645aab55ef460401c18e4c23672c597b0d287affd844f58f99089f7eb749","ssdeep":"384:odpxH+3G9sC7tqft6K6aOamvb/qSBMG6o9RWgOl8jsY62PkKM8j:od7aG9t7tY6bdhvLZ1XkgO4s72sKM8j","tlshash":"9a72e1f852ceb0a1830eee53c33b17c9ef661c4d2365d652a7c8d3a93c3150b1b95980","first_seen":"2026-06-11T16:29:30.477099Z","last_seen":"2026-06-28T22:47:38.451395Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/footer/itech.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.815Z","timestamp":1782644569815,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/footer/itech.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=grn2IkURp82ggwKKUOpvxUCS7YNdMW3GZ9ko8nNDAbeu%2F8YDgpGAT6Yyi5Sx%2B1K%2Fv8yvhJi0jX%2FCym8Em3TaU4d85ifH7suJPl4yrfkFBmTe4nYaDFxLbM1eWpiWpw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339158a45699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8325,"size_decoded":3810,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"37b48b1ab7341e74566813042531fe3d","sha1":"39417b326f1d1170d5a4f4a40470f69ab0c7b5d2","sha256":"3c559199758536a29f74510194ab97dbf746df8d1e765a5b4463c0b48e42e38a","sha512":"ec946a31713094cdb1bb0fb05da10ae5bc4aa513705ee8556094de78beca4bdfbe15428e4806341d2125d68db2f028dd41eff6410abf1d4c33b6707ae9dba730","ssdeep":"192:nShD/u/vXqN4PHB7dgtWq2sk0uFSfnGfl:q/u/vZhcWqWFWyl","tlshash":"930296d463f4a3d4e00af7e846a958317e6229fa7f51d405b79e5ea5db1008c4ccacd3","first_seen":"2026-06-11T16:29:30.465987Z","last_seen":"2026-06-28T22:47:38.398068Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/news/bg/deposit_trust_wallet.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.968Z","timestamp":1782644569968,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/news/bg/deposit_trust_wallet.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 167850\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r8QhFzZNK0ObhMudSGiKc97jC1nB0sv9UUA5Rxp%2B0Brd1%2F7muUcUWnKdYCqbto5dES8EbmkpGuJSk97cnxR%2BuH%2BMnhjDKJFwbt%2FW4q0beO5ehp2wGqMRNpbpvlRbAQ%3D%3D\"}]}\r\ncf-ray: a12c33925a1e5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":167850,"size_decoded":168491,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"225e969483f818dca3354362a7d1d4ed","sha1":"bb6e2de06412750109788350768ac7ec55287eb9","sha256":"ca3c7d2c9cfa66e9c33635a85da839d378564c31fddfc01378b658a86525f917","sha512":"3d5f9bc2f34fd84463f48f633b3103cb0ee62276122f0c05742f0565b8a7babf259b4cadabfedbab56c2047afba10c0551b75e1aee36018fe8f1433a1bccdcc3","ssdeep":"3072:aHB5SWaFCX6fm0o/0HeiLtWhDt6EMsfSHqRNigcclgvRtXbw1BW3r/GIL7yeBptY:aPSxCXUoyUhDPt0lc+v3bw23DVLhpkQK","tlshash":"baf313f76bce876bf52a4df107885add89133d224c6b782c46846b7e8b0e6c55f48034","first_seen":"2026-06-11T16:29:30.37885Z","last_seen":"2026-06-28T22:47:38.386695Z","times_seen":225,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T11:02:44.549Z","timestamp":1782644564549,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1TmQ7BX6WBsVSVG6%2FTn%2F7MloQMO1JSzedrReHbVbeNRXAIk71bH7QXptUIgn0fpq3ZzB%2FRAqwHYb5gqdykIQ%2BJkwvV%2BLLyU13UrKfxvPsD3Zhx7rKlT%2BavV6gVgJ2g%3D%3D\"}]}\r\ncontent-encoding: zstd\r\ncf-ray: a12c33899e395699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14298,"size_decoded":3508,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (14298), with no line terminators","md5":"ce9efab2789c482b3c49ed83b2889cb3","sha1":"7314a58dabba208bd37e1005663654071d9cd73d","sha256":"1ea0246cb5fd491f0b238ab79105f1a8b91c805b573a8908fd1ac494259767b0","sha512":"29225df9ed98fff687b61bfafab560a1efa799ab232c96d0cde3dd1a339003216812af54b5ab0813d83e2e5c96bc412bfc37cf8924289605e86a9674ab34fa0a","ssdeep":"192:a5RBOBeBXUOj/rX1g1QAMl1z1PnvTfSpGB913MCe6z1f10M131Zo6igWc8D5uhy:a5G2EOjjrAYvXjWd5uA","tlshash":"cd52d21fac09ee069c35ed5e117e9e3a44cdcd3b8774c9a8e28dcd8d06129b617d8d81","first_seen":"2026-06-28T11:00:53.685565Z","last_seen":"2026-06-28T11:03:20.76899Z","times_seen":2,"resource_available":true,"data":null}},"time_used":4083,"timings":{"blocked":-1,"dns":4004,"connect":1,"send":0,"wait":60,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/our_team_high_bg.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.952Z","timestamp":1782644569952,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/our_team_high_bg.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 93848\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2wydboD61XcvrBqx%2FszN5xi38MIIeO8vvtb4gwhx4SxAW7Rt0kVLnWdJIaQ79LW%2BaOse6s4EAgYpllIqC5RkgMPxWrIm5xYNWU9%2FY6myA7OTtAYPvwwWRITS%2B59LXg%3D%3D\"}]}\r\ncf-ray: a12c339239e85699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93848,"size_decoded":94486,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"da26e203a963ca959f04d3381967a5d9","sha1":"7facaf89035236c2bbb4a8dcfc9121f380f7e352","sha256":"72e4fda7d82f7afdc8d18945349833d625df1c81db5358c328cde9a0c60d8e0c","sha512":"8cdb3140314edf494a98350851b45a60df5862dd67ec49ae7036391a022129c131c349f0b74f89b35e989af297e439937be325c5d45731230de8ff331fbda2e3","ssdeep":"1536:x8dAKOnFOSweAPh1IdJexOU9ImJ4dUQ18Fqg+bjM6Ap1znpgW/PRytRSl6inCMK3:x8d7OnFAPhmUym48FqxbI6ALeW/PYcV2","tlshash":"53931288a925a70ea450cf24bdf81d77d21018d55336ac35d829aefb633983d3d3e10e","first_seen":"2026-06-11T16:29:30.431661Z","last_seen":"2026-06-28T22:47:38.450306Z","times_seen":226,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/04dt9~~_c8v5s.css","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.877Z","timestamp":1782644568877,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/04dt9~~_c8v5s.css HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rjK%2F8TAPtSBBlJbv7DhuHE9dy0At%2FmFV8MezWX6Yp69pFBQNIDCWpki6kDQIORgihJG03ZwBa7svmwbTPFzsJAJIEgJ6JJHBVQrVRV59tbJn4JeQci1a5jPpvSJTKA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b795f5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1177,"size_decoded":1185,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1015)","md5":"bac1111d09f9a0f42404623dd069ddea","sha1":"f7cc20ddbdb329ebe208bd169d40661cba6b9117","sha256":"0405a6a453e6e719d9a1bc04e8010bd99ef5675b77c44ea576f0c5f44d402804","sha512":"7731b68d75610f8113242cb3b3438d767dc05e8183ff8cabc646b69e580fd6c66877e7884c9e6ee108cac21921941bafb005091c0f9f1900ad4262fac871b429","ssdeep":"","tlshash":"0721cd9ca1a4a0b3b4a39b6932dabf7c4829dd82cb460faa6550735143c19f22132735","first_seen":"2026-06-08T19:33:12.053974Z","last_seen":"2026-06-28T22:47:38.424501Z","times_seen":412,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/header/logo.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.908Z","timestamp":1782644569908,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/header/logo.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0tjlo5.08~sm_.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OWjh0%2BQW4Lwqf4kNHgDj8zoy0uLHcRZItL05XoAKjZehxjHPf1uSwck4Hu1cbBI53S1I36apN1ZmixXIe9wf8XpKvNMPjlxVxe9OSLWAWUpF4qEGzu3mpHL5PZgrYg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3391f9615699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5351,"size_decoded":3192,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"d7cd8403556a0604d03c1bd2fc6dce23","sha1":"d3003125b31877017ea94c9d777bffa93c5272bc","sha256":"01bb2e13fbcc85f27f3150b986281479ce902a3cb8d46ccf93608eadbe726e81","sha512":"c96e75a403aa8f49ffae539cd763cefbb7c4eda1c5f361aa9e4639342e3fd27004663b55ff4d7eaf32ee329ef288344199956556780aeb88be1826b234124290","ssdeep":"96:p+IA46zCbD2QgGzITaBf9UiMzCCyNK+STEl/xVThy0W0BbUHrHVn:D7z3rBftMbyNK+Sc/3hy0b4zt","tlshash":"43b18298a3b4a2fcf84473e4d23288703e921cf525029658d3e95c95ce7655d08f68df","first_seen":"2026-06-11T16:29:30.441022Z","last_seen":"2026-06-28T22:47:38.454528Z","times_seen":226,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/card_bg.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.923Z","timestamp":1782644569923,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/card_bg.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/090a6r7kb8eqn.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 111180\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L2mRVPvC%2Bduo7362mp76lBNqM%2FwDTqmfB5kZY0e2EFo4U%2F5p25dJ7vWZ1QRaBINOuoNP6CwLAEOhEfUUXSqL6eiXc8KEwOVuSSEDaZCypvf%2FpEuG9BsfCTOzbNXIWQ%3D%3D\"}]}\r\ncf-ray: a12c3392098e5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111180,"size_decoded":111819,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"db2e3af305e77f6720659c1d01a16e85","sha1":"e30f7b5ec2d586e9c4d5b4b594051a47b390a5fa","sha256":"9cda8ca81683c230eebf0deafc4876f44a6c72cbbcbdb1c32ff7171d55c5a24a","sha512":"f4798d12c1fd354ad515123aa0b25f69c0abba4d5e6a3196bac3320f75c1537844b750163a0267f22862a7b618c91e7f8727bdebfe2b572409c702c881f12b35","ssdeep":"3072:pY+41CSOfT1eLc+GQCxPdMt4VOCzBWVHj0vfgo:K1HCTeViswzBcDEoo","tlshash":"62b312403c437e4789cf05aa7799c5cfc41a039f21567298b0639e2440a9b92aefdb7f","first_seen":"2026-06-11T16:29:30.377673Z","last_seen":"2026-06-28T22:47:38.457939Z","times_seen":226,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/blockchain_com_bg.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.950Z","timestamp":1782644569950,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/blockchain_com_bg.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/090a6r7kb8eqn.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tvqROSVL4QHrOsjCenlVgdr1nicvdz18uATEMRDf7E5Bl%2Ffg1NG97NP8O4BI2TnEfay%2BKkbMvlK%2BuW2oM9chIYyr3jsoPjwsRkXB39r81IokpCquUcNGfSmeACd2ow%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339239e55699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1075,"size_decoded":1166,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"ff97edbef47e18dc68ee4076de443ab5","sha1":"ff442cd78e77df89ae19e6c77e2e6ca574aad043","sha256":"1f4b9adc8ad5ec895c593bc45b06971efa3f1873f87ac0974b3a5f150313becd","sha512":"aeb8c2f9f7bc40548838a0afd51a7f3152c529ca2752fdaa7181a1d013b02db1841e370f48eb6776a5ba9e2dcedf9179a0bd63a1b8722faeaa8e143a95c24ee8","ssdeep":"","tlshash":"921112fd62f891b08e006f40af19952a9f5121d74f54003cfaec6f487f4c5ab5d529c4","first_seen":"2026-06-11T16:29:30.325203Z","last_seen":"2026-06-28T22:47:38.386132Z","times_seen":226,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0pui-sg~t8d6m.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.066Z","timestamp":1782644570066,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0pui-sg~t8d6m.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yw7%2Fj1gToSuruDHQN%2FUV90auT3Ow%2BEoK7SxYp0SDAob7WEfo8Tudog%2ByHe%2Fz2MsZdLVT%2BVLB%2FBelfBy%2Fr7Y%2FqKzv3dN5T5PC8GUmQc5IG0lNIdKAnR3pqxp%2FmFpF9Q%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3392eade5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3259,"size_decoded":1828,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3239), with no line terminators","md5":"84d46429db8f13524085bf5cb4043f4e","sha1":"c8639b27a2d4c5c0ff179b54e803f38b579cff38","sha256":"d5a55ce3f19056582492201fac7b6a73fb75943a6e08c7549d08d639c1364276","sha512":"83647e3eb8526db32d31c08df7e661e8c36c3f5fb550e0edd6abf88b9eca9a1f6c52f01dbd68aaa0d69034f6c577be866362346c8c03f5c9003d9bc1f47d987a","ssdeep":"","tlshash":"8b611066524923f53f322a4c203fdc9e510ab21cc6464cf5261584bd27abf91b8a7fcd","first_seen":"2026-06-11T16:29:30.36988Z","last_seen":"2026-06-28T22:47:38.440684Z","times_seen":226,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/awards_clover_bg.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.957Z","timestamp":1782644569957,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/awards_clover_bg.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0oWoZCbQXITDwcP%2BHJ0Cuj8nkE%2Bvs0Wi97zq0IJZ%2FYexFEv4AblG0tP8qn7EJxLVzmV3jJzjCXCp2e4ys6r5c%2BciipVllorAg3Bo9na5QCRrwf5XivZa%2FLWUW8Palw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339239fb5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5437,"size_decoded":3283,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"a4fa9781759c6ec7bf6c679e335fa44c","sha1":"712fb2853f872b1326b23c3be0eccd7f774f353f","sha256":"5e825c9fa9a47ff20aaa82885912db5ab5b0bd7375be4cd8ca1fc407caf67f54","sha512":"bac661f04aa1991f5439d8103a32e445957bd2f2cc1d5bbbdaa376e4ce35e298ed36276873b821b05862d615094cae4ee558e8e83bc45a2cca1b5768378afb2c","ssdeep":"96:8n+TQmX0HdE8Eo3OVDgITAXJPzLqKq0GuH+5GDOwsjl:BdX09+o3SDSXJ7pe5GDGJ","tlshash":"74b1d8cc23b046f9f84bf7ecc6269890bd4320ae7590de78c27d6e405b51c644e99cc2","first_seen":"2026-06-11T16:29:30.353764Z","last_seen":"2026-06-28T22:47:38.402628Z","times_seen":226,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.168Z","timestamp":1782644569168,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 28 Jun 2026 11:02:49 GMT\r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4887,"size_decoded":1390,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3fd96ba77783845730c343cf00ac7a93","sha1":"bc4f7f4f71aeae387232155c55c4f031c5f3f769","sha256":"27b95b2fcbc857ba25f7e5a707c5c4c06c5cf93415519b7669c19f4045edca37","sha512":"20b137cf9c61842c7bad62dd6c36125833022552379ad97324dbee2c2e9cb0303b17a9aee813ea2bcdbb68541c8c6edbfecfcfb2858cf27c2cff480d756d80cd","ssdeep":"96:aYg4aMzqYg4aybFZHYg4agkYg4aUJ3vYg4aERYg4aYGJc+uTYg4aR6NDO4a3qO4L:vywfydyGy63gy/yFVyR73xpmj3U8fHN","tlshash":"37a1ed91006f9104ea431dd627cf7e32ad8e51956082e27d6ffd2dca6cdbd23122874c","first_seen":"2025-09-10T21:50:06.177565Z","last_seen":"2026-06-29T14:16:16.283848Z","times_seen":18255,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":15,"send":0,"wait":34,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/gb.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.807Z","timestamp":1782644569807,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/gb.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qmd9Me4ZYfnhGcvVQEM2v5kg02C4xPdf1DCFRdPQMnh7CIX0Ogn8OXJMaI0otowVngHEHNFugK33DFrEAdgwbJvfTuvkv5Fl0KjoJZRRlCEB%2BQUR%2FLCvgA4do7%2FwCg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339148945699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1183,"size_decoded":1311,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"99a9e5571c2f5acd9cb910ce6a3f39a6","sha1":"876935939a01dae371583220f75bef15b5185c68","sha256":"5ff2f32ed6905d887f7d771029c1e65b1ef059e92260b548908cabb4e886bf19","sha512":"14cfeeacd8e2f9b67bf2e1f5b2823a98fc60854fca5afd0b10be72ad647ffd38aa4058188451c98e2045628706f0b84dcad508fa901ce146705102fed962de1a","ssdeep":"","tlshash":"ea2163c84370b5c059a74fba9f28a2dc924925f9ddc96ecd10be0538445ff5ed01f009","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-29T13:13:55.671975Z","times_seen":11183,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/footer/support.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.809Z","timestamp":1782644569809,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/footer/support.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34946\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nE0SqDvagoHnRZzLagBfEWny1H0faDaF6Jbb99Yggc3r1aycQDcKz2j5gT%2BeNHKWY64eo5u5yqDxAHWsB26b595sr1wuwUmjwBSHYvZvGfdmq0nbN%2BIaYQ5hjmwikQ%3D%3D\"}]}\r\ncf-ray: a12c339158975699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34946,"size_decoded":35580,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"202f2a8b798bdc5cb240937e8754db7a","sha1":"385f065b95c8a2bb6f3da5c67c5326958eb5c5fe","sha256":"03295f609d175a94ace1bb5072f01709c82893eb043a8f75b9e799a68c18d781","sha512":"d9b9cd7afc68c6ab3e08dec25b5d3a33bab5faca4ab460fff0a0411e3226c2a4b129d3c8dcaa882c0e629e77695cb9cdb183b8b35b59d762609d09a14b2cef7b","ssdeep":"768:SOhFhqbBi1I+eZhbNyhsHHdci9Z6/uHA0zOsQOd0K5ROyA:SOhYBi2+eZpHHqiwcHd0AIt","tlshash":"fff201a5593ba5e1fc03d18655875eafade3043b2aed9890e321cdcf846e2d60a103d9","first_seen":"2026-06-11T16:29:30.328385Z","last_seen":"2026-06-28T22:47:38.448532Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/stats_r.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.928Z","timestamp":1782644569928,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/stats_r.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10416\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TzmEMySKb%2BFAI95RhG6WstLAbrtLDA%2FGN%2Br%2BMbyAmmb32n7ZSZOcCPKbtxuxhacGj9OdrmZ7%2BkJ7qc5tzEXlejf3MLamWIa6Hqrm8EvEP5eTgXYPbNDO1H89vYZP%2Bg%3D%3D\"}]}\r\ncf-ray: a12c3392099f5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10416,"size_decoded":11058,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1148x368, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1aee5ce794458ed72894690fec0092c1","sha1":"3aaee33264692d25a25d94df20713990c9be70b2","sha256":"a5f6bd4de41805765c9b57607e459e944c92b584f23267623e1060bf5c076cb4","sha512":"f89f112021d3756829843f43d569fcbda0446634c1be804f7337ae9f32da23030cb65b3b41922becae3731617a85408b19b6a85ed7939c33d9d97f095e430414","ssdeep":"192:mb4n39dybzXdJEsnFevnpss4MI6bc8eTXaUBzLtqTmzHzftd7su1CrdBp:2Id233nop7HbmqGntG0sp","tlshash":"fe22b08efd75e007cb0e765ea6b023c27c612c65521e6ef8059815ee5274901cf87da9","first_seen":"2026-06-11T16:29:30.333176Z","last_seen":"2026-06-28T22:47:38.423384Z","times_seen":226,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/jp.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.180Z","timestamp":1782644570180,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/jp.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mooXu8MffwsQo3%2FZJKzzs%2FjcmMGJV8q3aG4AH0WViDHVgRRaG3E4lr4dfD4VCAtaWV4eI33q5%2BIqOjM7GsYfQtXqMiZsTdh8zBicb2xnricox6C%2FNPcOnG%2BdaenLwg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3393abbc5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":234,"size_decoded":821,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"3a58d8e5d92ed893921b644bebb7cc3e","sha1":"66489712a0cfaa93876ebc7168a32c729fcec066","sha256":"b964f3dd88f2596555a34c7ca3dc575aa061fa455256f0bcbfffaa62ee771c7b","sha512":"b88069e21cfaf5612503a845e79d159b57a71dabf3ce4b25e917dd3348f6371dbcd18469f426b8f9e4c19adcfe5f1b3c33547f8df1144f397fe0b325283ae406","ssdeep":"","tlshash":"a4d0a7a4d169d9c64810cda83eaa32c1554e53373645226bf0477b18e4cd6ef3245b78","first_seen":"2023-04-13T03:03:27Z","last_seen":"2026-06-29T14:36:59.425878Z","times_seen":2974,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0gtqnwqp2jd2_.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.474Z","timestamp":1782644569474,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0gtqnwqp2jd2_.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bUVzumUUgn3VWJOrRH9LRwfXyiKuxZKpr7uNLl46RcoScEmC5hJ0i53eVpvI2MeKMztL2eXH8CaBXgCqTXJ4bAWE2x5%2BcIzYru%2FwDjI1j1EYyBocAAua1s5LowQXjA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338f3e385699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118151,"size_decoded":34738,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65510), with no line terminators","md5":"fbcb0a523d301ba7e15c269d3a124232","sha1":"fd263d422ba3e2f5182f6a75b8a96fa1d3ed4112","sha256":"96fc85ad0a723d02940ba6592f17047ebd25055c1fc7e4fe0b171ab0a8b1cb10","sha512":"f9b75df2b08996a17fd9a03d7107a02c50487bddd3fc081e685f5400206f13692a054c49917a6a720ab7e70797d72a6a4e4dea29ccf7f320431daf86a5d421c8","ssdeep":"1536:c5gCTP3oPWPyx34NhAG2CGpDWLmLFCKxgogH69pca719HnZh57+rzDgdjruQ8CpS:o//PyxoN/Lex1gH6JRRwDXwpVol","tlshash":"72b31a17d24423f217512695740f69c8b3bee9c41b62946cbd99803d23ac9e8b1b7fec","first_seen":"2026-06-17T18:29:29.90313Z","last_seen":"2026-06-28T22:47:38.399063Z","times_seen":289,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/question_avatars.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.804Z","timestamp":1782644569804,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/question_avatars.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 24984\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QxWvO4vL115taRNm37PLDGe7dWiHHvMB2BHiKzG7k3keYS5zhz76mvkOQOStRcftI5SUMVQWqzeUF6c25g4Q40ATooNDKb1vK37p4x1U2RU%2BkYY586ZEEOnBqbje%2Bw%3D%3D\"}]}\r\ncf-ray: a12c339148915699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24984,"size_decoded":25618,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7bd85693bd4c6da5f612f785afb8de73","sha1":"0ce6ecc58dff55e1b61af0b6168cda3bd392fc00","sha256":"92497222e97d4f34bdb036bef4d8e2b24f01f49f0c9ec7c417bb4438bba717a7","sha512":"c4f385a9efbe52c7bc6eeb7fb78680d1319e69fa1265db8bf730ce0ca1edd5e477508e11f971084130c9ef52fb9bf3332ec882c862b2183cfe0b94faa9561dcf","ssdeep":"384:iGkEqyzckbAPMLvFiiQiz6ZZSlmsZhWJJyJwKCOj91x7EdojuDnbI:+NkMPUvHQizoSlNZhWJU1COj91xQOuY","tlshash":"60b2e1717dfda71a0c0d68ec1bc41a2e4dad184dcac9b460e43cf3e589711220ba722f","first_seen":"2026-06-11T16:29:30.481618Z","last_seen":"2026-06-28T22:47:38.489213Z","times_seen":226,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/awards_bg1.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.953Z","timestamp":1782644569953,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/awards_bg1.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 128038\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QA%2F2qS%2FlPcofo3ex8bNGABcNTqulZf9NcP%2Bp0ZBSGj5NQDlPCRKNnNn676JkyOrZrg07402Zw4i%2BdGygU5PN66znAxTglb2Y2aaLNnVt6VCMTmJcVyjs%2F6cI7n%2BKbQ%3D%3D\"}]}\r\ncf-ray: a12c339239ed5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":128038,"size_decoded":128681,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2600x920, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c94deed18f9ed0ba3649ca3519515f00","sha1":"81f5f1f37fa8c5af7c1f385bf98db7716d952ef3","sha256":"f6edab4f36621cc68d052e76d1654377b18df5b8d8dd33a051c48144a7315925","sha512":"45d19b92282c2586b5cede10bf489bfe52c673ac9ce9024115f4580b230ea2e44f58d9831b2724a9fe0dcf653532e3b64e2fda30b9ce166b3548d00a70888849","ssdeep":"3072:53fIUSJ6zGiRGaeUnjBo8ZnGQFtkdOo/8N:RfIxJideUj3tF6Z8N","tlshash":"3ec312062c71565cd21fbf78cbc787f9256c38b6c28621ee13da0f6c16b49ee118187a","first_seen":"2026-06-11T16:29:30.425717Z","last_seen":"2026-06-28T22:47:38.447496Z","times_seen":226,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/sigma_eurasia.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.791Z","timestamp":1782644569791,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/sigma_eurasia.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6306\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IS1DDbeJsnl7sibhc6KFNIcWgQHJzl1ZAJSB81qNA%2F1DUFLIjWcSb7iZC%2B85HP5%2BquXFIHYpdaBwDYwBRkX7vKdst3VpiQFJLC2hZH%2BsUFT4xJMwZf3zJc9o2N8Ggw%3D%3D\"}]}\r\ncf-ray: a12c339138765699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6306,"size_decoded":6943,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"31a0779e7eeeaf9075e4e998388388ce","sha1":"f0f79ff9a252705eaba28f1608a706f7ecbcc3ac","sha256":"c90ee2288f068762f1d7618f7e1c8dfe0278bd94f4712a9d2fe24ed2d733daa6","sha512":"a9edc460b83634e4224bb0b3a9facf92795c8c90698ebbb1d72ff2917210f5b169903b94a308c079922d851277f482c0abc69b90c32b68a80c881482d3202e4f","ssdeep":"96:kAJKEVj9Yh8eyK1LFIc+zh1ypZXwOR5swetc+J4bMW/yWpeqoACbhV86IFj6/dNZ:tJfVBSqbZzhwpZgnkJ7xby8Fjmd4DXu","tlshash":"35d19e43920d598c74ad7dff3ac826b72114ea1041528ee68e610fb716e58c8edeef14","first_seen":"2026-06-11T16:29:30.41704Z","last_seen":"2026-06-28T22:47:38.447018Z","times_seen":226,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/exclusive_bg.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.965Z","timestamp":1782644569965,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/exclusive_bg.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0tjlo5.08~sm_.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KjBIfr0jjgF6Vv%2FfILx87PWDS86VzFfsVx8zGkV5E0agr3JydERIwKVInCUWVsBCUeO6NSW9m4CVAFNxSVTrM6lVQMjRI1%2FFngYJ40R2ny6IQj%2BLFFQWbVl8tGIdww%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c33924a075699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7637,"size_decoded":2753,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"7afe46a3bb87300150b61c1bd8f8bcf3","sha1":"0cfdc61c6eed5d8ab3b925c5e832c524971caa05","sha256":"272f7cd03fc21cb9f4c351b9e2ee368ab0eefe2279eec02ec61c368f2c70cfef","sha512":"3a3e873e5d78055597f3dc2d242675765e0902de6c0b6f5933355bf7fc211124f30efb0d3df19ffebdaedd07d3789adc96ca3ccb8ad38c5a986a66d422c26286","ssdeep":"192:4irBD5HjDxKTCLxT6irBD5HjDxKTCLxTT:9ldjD0qlldjD0qV","tlshash":"acf1a3ee5bb86ef08ec8c3dbff15449c380984bb4a948918d79c5e492f61d58dc19a83","first_seen":"2026-06-11T16:29:30.367498Z","last_seen":"2026-06-28T22:47:38.403208Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/fr.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.168Z","timestamp":1782644570168,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/fr.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m9TNlUB0V%2B%2BdBCqPes81Ek4sJiFayMFBhFt2YLG8W6O9fGellaBFv0hnPHfLEp81GyF%2FIg9zcvW1LbyQIuaVcQUxM7WDhGtz4QzWa2J%2BMztHm4fVGoTFFp1wsUeKUw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c33939ba75699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":828,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"c1a36c711f0ae0ab46c7dce06f63a723","sha1":"5cff6743ac6eed2912288bacd35c363a2d586d18","sha256":"861059eae96aea4c38466209edfad68fbd84ada37bae4ccac92d03011046a524","sha512":"e8d4869bd8d77613770a36de15c23dfade7a3bf3a465c4a6c79be55d9d6660874b5cbb60e631f04964840d3b4d736ceb25f31b30779e8d5ec64023f8e855cdeb","ssdeep":"","tlshash":"f0d02b9dd07de0c448138b703fde31c1418a6326364600dab047272861cc3ef7e40f04","first_seen":"2023-04-07T23:46:38Z","last_seen":"2026-06-29T13:13:55.722793Z","times_seen":10946,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/turbopack-0ecgschtaudos.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.893Z","timestamp":1782644568893,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/turbopack-0ecgschtaudos.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NKHqzEGBPAShxNCoanj1MzIBcRftX4S5YCKchTbG6vVeMh7hN%2BGsGslcFK9KrbxczKtco13ZV7O4robTskD1329%2BJjHJ5TFGvuZJ0N2ouXzD1oYCUpjQgY33OLJjRA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b99845699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10581,"size_decoded":4991,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10581), with no line terminators","md5":"6ba2cb91d34ea9e9369784ebe9af4389","sha1":"384f6cf4bd44ee8abdfd3c2b3239164fd7d59351","sha256":"54a5acf97d9eae9f3ec52b7fa09d3b076f41747ab972ea5c3a84d6ac1cc71439","sha512":"c7e178c33990e900f1d7720cea3451698680da7947b01a43114f47f2ed2c308964cd3f024a682e9937d87485ac64f3e708048a435e3bbbdaeef1641c78a0dc62","ssdeep":"192:z4gMFB683Esgdo2YE0hBG/lhjTNWn+S3sBT4fCT3cXXqroor2:z4gMFVgOQ/lHW+ssqCTMKA","tlshash":"8622c8da37a6f07343af94e7906b4004f17d84a9145d141cd3aca8eb2c394ae85e7f76","first_seen":"2026-06-08T19:33:12.036767Z","last_seen":"2026-06-28T22:47:38.474602Z","times_seen":412,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/footer/bottom.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.812Z","timestamp":1782644569812,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/footer/bottom.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13322\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=11TcxAs1uu7WZKDnoiSm84%2BXE1n%2BzZgXjLXIln82P0psnldgtWs2frGKMhqrndkolbyo1Od6Gbn%2BxEh6hnjmIm9c07mjAkw0F4%2B6ggS15aEeYrZt560SN3LIdpFcrg%3D%3D\"}]}\r\ncf-ray: a12c3391589b5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13322,"size_decoded":13960,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"dc541c590c2cbf78acc4490b92b10fab","sha1":"4da2aa03a7d1b9865cc83f0785cfbd58a7fa25a5","sha256":"afb65c3b8249c16259f860330cfc595324e7034171e6e7762d1e9864c551b69b","sha512":"5e5a13d15f4867a88370eb1aa58e6e2b6223b90f6425c75d92a7f1b2b612a93075994ee91f5d7ac142b3a163c3ef434ad4c135c2e5befd33b2d438e260af985e","ssdeep":"384:Zb1r/497WNQ9Ewe76MQ1rmBHSLDp2rMHtqblWiLTgQH:B1D49CNyKQ1rm1SLDskMBhgu","tlshash":"2252cfaa63f1142e054d997e1b2a14cdd8e13ec21ffdae52b8ca1c27483752f215b322","first_seen":"2026-06-11T16:29:30.389839Z","last_seen":"2026-06-28T22:47:38.399547Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/about/get_bg.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.933Z","timestamp":1782644569933,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/about/get_bg.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/0fghvi7vx5udo.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2726\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o%2BJcP%2BIhAGEbbqyA%2FBvqAjZvy3sXo9lGhsRNkpFSmI%2FFhOvzao%2BRjoGi8XLsf1DGfdVvFuEYPh5TwACdfIVjIhl4R6%2FwN4Wf0wfOTiTNutN%2BrE57xU6bghPtfycGOg%3D%3D\"}]}\r\ncf-ray: a12c339219b65699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2726,"size_decoded":3369,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 500x536, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2fd0dde002fc5f4487d628c3b990d349","sha1":"a702d4aa2f28b5031eeed12eff39e38bdaecd9e1","sha256":"2fdee3248360d78fc8bacf24ab3a972d4bc82d4d4178459b97a8baaa9691dd60","sha512":"1ecf982c315e42c561420d89ccadb440aaa2c846f0247c8936cf720705f31ce34b19b0da28c4966ba4de3ecd3e30a8923a6fd79ce82d8f2b9e150376c30ad4aa","ssdeep":"","tlshash":"00512ba15b0c191cf894853ea91d4c06bbc8e0d139e1313a74f5185b76954e93cfa16b","first_seen":"2026-06-11T16:29:30.458726Z","last_seen":"2026-06-28T22:47:38.496138Z","times_seen":226,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/090a6r7kb8eqn.css","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.879Z","timestamp":1782644568879,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/090a6r7kb8eqn.css HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MiF5l2fCW2bGDYfbotU4oVrZCtXyPo4YZq4Yv1CpxBrRVI0aUnNXG7mX66A91hcKj42R1OTlbJ97mUR8DsbigNxehqLFM7ii21VR8f5Ue51D1WeiFRlF7c%2BklZOphg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b89635699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79308,"size_decoded":11280,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (30091)","md5":"6325d92868fb3bc97f29a3668b4bf291","sha1":"0178ef58fe1afd80afa9790ebafd61b806530f59","sha256":"6d36d452b2dec5e9c5df5c4578806b470fa08b07970510de0cceb6fdfd3835b0","sha512":"546de16adb202ffe9f329d8edbd89ed4d66274c2670cd024f8015bd4a1b77ec98f0d4c0b710ae8a7344cfba8d3da165a46f798eab483296638027c3f61ea79e0","ssdeep":"768:FC46pj5uEvGLesaFORUDAKqS+ESoDUp5LlwF14IrjHXZ:z1yZukDU5JGp","tlshash":"b573dd6d51b447bfe41db011f2c468188fa7eac6e9a24be5480c69a742c2ef115f3b37","first_seen":"2026-06-08T19:33:12.056103Z","last_seen":"2026-06-28T22:47:38.490061Z","times_seen":412,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0jpn43~1tadgx.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.899Z","timestamp":1782644568899,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0jpn43~1tadgx.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WQq7F%2F3EyElKAvdUQgKY3Cgm1FcDXlpTlqvmG6ys5DLjeP838BnzTfvogxqTtLFTQ%2F2ajtjpHx%2BpegvyVhM9ser%2BGntbb96SQ7d6865Wv8pgWDRc0fKTzBtydsuQNQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338ba9945699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16882,"size_decoded":7752,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (16882), with no line terminators","md5":"44d3f771d51cebca746ae90b7fd29171","sha1":"222d34425bcb4b09d6f07233cfa92bb27f13d374","sha256":"6de8d036e910b2b6651f0f95a676eb246d0aebebc69893664f2a88740a1da09d","sha512":"72b6accd7430d60ec64f89b5657fa75143959dfdaa6b1b86ac72cbbe69f895ff2af6e06b25cd9569e54fd22f3ef222faead746e4b4fa9a692399d2b638504fdb","ssdeep":"384:KxPN/B22tHV9MqujRujtPdZjWmmzQ5DKW0KInG/as1D:SP322tHzMjOlrLJ0jG/5l","tlshash":"0b720a43b498fdea0757d39cec6b8004a16e297ed8cc807d8f6cdaa0317598a7194f69","first_seen":"2026-06-28T11:00:53.686645Z","last_seen":"2026-06-28T11:03:20.780882Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0li9mgra_8nfx.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.903Z","timestamp":1782644568903,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0li9mgra_8nfx.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5VXrXiMpaCONLDFatdjGvx79SF9s6wuIbqcUX%2BZTBmeTJe4uh3iXLDQyXpicXDuvteouOsfQO4%2Fjvwa%2FiIEyMemMiNthltzmnJ97a8qQH8CaU7cl4%2Bz2Z9qvNIpzFw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338ba99c5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":103921,"size_decoded":19868,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0c1ca7911b574ce20daed1f833b108d6","sha1":"bee0a37c5dc9d23fa8e592d34529399de963967a","sha256":"eebd59a42ffd9f0a8cb12ed2797fba5025977de2ab885cfb28df20d9d2f92ef5","sha512":"628e8fcb0dc70c2b54ade8cb8b86552ba3a81882c1d3ef21162f7eadf578a7f1e1f03f0b59fccd849bb2e5e4fc4bf4df4dd9776c2ed575969f07a23c0416619f","ssdeep":"768:6jWexfqnDkUHRqSEyu+bauIS75xh+3BdOkgRt:6KetAkURzRb7xwxrit","tlshash":"c5a342476395e41e8f73dba0e91fb767c2184cb959638926d10d0ea4c94f8e1caf603e","first_seen":"2026-06-17T18:29:29.887806Z","last_seen":"2026-06-28T22:47:38.391511Z","times_seen":292,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/blockchain_com_bg_in.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.778Z","timestamp":1782644569778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/blockchain_com_bg_in.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 55638\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8%2BjG0n4UrMwtB4EvgI4bczzxcs2pso7tvNdFfZcUa%2B33fHDT4GQ46nCui%2BcGVyFAlGh6HfUrp7XxLUXSj%2FRBKRJhIHES8InZyGz%2FOK9%2FJ9oif6r7ir9B5ELppX5D1g%3D%3D\"}]}\r\ncf-ray: a12c339118575699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55638,"size_decoded":56280,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19e9d70945b3e6f294ba5d1879d3669f","sha1":"93a45f9ebd036a7ba17799cbdbec1a1b3503f1a9","sha256":"cfb1b5c6cc5e68cd42a4783b1a54b012ab0299553e23f4425efa1cc7f97a24e3","sha512":"3051c61da519ad99d5e8684ff7c7172fd3d3cd2d00a58766a81d88ee65a807638f3ebaf70e6fe351fa147f76dafbd4f0e40cb425ae29969287d3298e0ca60154","ssdeep":"1536:k96wA7P4uMkbK8A8tOCp+Dlr/H92UFE+lroqadJ8esTkUo:k96wApHrrpKTdBFdlrladJ8lTkUo","tlshash":"4143f1c5cca61600bd387bda4e423db3109851e76a2d3b0f47740a5e47ef4aa12ff699","first_seen":"2026-06-11T16:29:30.476167Z","last_seen":"2026-06-28T22:47:38.471103Z","times_seen":226,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0byi9c1kdhku2.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.073Z","timestamp":1782644570073,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0byi9c1kdhku2.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dVT5ywRMUFpw3%2BnWbdtoRTVoKb8f%2F%2BHZtdhykGrhNL72zIgRGcTdwDBtOBoh6naZuhi9P22XXb2kiw2EpLxocPZIX%2BO6%2FMLONGBG%2FkOLzBQr%2BOH1UeA9S2TW4Rfrjw%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3392faef5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4922,"size_decoded":2478,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4922), with no line terminators","md5":"470004d83dc17ce8a5af09b41645873f","sha1":"4dd466d16f5d678758739f65ee505d7bd1a9f3eb","sha256":"aafac24663931328ce86e1020ae08240ade0ed88483fe7b49857003e6117ed77","sha512":"88b8a0ca2bc6512349653c965bd1c63cf7a36581d7655266f96718a2a4dfab1e2183f0f87d30cac385dbddf38ab8d32c84e371b83c44572ef2dd5eb9cb920179","ssdeep":"96:2p9YtpkojrYpGpUVFwAchp91tpexVfQApjFpBTpcFpe6UuWHSvUpp/TMvJ/pPg:wYbjr0wT1O7P0TUudYUg","tlshash":"bea1456fb04823902752199d21bfe4cdb02aec799b05186cbb91c17d27d2d98b1b6fcc","first_seen":"2026-06-11T16:29:30.421395Z","last_seen":"2026-06-28T22:47:38.401624Z","times_seen":225,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/global/countries/kr.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:50.182Z","timestamp":1782644570182,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /global/countries/kr.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:50 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U3IalMrszFC5bgelOkZH4Xs3gjz6DwfT6NSusPh6k37Lu5zfPNU2JwuFkDgZHOP3TnLPFUsJXoyfWx48tou%2BuCDMY1tnUeLE7YvnX%2FiN2C7s7iZnXRMh6DFg2AKFOA%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c3393abbf5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1457,"size_decoded":1257,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"b57d2718c0f2330c0e06166d4b5fb606","sha1":"80100720aae2017e911dab7726ce4eeb73851661","sha256":"f69a22143e7948606729b9195cb0fa16993642322f9e21cd84533b28e8083ee7","sha512":"f7596cf54e8902e99fbd27113e9d718a95e60b9cf174897370b2adf3ec866686d1d177b230031c5a62d120ec03963d632aa9dd5ab739f1d02d51faaf7431295c","ssdeep":"","tlshash":"ce31dff66301841c97de05905f36b2d9d608f298d8cb84a5419dff55489ebda6b40a38","first_seen":"2023-07-15T21:19:48Z","last_seen":"2026-06-29T13:13:55.668721Z","times_seen":2800,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/0fghvi7vx5udo.css","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.880Z","timestamp":1782644568880,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/0fghvi7vx5udo.css HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QF82nye6I%2BWCyiB8%2B0GPI3laA9F5MvnHGWay%2BDKXED3CYj57N1Nchu1h1oBFCGpkUvzWbAFkxgvBINVvaOjG2u%2BubV2FNJJthnLKDU4HWee0K4ht%2FqhVqadgxG07tg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338b89645699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":108944,"size_decoded":13054,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (33943)","md5":"b0cf461ee26fe850006c123804aa96ef","sha1":"6bb82aa210c7bf738694af85c5dd589e46433c8d","sha256":"626e44ccc49602ee3124c152ed8a7eb2278910e950b851a5bd7ca2821d103983","sha512":"cc7666823fd04d13de0c74e498f3a8d4cde3139e227d165179f93cce5355448fa52a475ca604b522fb5d9f61e78aa6a2e840b9fefb25a48117ceaed5c5469a3f","ssdeep":"768:KQwDsiU3o3ecUS8ZVzvUvyEeNIL4nCR7f3ljrjE4QUllx4:E+ec","tlshash":"55b3f67d91f0577fe41df041f2893c6c8962e9dad8960bd6881d28a783c2df215b2b36","first_seen":"2026-06-11T16:29:30.386725Z","last_seen":"2026-06-28T22:47:38.427201Z","times_seen":410,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/00txjv18y81xp.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.907Z","timestamp":1782644568907,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/00txjv18y81xp.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FvaDZpadaNdc8FSIAUldZHY9od5zvfKBU69KDwe7alRQ4mUgPjkOJQ4YhfhIbkUKDVg3iafqFsxoreflwCt7bmrfe1uGuAG0LFuzQJZfA7AhiRcfLdRy07YjTAGbFQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338bb9a55699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90224,"size_decoded":28832,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65367), with no line terminators","md5":"9ce6fc1ac19a91ab9b96e5e1a9f282b0","sha1":"8d33c689780551b67888eacf406466aac6275d6d","sha256":"401596fdc663801d8d4aaf96a476f9d2468c085d11f942979cd2b2f4135715d0","sha512":"3d41e06e4f96724a69f2f40c00f8966c19f3e32e9f50aff7ead5fd7bf3fdbb2f486bd228fda15f4804451a5bac96cfeb96d3df1b54f322059f03494fa536655f","ssdeep":"1536:M8udv/NqM7t3AKjSkmE5P1tISAAjJp7BmWok8EO3KqI8GYDNFR9QJn5QExF8:oBAoSkfvtHXjJCOsjI8hJtQ7nF8","tlshash":"be93a657e3241b9a1872727afe4fe181f61d8cbb0799cb50b878e51927c18b87834bc5","first_seen":"2026-06-08T19:33:12.041169Z","last_seen":"2026-06-28T22:47:38.468996Z","times_seen":411,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/rewards_bg_in.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.748Z","timestamp":1782644569748,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/rewards_bg_in.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 56870\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CsAmAeMMtBAu4prh96NiMPCqurWN077BImYU8UxbzDI5k5XECdRZCbd4uESS6d8joZ%2BoPKpSoUnNoc0ZTW3n2EqJVBfRLjFnHYSl55VOImDC91Jl88KPT%2BL2hpw9jw%3D%3D\"}]}\r\ncf-ray: a12c3390e80f5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56870,"size_decoded":57504,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"90e385556900428710cd66ef1c139fe3","sha1":"f9bfc927638316f4aa746f325a5f2643095814b1","sha256":"0c0ec423a091264d8845667f030c390c31f2257c1cf518a7f0ab8279ed8f98c0","sha512":"377d07bca395e43b245a9b7cce760ff0156c29fb7c24b7a37cc946345241cc9724cdaeec7b38b2d679c4f3d3473e6fbdea9a6a64bff02ac748c43a9393986e1a","ssdeep":"1536:O2OcO7K1w2U8R4IY9XYSNdSfKNCIfaFAx:fjOV2D4IYj97iOx","tlshash":"f3430115fa01b231736a34403cb4bcbe6486b75897ae009e9b61afc857533b4fe60c76","first_seen":"2026-06-11T16:29:30.39174Z","last_seen":"2026-06-28T22:47:38.446523Z","times_seen":226,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/crypto_com_logo.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.759Z","timestamp":1782644569759,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/crypto_com_logo.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G8z35cAi%2BMH2rw2qSWrVGWQyT8LCzIg47C3c2pPkB%2F9cv7ixGQJzG0HFniFMl3URVckcMn3XBaGB4Jdr9lovdRLHvgpkDGfub38YgSlCCiVosQcoLjsqqqRCRy78Gg%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339108295699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4690,"size_decoded":2429,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"09e23867a1177094de847ab5a1f72fb4","sha1":"4342a048742832a0129f583551afc2d42d075079","sha256":"2ef5de7e75c4d0a0d442a9a7875ac2f85ce73a6266e2a56a751cadb25f621e06","sha512":"7a9e5a65430a6c804dc78373c36804e33c59f1dc72e4c1c2e74c38c20b56da3f36f0dc3a80962b99cb06c3bfe7c847d9ad640256df717ae5b5d33ed7128e6177","ssdeep":"96:bssQY4lHOQ6aQ0WQa2Y1flnczvd64v+DoJnP1YbaBLZfc2lB:bjQ9lHOQGudUoJnP1W0B","tlshash":"98a152e9a2dc92e8e982e7f4a7295031ba2d39f9e747d742f35c0a40af5115d9c0dcc4","first_seen":"2026-06-11T16:29:30.463917Z","last_seen":"2026-06-28T22:47:38.470609Z","times_seen":226,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/trustwallet_bg_in.webp","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.766Z","timestamp":1782644569766,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/trustwallet_bg_in.webp HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 60396\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\naccept-ranges: bytes\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Ut2Q%2B6skSJUBKe2uyOvmYSI8EksCjlN9nrFskZAlsc8QmkvNF8ksubnUyfCglvKnkvaraI8kyWceJPJ8yiIuOBLDUh4b3hSUnabpH9aQ6Dh96vO3b9OZp7UGa%2Fmog%3D%3D\"}]}\r\ncf-ray: a12c3391083d5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60396,"size_decoded":61030,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5818a4bd4a5034e2508ced43e9c6e3d4","sha1":"ed386aa5a8bd75dde86d0bed05a88a942c34ffe8","sha256":"574a990123bd97e8a0c7a6d9c1a1dc55e23e9bda00ba65a6bbc669395355d2e6","sha512":"c07d6472c5f44c4c6820dfa7c006d4e869387f1957a5f8d834192ed7ecaee6b751e4e1eb54d0ee62b7e941ebf4c8687ab0a71aa238847fb89a774b9e2b490331","ssdeep":"1536:2S/KE4krLaLscwaj8YEsFGbvNapVNCiedzRaT:FL48aLsRqUxMheL4","tlshash":"e7430141b8ded2a3f09a92d9415d8c5bab3ff9ac4b23fbf025491154964cbc092c43eb","first_seen":"2026-06-11T16:29:30.337999Z","last_seen":"2026-06-28T22:47:38.437887Z","times_seen":226,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/mainDSGN/mix/home/crypto_com_bg.svg","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:49.945Z","timestamp":1782644569945,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /mainDSGN/mix/home/crypto_com_bg.svg HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/_next/static/chunks/090a6r7kb8eqn.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:49 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0PBMiWDN0uaXvs8Yvw085yJegCLq7PsgykQtaIuRbv61%2F%2BPz011rojtGj2k8vD6B2UTdteNnC50SwJi9C0ZnZjy4P3ztTNS%2Bo5qalBMmEJ%2FqqYdjkLNyZ2wD38cxhQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:19 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c339229d95699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1130,"size_decoded":1158,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"7a1c0c730ee2c3443a29e3665bd3a008","sha1":"3c04343682e15f5cbdb5859d5eaba3f666a048c9","sha256":"511d861c76da06e1fa67eac2fe74163b135b179524d530585559c082691c9a29","sha512":"73c0a3da935e95d4ab5cedecb031a0dc8de403b9e0334384db4df8f551e5917b7b4a4f75d85c38d5edfd5caa9827da68e8ca6bf296f8f6c16fe311ec75046b51","ssdeep":"","tlshash":"25214fe411a848821e00434eba3e66339d1670c95bd6c2513b5e2f6dbb888a78f234c5","first_seen":"2026-06-11T16:29:30.46087Z","last_seen":"2026-06-28T22:47:38.395473Z","times_seen":226,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bavomex.com/_next/static/chunks/06ckeshtm0g8~.js","fqdn":"bavomex.com","domain":"bavomex.com","tld":"com"},"ip":{"addr":"104.21.61.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bavomex.com/","date":"2026-06-28T11:02:48.913Z","timestamp":1782644568913,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bavomex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Jun 2026 14:28:08 GMT","end":"Fri, 18 Sep 2026 15:25:49 GMT"},"fingerprint":{"sha1":"C8:6C:CC:AB:A9:6D:80:89:90:F2:40:F2:11:5D:2A:36:2F:1B:0D:A5","sha256":"E5:F5:40:61:40:D6:C2:C0:50:1A:13:E8:71:55:C1:A9:B2:BB:43:BD:C9:89:02:E9:E1:26:13:F8:DD:B2:59:AD"}}},"request":{"raw":"GET /_next/static/chunks/06ckeshtm0g8~.js HTTP/1.1\r\nHost: bavomex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bavomex.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 28 Jun 2026 11:02:48 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin\r\nage: 150\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dd1dc7MT7iKFGn9GwnngwzBEejeZOglXMc4umWF8CFq0Mh6xL7MVPwDHNeZmAGvDdc5ozkTE2rCRCq5bum9%2BNmEIHqnaf3SGJuvoT4FR8S%2FHK5nYHoEiJA0bQUQmIQ%3D%3D\"}]}\r\nlast-modified: Sun, 28 Jun 2026 11:00:18 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12c338bb9ae5699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16964,"size_decoded":7764,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (16964), with no line terminators","md5":"70d35d970122715b75f3401550d567bd","sha1":"b96c2fba56490ad4ddee640a8cdab875716b42b0","sha256":"2b4ebd17db6fe464a0426144bfd298917c680b72671b64ee25eda5f71ab2298a","sha512":"749f3769c7df943e5e09ee7157209202840f80f724a39d332b76e2db5a4555bbb80e0d83ae3d106880f3876e77360ce3ecc3f566744bfff35651107e031b547e","ssdeep":"384:KxPN/B22tHV9MqujRujtPd6jq1mzQ8+KW0KInG/as1ey:SP322tHzMjOlUgJ0jG/5Iy","tlshash":"f9720a437598fdfa0757d39cec6b8008a16e297ed88c807d8f6cdaa031359497194f69","first_seen":"2026-06-28T11:00:53.657569Z","last_seen":"2026-06-28T11:03:20.786626Z","times_seen":2,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"bavomex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}