Overview

URL gatlinburg-cabins-now.com/readfileconfig/NewFolder/
IP192.185.31.229
ASNUNIFIEDLAYER-AS-1
Location United States
Report completed2022-09-27 02:46:55 UTC
StatusLoading report..
urlquery Alerts Phishing - Adobe


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-17 2 gatlinburg-cabins-now.com/readfileconfig/NewFolder/ Office365
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 gatlinburg-cabins-now.com/readfileconfig/NewFolder/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-27 2 gatlinburg-cabins-now.com Sinkholed
2022-09-27 2 gatlinburg-cabins-now.com Sinkholed
2022-09-27 2 gatlinburg-cabins-now.com Sinkholed
2022-09-27 2 gatlinburg-cabins-now.com Sinkholed
2022-09-27 2 gatlinburg-cabins-now.com Sinkholed
2022-09-27 2 gatlinburg-cabins-now.com Sinkholed
2022-09-27 2 gatlinburg-cabins-now.com Sinkholed
2022-09-27 2 gatlinburg-cabins-now.com Sinkholed
2022-09-27 2 gatlinburg-cabins-now.com Sinkholed


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-26 22:11:41 UTC 93.184.220.29
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 01:05:45 UTC 142.250.74.10
mnemonic passive DNS kit.fontawesome.com (1) 1868 2019-03-29 02:12:52 UTC 2022-09-26 05:07:50 UTC 104.18.23.52
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-26 18:38:08 UTC 143.204.55.27
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-26 06:09:43 UTC 104.17.24.14
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-26 05:45:55 UTC 54.200.107.47
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-26 12:15:18 UTC 34.120.237.76
mnemonic passive DNS ka-f.fontawesome.com (2) 3598 2019-12-17 06:36:13 UTC 2022-09-26 05:55:06 UTC 172.64.203.28
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-26 04:35:11 UTC 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-26 04:27:13 UTC 142.250.74.3
mnemonic passive DNS code.jquery.com (2) 634 2012-05-21 17:28:02 UTC 2022-09-26 04:31:10 UTC 69.16.175.10
mnemonic passive DNS maxcdn.bootstrapcdn.com (2) 724 2014-06-18 00:37:31 UTC 2022-09-26 18:07:19 UTC 104.18.10.207
mnemonic passive DNS gatlinburg-cabins-now.com (9) 0 2015-06-16 19:31:22 UTC 2022-09-26 23:37:18 UTC 192.185.31.229 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-26 04:26:56 UTC 143.204.55.49
mnemonic passive DNS ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-27 01:28:18 UTC 172.217.21.170


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.185.31.229

Date UQ / IDS / BL URL IP
2022-10-01 21:28:22 +0000
2 - 0 - 9 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229
2022-09-27 02:46:55 +0000
3 - 0 - 11 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229
2022-09-24 22:57:17 +0000
2 - 0 - 10 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229
2022-09-21 13:37:11 +0000
3 - 0 - 2 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229
2022-09-06 18:19:32 +0000
3 - 0 - 2 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Date UQ / IDS / BL URL IP
2022-12-05 11:35:49 +0000
0 - 0 - 5 woerner.motexsa.com/ 192.185.48.234
2022-12-05 11:35:30 +0000
0 - 0 - 2 transiberiaproductions.com/jena/exchange.rz.u (...) 192.254.189.112
2022-12-05 11:34:42 +0000
0 - 0 - 2 www.abnamro.nl.mijn-abnamro.aanvragen-online. (...) 192.185.191.13
2022-12-05 11:34:11 +0000
0 - 0 - 3 curryhouse.spicemeup.co.uk/1670098132/imagene (...) 192.185.136.235
2022-12-05 11:31:52 +0000
0 - 0 - 2 monkeysaudio.com/files/MAC_902.exe 162.241.24.200

Last 5 reports on domain: gatlinburg-cabins-now.com

Date UQ / IDS / BL URL IP
2022-10-01 21:28:22 +0000
2 - 0 - 9 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229
2022-09-27 02:46:55 +0000
3 - 0 - 11 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229
2022-09-24 22:57:17 +0000
2 - 0 - 10 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229
2022-09-21 13:37:11 +0000
3 - 0 - 2 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229
2022-09-06 18:19:32 +0000
3 - 0 - 2 gatlinburg-cabins-now.com/readfileconfig/NewF (...) 192.185.31.229

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-04 18:10:32 +0000
17 - 0 - 2 martin4dc.com/0/doc.htm/ 192.185.194.234
2022-12-04 18:10:07 +0000
13 - 0 - 2 www.rainbowsquaregarden.com/secur/ 172.245.14.10
2022-12-04 15:23:45 +0000
17 - 0 - 2 martin4dc.com/0/doc.htm/ 192.185.194.234
2022-12-04 15:23:30 +0000
15 - 0 - 2 www.rainbowsquaregarden.com/secur/ 172.245.14.10
2022-12-04 12:51:34 +0000
19 - 0 - 2 amandafawcettyoga.com/Scannable%20Fax/ 69.49.246.103


JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (44)


Request Response
                                        
                                            GET /readfileconfig/NewFolder/ HTTP/1.1 
Host: gatlinburg-cabins-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         192.185.31.229
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 02:46:43 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3505
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   3505
Md5:    ba4033c3d568133aab5a6225fa64d665
Sha1:   62f1ab8dadf4a625aa07d9ababae7b344f5c5ecb
Sha256: 35c02b9952eaebfe7917104eb977d7eafc6dfd5aadb0d3407fe80559b32e8ed8

Alerts:
  Blocklists:
    - openphish: Office365
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4870
Expires: Tue, 27 Sep 2022 04:07:54 GMT
Date: Tue, 27 Sep 2022 02:46:44 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: md-v78gHl9c1JQPd9P6Smw2CKj8jBh1y5TwRsSpzBgnwnd7dIU-5Uw==
age: 79889
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 02:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: w9BZjw0F1ml3oYQ49KnFrH7n1EVGvfXn2gztxDhRHdKezLdyHDBdZg==
Age: 1874


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 02:46:44 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /jquery-3.1.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 02:46:44 GMT
content-encoding: gzip
content-length: 30070
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664246804.dop203.sk1.t,1664246804.cds247.sk1.hn,1664246804.cds010.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32030)
Size:   30070
Md5:    f7a4a283c6a5130b43ce8de3b7842078
Sha1:   ef243edbb67f9e50f8589885e4541f6c919ea8d7
Sha256: aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6463
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 02:46:44 GMT
Last-Modified: Tue, 27 Sep 2022 00:59:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2488
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 02:46:44 GMT
Last-Modified: Tue, 27 Sep 2022 02:05:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4787
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 02:46:44 GMT
Last-Modified: Tue, 27 Sep 2022 01:26:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gatlinburg-cabins-now.com
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 02:46:44 GMT
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2191229
expires: Sun, 17 Sep 2023 02:46:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xT%2BD3Xs9YCy9VcWGZ4tDAVhtP0VNJQLWBE5BemvzNI7rsJ5iilM7yil4dJMLdGeHWKS1CtwjtMtd0GZzJKRJFyEAW2PrYpuyMHAHYzUeToizHbu39dxDBuKVMdUj2t7iXvIkHf0G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7510e91eb8b5b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19015)
Size:   6157
Md5:    7b4114faa411d059a9a5ac4b5b4d9dee
Sha1:   277da4486916fa3a4ab3375f47bc98f58dbf90f6
Sha256: 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
                                        
                                            GET /jquery-3.2.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gatlinburg-cabins-now.com
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 02:46:44 GMT
content-encoding: gzip
content-length: 23856
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664246804.dop010.sk1.t,1664246804.cds230.sk1.hn,1664246804.cds235.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32012)
Size:   23856
Md5:    30f5157a965bc792a83e9bacfe265f03
Sha1:   8330886371fe27f3cbac509e0ac9712207574c66
Sha256: 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
                                        
                                            GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.170
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 05:22:45 GMT
expires: Mon, 25 Sep 2023 05:22:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 163439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   30028
Md5:    6d973c8b7e2439d958e09c0a1ab9fe50
Sha1:   05ae0830200c20b9a2dfd5a825adc400481a60fb
Sha256: f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4787
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 02:46:44 GMT
Last-Modified: Tue, 27 Sep 2022 01:26:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gatlinburg-cabins-now.com
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 27 Sep 2022 02:46:44 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:36:43
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4e20d3ff7140d21aeb01920f83972107
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7510e91ebb64b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65325)
Size:   22294
Md5:    3da88556f3384b3028afa44517b78811
Sha1:   66360796b55b97561a846838fefa242af0406d7f
Sha256: 3c180b785ccbea9cb09b2fe13c99f38ee0bbfbc288b96f704cca061fab249521
                                        
                                            GET /readfileconfig/NewFolder/css/hover.css HTTP/1.1 
Host: gatlinburg-cabins-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/readfileconfig/NewFolder/

                                         
                                         192.185.31.229
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 11 Jun 2018 14:44:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text
Size:   24697
Md5:    6764278eeb33ebb3722352b04bb44dba
Sha1:   326a7eb5b408c721827a0ad620e13e125ea9f8f2
Sha256: f53f95389dd1a4ae1449c2d40317ef650acf99e346a4bcd1020147fe7afa2322

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /readfileconfig/NewFolder/images/office3651.png HTTP/1.1 
Host: gatlinburg-cabins-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/readfileconfig/NewFolder/

                                         
                                         192.185.31.229
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Server: Apache
Last-Modified: Tue, 21 Jan 2020 14:30:14 GMT
Accept-Ranges: bytes
Content-Length: 18025
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced\012- data
Size:   18025
Md5:    fe22440d79ffa34950f512ef4a718b2a
Sha1:   0e147e59544ee6580d3095353d4420849fa5eb8a
Sha256: a2f26b68a6c8810c1aeb4048c938f835a86ba83756a7a440f989b967e78f3ba8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /readfileconfig/NewFolder/images/gmail.png HTTP/1.1 
Host: gatlinburg-cabins-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/readfileconfig/NewFolder/

                                         
                                         192.185.31.229
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Server: Apache
Last-Modified: Mon, 13 Jan 2020 22:06:14 GMT
Accept-Ranges: bytes
Content-Length: 66743
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size:   66743
Md5:    dce2f2b0e50cb1dbb0246d152791cb46
Sha1:   d0a69c159304edc08db005163e7a0daf5a1e98a6
Sha256: acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /readfileconfig/NewFolder/images/outlook1.png HTTP/1.1 
Host: gatlinburg-cabins-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/readfileconfig/NewFolder/

                                         
                                         192.185.31.229
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 18 Jan 2020 21:38:46 GMT
Accept-Ranges: bytes
Content-Length: 771
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   771
Md5:    c3fc46c5799c76f9107504028f39190f
Sha1:   519096ad3f03410cf9ce3c9b9fcca6b439d97b23
Sha256: 57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 02:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 02:36:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pcu33qVMQ6dQ6qwiEnDFCWGdfP1yr0NVjdJaQbhcuQkcQo-9pSsNmA==
Age: 2158


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /readfileconfig/NewFolder/images/adobe.jpg HTTP/1.1 
Host: gatlinburg-cabins-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/readfileconfig/NewFolder/

                                         
                                         192.185.31.229
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 21 Jan 2020 12:44:54 GMT
Accept-Ranges: bytes
Content-Length: 30925
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Size:   30925
Md5:    be5274af7d8bd25b8148a190ff515399
Sha1:   b8d0850fd92ee935287e17988b89e53607808c8c
Sha256: 26c62dbdf527b8dcbf378ea62f129cbbba3b244730687909ba21ecd729c9d2e6

Alerts:
  urlquery:
    - Phishing - Adobe
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /readfileconfig/NewFolder/images/other1.png HTTP/1.1 
Host: gatlinburg-cabins-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/readfileconfig/NewFolder/

                                         
                                         192.185.31.229
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 18 Jan 2020 22:01:38 GMT
Accept-Ranges: bytes
Content-Length: 21882
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced\012- data
Size:   21882
Md5:    6843a244e12fab158aa189680b5e7049
Sha1:   0e1c691f87cc4fa35c88344974f2829c40176b70
Sha256: 3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5291
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 02:46:44 GMT
Last-Modified: Tue, 27 Sep 2022 01:18:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /readfileconfig/NewFolder/images/8.jpg HTTP/1.1 
Host: gatlinburg-cabins-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/readfileconfig/NewFolder/

                                         
                                         192.185.31.229
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 21 Jan 2020 13:41:42 GMT
Accept-Ranges: bytes
Content-Length: 161118
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=709, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], baseline, precision 8, 1200x646, components 3\012- data
Size:   161118
Md5:    f17b5b1163efb6d2d47de6bae6d3a9cd
Sha1:   6d6964b34bc44c6d2b106ade1ae675985b96d012
Sha256: 7829f065e0e10c8466f3d57766e0719421b7b652f6a1082f21b98702f1b28a30

Alerts:
  urlquery:
    - Phishing - Adobe
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gatlinburg-cabins-now.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/readfileconfig/NewFolder/

                                         
                                         192.185.31.229
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 27 Sep 2022 02:46:44 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2016 05:42:37 GMT
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=604800
Expires: Tue, 04 Oct 2022 02:46:44 GMT
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    3fb29eb1048086690a39de8c9fb46a0d
Sha1:   f5501d1b47b2928af91dafac1746b3ff5e778025
Sha256: 907b1303947948f45772e4c41ce3d14479b6e750504042fe3527b00eedc8bd02

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ULZKxXCRKicTeVhe5xc47w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.200.107.47
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bzeYTyH8atw2A1AxTBsHGUvVCjk=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7775
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:46:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7775
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:46:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7775
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:46:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7775
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:46:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7775
Expires: Tue, 27 Sep 2022 04:56:21 GMT
Date: Tue, 27 Sep 2022 02:46:46 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1XA-bBkY_FXGy2X6EITlNNf-QSMLu2POxTo1Vq6bcqkEkkOni45zIQ==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:08 GMT
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
age: 18458
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7128
Md5:    4197a8a505b360b0c43142faf8cb7f48
Sha1:   4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
Sha256: 434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 4136
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6487
x-amzn-requestid: f292e8c1-3e79-4f59-a3aa-6863330835d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VioHHQIAMFlmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfaa-65955b7d7998a0dc6eded103;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx3JPGA6ZeR_7v1MXPDgc2T3RQ2mm48Q9Cb9kydTN9O1OUHlXO4NxQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 23:03:14 GMT
age: 13412
etag: "edff303440c5972381295b4b2602bd3f77f6702a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6487
Md5:    e88b78ede0e4583585d6bb805fb39470
Sha1:   edff303440c5972381295b4b2602bd3f77f6702a
Sha256: ce55a1ff5c71ec43884b74a08cd32ef75cb0632a91f3fe8b150f5ead499375a4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 18459
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6829
x-amzn-requestid: cc3229a7-7c7e-472b-b7a4-1216594c4068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yshb2FwhoAMF2EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815e5-0964e463192712fb08a29ee7;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 38UTZEh7vpUlYc9mGIdNrIy4fgLQf4iErqzZLY5mM5fdMQwvJvoBvQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:12:45 GMT
age: 16441
etag: "c80d9ce02eeaa7b0166a696e811d2cffde4997d0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6829
Md5:    62ece01d7e0036711832df5a25175b3b
Sha1:   c80d9ce02eeaa7b0166a696e811d2cffde4997d0
Sha256: 8a1968c18b44495571ff382a9cacfb7f98d3e1275d650e84cb310d635eae7e70
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DiTKUZCtnzzWsLnaX07RzIFfcP2_SiKqzETIMe3RoXWnQOBaB8BhmQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:14 GMT
age: 6092
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7701
Md5:    9ff2dbdbf6d450f0d9774777b3c5aa6e
Sha1:   2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
Sha256: 4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
                                        
                                            GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gatlinburg-cabins-now.com/
Origin: http://gatlinburg-cabins-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.203.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 02:46:44 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e09ee53f26574d3b79d9e57c14a34ea4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C1
x-amz-cf-id: 6I-ft8bAOunZJS7kZgWHR51znew48OKH47jOJ_8uJbky095h7svYCQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNy38db%2FzkEh7sS372778pzdIrYi8DhjnbQCT5kXsIzwdyp%2BUjhlu6QYwkJAvVwsr2urFR6pCKkLXk0ZEYCdy%2FG89lZDRDVPFTPaEC5DV2ebKx5MuxCtVr4R5Z07TLJuqwZ6vr3koQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7510e91fd834891e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gatlinburg-cabins-now.com/
Origin: http://gatlinburg-cabins-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.203.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 02:46:44 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: NcDeFsVofN2YKJAQSg398RuNLjhvobn6XtMIdcfH6TMJFo1lU2harQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53t1rCazFMTHUa8dtw6%2F5IgJClGjLkZd8b1LdvkJNwr1pHi%2F2y5%2F8U%2Fns1OBUdPEzjeC19RBFPu3u6yfD8kvPj5f0Z0j5eaYd8%2B8oJ4HHBePFrA%2FO09t9kERyemnPvEHkBqEgmCYBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7510e91fd833891e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Yellowtail&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 02:46:44 GMT
date: Tue, 27 Sep 2022 02:46:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /585b051251.js HTTP/1.1 
Host: kit.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gatlinburg-cabins-now.com
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.23.52
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 27 Sep 2022 02:46:44 GMT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxiXpqRtqVaMzBDwulih
cf-cache-status: MISS
server: cloudflare
cf-ray: 7510e91eac670b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gatlinburg-cabins-now.com
Connection: keep-alive
Referer: http://gatlinburg-cabins-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 02:46:44 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:32:25
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0cb67e499d6a3e9e4a9e423269f2acce
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7510e91edb80b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---