firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 23:04:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bFJtPuXbK03WUAbmnPdACECe7BWWwR7drsHIRFiC7sHX2lsuAFKaSA==
Age: 2809
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9122
Expires: Thu, 08 Sep 2022 02:23:50 GMT
Date: Wed, 07 Sep 2022 23:51:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v2gBDxM3FnZLD7uGLHSXQ3cn3NChP75IUfrds4WzLn1doEQpH4iASA==
age: 72314
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 23:51:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
200 OK 5.5 kB URL HTTP/1.1 www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1817), with CRLF, LF line terminators
Hash 03f88b5da66257c2e71b9fbc8be1ac7d
ce52d25dccc077e12a9decacb0c37387f1ca06ad
4731f5a1c11baa374fc39467ba1065a7c7f14ddc161e5a7ecc3d658c159180f8
Analyzer Verdict Alert quad9 Sinkholed
GET /survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Set-Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D; expires=Wed, 14-Sep-2022 22:30:48 GMT; Max-Age=599940; path=/; httponly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOfvb3N%2FiIfD92FhAyqb6iVJKY3icHkZo4EslNeRUGJymLn1%2FeViwsfN7DICsMD5dwPyz1jKE7TEw0OIcPy1DI%2BqWOwnkXvBCby0RgpkWmEsv9WbGlXf3PVfHpVUR0liE32A"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735abdb9a4b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 07 Sep 2022 23:42:38 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 00:06:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZiuerfF8bhipdNoUg1OizgRXK--hpRLL9d4grS4SH5dhgH_N5NtYIg==
Age: 810
www.bhootnow.com/js/plugins/base64decode/webtoolkit.base64.js
200 OK 1.1 kB URL HTTP/1.1 www.bhootnow.com/js/plugins/base64decode/webtoolkit.base64.js
IP
Hash 54cf5258f60909c053784b5a5190d0e9
45e44c232d3011fedd8f3b6dd6a08771e3619727
8f24e122c8e501d5848884b7f9f7bd037d530565118acd5dfafe8490349b64e4
Analyzer Verdict Alert quad9 Sinkholed
GET /js/plugins/base64decode/webtoolkit.base64.js HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 19 Jun 2020 11:41:06 GMT
Vary: Accept-Encoding
ETag: W/"5eeca452-d67"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rN%2BMW3uUayahu1sF3T2GxjyLkyNIwfegD8%2BBF%2Beoncr1E9BJLREbe8s3blpGYXe5jCZpPblmUZ3xzrU%2BWh%2F6CNr3CueNWNsOgE7LZQdH3rnGejLSfvNpYjPA03%2B8COiIzEg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac1dc4bb51e-OSL
alt-svc: h2=":443"; ma=60
your-choice-center.com/embed.js
200 OK 8.4 kB URL HTTP/2 your-choice-center.com/embed.js
IP
File type ASCII text, with very long lines (20648)
Hash 8c90f5e78f73e5c54f227345004af366
2089bfb5812f27eba920004660264cf919a4241a
809f690f34c6193ef3d3fb19210632a47c33e62d8ef96346b1d43d4fa983e01e
Analyzer Verdict Alert quad9 Sinkholed
GET /embed.js HTTP/1.1
Host: your-choice-center.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bhootnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 23:51:48 GMT
content-type: application/javascript
etag: W/"61ade779-58b1"
last-modified: Mon, 06 Dec 2021 10:35:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 930
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Teo9aBQMLXYiAY0x54ALWKsO8hY7PfIW7Ivag01j31EUKjJ4xLF%2F11Neffha11P%2FBGCdIvHxM19RT0%2BsLR3iHetgQlT5zTcvhQSWJReg8QJtJYiPcDwVq%2B8r4Rci0a3hi3GQJfjYvAvq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74735ac24e76b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bhootnow.com/assets/font-awesome/css/font-awesome.min.css
200 OK 7.9 kB URL HTTP/1.1 www.bhootnow.com/assets/font-awesome/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash 103f21b72014a566bb04f62aa8162a5c
0901754088a97f071b312c4cafcb3ab379d925f7
1fe16cbb06573d874d9d143f536623d7db5688ed4e86d7fe3889a52b7dae3f2b
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 16 Oct 2017 10:55:51 GMT
Vary: Accept-Encoding
ETag: W/"59e49037-7918"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvB22Je%2BhTqgvZ%2FG6PVWQYSxJ2oXxnYM8Cr8DTvyJ5czZdskpct0Um7FdCJzK3frPdBOt3MV65EDrrcX2J%2F5jQM1QYW2zlZaT90boUrzyZLbg0KEVOeWY8ypgggABFkIQQxs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac20b321c16-OSL
alt-svc: h2=":443"; ma=60
www.bhootnow.com/css/backend.css
200 OK 729 B URL HTTP/1.1 www.bhootnow.com/css/backend.css
IP
Hash 512485967b9476e8ac57df9cba5e160e
907cc60d8f308d523ce31a4876a690184123e8bb
dd4c95b8ac49f56fb3e5acc7f31d8d58abf9997b10cfb20b536c847ae6d6e2cd
Analyzer Verdict Alert quad9 Sinkholed
GET /css/backend.css HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Jun 2017 10:13:06 GMT
Vary: Accept-Encoding
ETag: W/"59410c32-8ab"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSmzvD4JP7VSn8BzlcCemaDa8BlMqvi1cE5iQoYYST203c7XAb3jBZYkOFozRVqudRQRQuCH4XgTvs1ovvYDM4zfpVSTHGFsLr8OUweouepAQ%2BKcJp4RBX%2FcvTckAuVd3zKj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac20b59b4fa-OSL
alt-svc: h2=":443"; ma=60
www.bhootnow.com/js/plugins/jqueryCookie/jquery.cookie.js
200 OK 1.4 kB URL HTTP/1.1 www.bhootnow.com/js/plugins/jqueryCookie/jquery.cookie.js
IP
Hash df9bc2ca94581a9f0d4778857f2dd204
c3bc1c54c929e4682371a6612c46025346fb04b4
2660c68222b1a6bf81d0cb331e601fdd2fdd8c304603b11f72a6fbd31fc5e8be
Analyzer Verdict Alert quad9 Sinkholed
GET /js/plugins/jqueryCookie/jquery.cookie.js HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Jun 2017 09:55:44 GMT
Vary: Accept-Encoding
ETag: W/"59410820-c31"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UViNrmhTGs5cFqaSZmbWuU2OQca6BauvYdmLUOV%2Bb5QikvWUt5F9KxkV0UhrUS35%2BAHptarNMQ8ZaDKnPW3P2XNYKwUoCWlejRf4P%2FjeGv3VQNvsnGzr9CwS9aTBCp5On0Hy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac209ccb50c-OSL
alt-svc: h2=":443"; ma=60
www.bhootnow.com/css/tpl_css/track_trace_v2/track_trace_v2.css
200 OK 7.9 kB URL HTTP/1.1 www.bhootnow.com/css/tpl_css/track_trace_v2/track_trace_v2.css
IP
Hash e0fd1a10516342e09a9faf8058c7c213
78eefdfd07d8fabaff6120fbb6d8c54bfe770025
4bb0ade002030464270e80f8343b4c0d35fed9e1dd31fb12d4a13ed5bee33934
Analyzer Verdict Alert quad9 Sinkholed
GET /css/tpl_css/track_trace_v2/track_trace_v2.css HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2019 10:25:18 GMT
Vary: Accept-Encoding
ETag: W/"5d11f68e-825a"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0JVhCy51dHGByAjjbWmk%2BXKaEg9Wt1rysC07ilgF%2FUKHC3USbQUDggxB%2BHT0WgicvuYr2wIOLLI3lQ2EQDj49WMoEMjm8paeefSd68TzSJZzzTq0c22efz9xZfR8luI3TSk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac2098bb518-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Lato:700
200 OK 332 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:700
IP
Hash 9cc27774596fed247a4eae0a8cbb6d40
97d03a65398a1481cb1b30e046d836efe8c5e484
a4b03bf467e90bdb0b1e94ec59d655a889952d39129678ca37b92d4c38d47eb0
GET /css?family=Lato:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 07 Sep 2022 23:51:48 GMT
Date: Wed, 07 Sep 2022 23:51:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.bhootnow.com/custom_js/currency_cnd2.js
200 OK 521 B URL HTTP/1.1 www.bhootnow.com/custom_js/currency_cnd2.js
IP
Hash 6fdf507ab6734c9639dc0eb8ae39aaa1
da6da50ffd83ad9daf904427639fb8d59bf9c428
db21cf31808932d16659346639644d8d03c5aeca9de0dab60701c141d0801025
Analyzer Verdict Alert quad9 Sinkholed
GET /custom_js/currency_cnd2.js HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Jun 2017 10:12:22 GMT
Vary: Accept-Encoding
ETag: W/"59410c06-5f4"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2B%2BzIu3B81clx4DF4oDRe0Db8ApMeTlgHrMaYn2UwojBsUNZyKHLlBdP83E%2FK6jm%2B5g8wKwypPVh4WECWdoki%2BXrfwIS88VCBHkR23AZoytGbNN%2Bv851k5j5jrOI91lVFsZh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac28c9ab51e-OSL
alt-svc: h2=":443"; ma=60
www.bhootnow.com/js/jquery.js
200 OK 104 kB URL HTTP/1.1 www.bhootnow.com/js/jquery.js
IP
Size 104 kB (103527 bytes)
Hash 64d51a91842027c9b0fa6d320c76e0e9
cb8f4124034b10289daf906b446ad78a4f0d7145
5d3429fe9a31d9435a4457fab6931d7f16308afebf8b39baad4306c536b05892
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery.js HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Jun 2017 09:51:56 GMT
Vary: Accept-Encoding
ETag: W/"5941073c-456ea"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9cDd3SUCajokpi5xDPLLtFdUdH9PwysIKvfxHqFSLyUnkWuzFTghUwDM3D6wetdB5jX9yiqymD54xTD46Y5xztEpPMejAH6yuyh2yhtqyT7SOnUCBH5lqFtuS%2F%2FXIV3dzcM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac20f39b523-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 23:51:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 23:51:49 GMT
Last-Modified: Wed, 07 Sep 2022 22:56:12 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.bhootnow.com/uploads/20220715095536_3753223535eb92fffd4c731f719079c4.png
200 OK 18 kB URL HTTP/1.1 www.bhootnow.com/uploads/20220715095536_3753223535eb92fffd4c731f719079c4.png
IP
File type PNG image data, 200 x 133, 8-bit colormap, non-interlaced\012- data
Hash 9a1060928c4c80bc3c817af01e939040
ec60717eda3540eb60ea24f1fba11e6e1e93cb01
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/20220715095536_3753223535eb92fffd4c731f719079c4.png HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:49 GMT
Content-Type: image/png
Content-Length: 17622
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 07:55:36 GMT
ETag: "62d11d78-44d6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayc7SPwbvMtm4yWdJFWKyahq6XJUQuMN19dSRxlnQjZ6%2BEgCRu3iQdUyUfY7pCBKoatOhkIwF43lC1jnjWkaFsJitsUQRyUywKPpYXt2DEPK4cEaSIUqj9iVmSU0kcnb8AEv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74735ac33a5cb518-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 23:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.bhootnow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 15650
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bhootnow.com/uploads/20220715092752_cfd24c10f8270a7dfb8b83cd84ccefda.png
200 OK 12 kB URL HTTP/1.1 www.bhootnow.com/uploads/20220715092752_cfd24c10f8270a7dfb8b83cd84ccefda.png
IP
File type PNG image data, 1447 x 445, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e1e5b0b1083fe16647aa86ba62f620c
6dbd179c6f0e6f1f7a88f64d563058473693f914
2bd9c32c309cdbd21a9d9ee1436e5b6e92cccc57e59918d88c1fe4cab59137c1
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/20220715092752_cfd24c10f8270a7dfb8b83cd84ccefda.png HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:49 GMT
Content-Type: image/png
Content-Length: 11488
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 07:27:52 GMT
ETag: "62d116f8-2ce0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6g8PH2kM3%2FdQTnr6vOihk5boDMs16I5AAyCLvyVg6aAz48p7EgOW4TnkHn0OddiPa44fjzeZ%2BSdI5f0xtuL13KlV8OQ60x2CPOVit6FGy8sHSgW9tl%2FtKkFtV33KjenHmzOL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74735ac3baddb50c-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 23:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 23:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.bhootnow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:32:09 GMT
expires: Thu, 07 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 15580
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.bhootnow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 15650
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bhootnow.com/img/track_trace_v2/icons.svg
200 OK 2.4 kB URL HTTP/1.1 www.bhootnow.com/img/track_trace_v2/icons.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1709)
Hash 79f1ad76e914485e430e1ccc99de35bb
9177c780e021783b35a9bf042e270cd0ee2d8695
a8535540533a4ce82b08367042df5ed004331fa10f5dc9db10b601be0159060b
Analyzer Verdict Alert quad9 Sinkholed
GET /img/track_trace_v2/icons.svg HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:49 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 18 Jun 2019 10:45:08 GMT
Vary: Accept-Encoding
ETag: W/"5d08c0b4-1a9c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StFF3N%2F6RyazroBNuH0ye2yQpdFPQl0DVAhhBufkyNPt5CU74yzpSDibH1VlKRC7uyxvt2FHYaM%2FcTPKj38%2BSR5wWQYyz3gsC7QUEMmdE92IBFBX0OACBSDr92gHf31JzwJ%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac3b811b523-OSL
alt-svc: h2=":443"; ma=60
www.bhootnow.com/uploads/products/20220715101419_yell.png
200 OK 122 kB URL HTTP/1.1 www.bhootnow.com/uploads/products/20220715101419_yell.png
IP
File type PNG image data, 1100 x 730, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (122436 bytes)
Hash 9112ef6888a45d1973e0d2bc06ce3083
4c41bfae2f654b1bddc0baa9e63bc51f79a0910c
2e7e23613260052d99ce6395e24259061ef0976b2300bf01f91b9dcea7b440c0
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/products/20220715101419_yell.png HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:49 GMT
Content-Type: image/png
Content-Length: 122436
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 08:14:19 GMT
ETag: "62d121db-1de44"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDFi2tB0fA2q0eBNNE%2FpVhfZCsg7WGF6GPzWH%2F%2FKD1lygnAozV%2BcjU84ksKQrSvJlJZG3Tf6D5bsuPr6IxBL7cYImdjsDZgny%2FgTCzSf3gfN%2Fh1hExr8KsEcxmOhxUyfgfTO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74735ac33baf1c16-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 23:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bhootnow.com/survey/survey
200 OK 45 B URL HTTP/1.1 www.bhootnow.com/survey/survey
IP
File type ASCII text, with no line terminators
Hash d88fef5a412e7cce7c705420a2d64cbc
e6d03282e5397b0d27957eec3f7f9b64a04ed9ce
f9c5b9c02235ec077e8a2a78b66d785661e88ef943d8e41cdbac8c8251269ded
Analyzer Verdict Alert quad9 Sinkholed
POST /survey/survey HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 62
Origin: http://www.bhootnow.com
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D; b2ZmZXJXYWxs=%7B%22campaign%22%3A%22MjEyNTQ%3D%22%2C%22survey%22%3A49934%2C%22source%22%3A%2210-1932%22%2C%22subid%22%3A%22subid%3D10%22%2C%22firstSession%22%3A%22wFf8ISxmMYtLqe7QARlHOxzjzQaSvOoIrHsFdLNe_MjEyNTQ%3D%22%7D; survey_id_49934=true
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: http://www.bhootnow.com
Cache-Control: no-cache
Set-Cookie: laravel_session=eyJpdiI6Ik16TVJuOU5UY2k0UlhTb2F2SjY4dEE9PSIsInZhbHVlIjoiRkhpUGV2UG1TRWZuWE0xM0pqR0grT2pjUndRZFNWQ1pMakJEMHN6bURDY2FmTlVwWnByNlhMY05IeGVSdzU3RXY3RVlpdEhRSTd6WUNNT0tSZzF5Wmc9PSIsIm1hYyI6IjFhZWFlMGJlMjRmNGViMjM2Y2Y0M2ZkNThhZWRmYjkwMmJlYTMxNmRmMjQwYzBiNDJhNGQwNzg2YjRmM2Y2NWYifQ%3D%3D; expires=Wed, 14-Sep-2022 22:30:49 GMT; Max-Age=599940; path=/; httponly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33Zil1Z6FYLjNY1OL%2BIGxw0PM9Mo1ov5lI8HesecPZ%2BEHqKBskkwCXB4kirnSRwBFj%2F%2FJpiCmm3Tz18QI4z%2FWQjLTyhsJScfA3%2FgZag2NVCv6vB3ytIQhP6ytvb9f6faYxnD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac3dc52b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.bhootnow.com/survey/survey
200 OK 150 B URL HTTP/1.1 www.bhootnow.com/survey/survey
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash e29ff518be919801ebc4bede5eddcd8b
f1c6af98d6979ed399298b0f500aea670911ac2f
3075af3f54201845873376b3a1c6ce7d784252c0d22a89a2ce6f3550ba818e3b
Analyzer Verdict Alert quad9 Sinkholed
POST /survey/survey HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 70
Origin: http://www.bhootnow.com
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IjFGUFFpS2dOYWZJUEJjZ09sRXNWWWc9PSIsInZhbHVlIjoiUXFyR3U4bzRmN3F2cjE5MVZYMnlzdTRyQkllWTNxWHArcitwT1NXU2JibGw3QTYwSGtkaFlNS0taOTAyT05tdFh0d05xRjJyTXFiWkwxNTBYa0NGV2c9PSIsIm1hYyI6IjlkOWUxNjU4NGU2NzEwNzViODQ1YmQzYjkzZmU4MWNiYmRhOWNhNzc0NTU3OGI1Y2VhMmQwNjYxODUwMzBjMTgifQ%3D%3D; b2ZmZXJXYWxs=%7B%22campaign%22%3A%22MjEyNTQ%3D%22%2C%22survey%22%3A49934%2C%22source%22%3A%2210-1932%22%2C%22subid%22%3A%22subid%3D10%22%2C%22firstSession%22%3A%22wFf8ISxmMYtLqe7QARlHOxzjzQaSvOoIrHsFdLNe_MjEyNTQ%3D%22%7D; survey_id_49934=true
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: http://www.bhootnow.com
Cache-Control: no-cache
Set-Cookie: laravel_session=eyJpdiI6IndEOXVRdk11S1wvTytReDB6bTJvWWtnPT0iLCJ2YWx1ZSI6IktNR3BDWG9FbkVvR1hRZ2NyWGMwN3Q2QlhtcVduVHdGK05yQWs1empURzdnNzdhK0daNjEzcFpPdEg5aFBmMXFLRjd1QzZ1Njl0emoxR3ZQMytYYmx3PT0iLCJtYWMiOiIzM2U2N2YwMGVlNjYyMjdjODZmNjU1ZDlmNWM0YWUxMjhhZDFkMmU4MjI4NjZkZWUyOWNkNDEzOGQxZWNjOTEyIn0%3D; expires=Wed, 14-Sep-2022 22:30:49 GMT; Max-Age=599940; path=/; httponly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTdq3nO0DBIsgSGwjEReDRECQhGkLBakHcxzAl28xn%2FfLql4SLjj5hIYCLPHsYB%2FC1Nx8Gma7cyxaIbz0Q7BnHhmMQV5TVAv%2BAY7wwQS6oiVLHpRsIsY0M3a9WaDnZGlLVtQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74735ac3dab3b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QOV9RgcCd79Ee0j5EsjXiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: icHY9vwnYdUWDZTGTF0Dynr6kpQ=
www.bhootnow.com/uploads/20220715092527_yes.ico
200 OK 1.7 kB URL HTTP/1.1 www.bhootnow.com/uploads/20220715092527_yes.ico
IP
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash bbfbce8bd892eb52b9ab46f954849cb8
3beb9287ec4a24e4752769d1b8df98e0a244bd58
5684c9dabbc7f208e285370a8f8c071c061006eedade82125fd31f9149d9d87d
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/20220715092527_yes.ico HTTP/1.1
Host: www.bhootnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bhootnow.com/survey/45212/source=10-1932/subid=10/nrp=b4812dd0e9d4400db90ceba72f50372b
Cookie: laravel_session=eyJpdiI6IndEOXVRdk11S1wvTytReDB6bTJvWWtnPT0iLCJ2YWx1ZSI6IktNR3BDWG9FbkVvR1hRZ2NyWGMwN3Q2QlhtcVduVHdGK05yQWs1empURzdnNzdhK0daNjEzcFpPdEg5aFBmMXFLRjd1QzZ1Njl0emoxR3ZQMytYYmx3PT0iLCJtYWMiOiIzM2U2N2YwMGVlNjYyMjdjODZmNjU1ZDlmNWM0YWUxMjhhZDFkMmU4MjI4NjZkZWUyOWNkNDEzOGQxZWNjOTEyIn0%3D; b2ZmZXJXYWxs=%7B%22campaign%22%3A%22MjEyNTQ%3D%22%2C%22survey%22%3A49934%2C%22source%22%3A%2210-1932%22%2C%22subid%22%3A%22subid%3D10%22%2C%22firstSession%22%3A%22wFf8ISxmMYtLqe7QARlHOxzjzQaSvOoIrHsFdLNe_MjEyNTQ%3D%22%7D; survey_id_49934=true
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 23:51:49 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 07:25:27 GMT
ETag: W/"62d11667-3c2e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Niq%2FMHqkrQdopwf9lEFEYMjBs6Coysd%2FkgGAbPRB%2BOZ%2FR6DvCj2aHsBo1UhuoU0pzQT3CGWcMoeHRmSLT9ipHK8J6klGb%2FWe6BVj0m57aPJA9p6UimNlrU6Xet6UndnFgj%2B0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74735ac4dc6a1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3954
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 23:51:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3954
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 23:51:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3954
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 23:51:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3954
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 23:51:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08c16db0-fc0c-4dde-ae07-9586e9adb562.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08c16db0-fc0c-4dde-ae07-9586e9adb562.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f691eddbd9502201c90f81568f4f63fc
6ed123d7a797b7eb52a34e87c79aa8562bede4e1
6d2b6ff8acdc63829050d68084997737ac8cbbe52aba6189ab8908f7dcb800b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08c16db0-fc0c-4dde-ae07-9586e9adb562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9255
x-amzn-requestid: f4092ba2-d141-44cf-8e0e-a4ee46b397ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThFAeoAMFUPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-4ee1ceb30135f4e1763e98b9;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: A60P-w4aO0T7up7sTYS72sWYlUao4cCXXE7B3QAv5Zy8-zDbIUWCeQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:44:32 GMT
age: 7638
etag: "6ed123d7a797b7eb52a34e87c79aa8562bede4e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffde48022-9b21-4eb3-b8b7-e4fcb208d624.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffde48022-9b21-4eb3-b8b7-e4fcb208d624.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 036db462684c81e3906433a0d2929eb8
7bcd0b99c0fb6d9ead1dd6878377f5a582bde20d
a252f30f9239f6a343b23c9d3e1d1b7460c5ee5a592d3372bf124760baa6e657
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffde48022-9b21-4eb3-b8b7-e4fcb208d624.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8246
x-amzn-requestid: d1a11f7f-22b7-4fc1-b33d-402e5bc3af33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgEx4oAMF-pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7305dd7653fe38c9445e02a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: INlZ1UklE6G7_1AYLBLEjbENrWoRgkYHLiL4w_QVx7tRA3jepd_eXQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "7bcd0b99c0fb6d9ead1dd6878377f5a582bde20d"
content-type: image/jpeg
age: 7395
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ry2D03udnweYHan_7KhC9IDhT01g9_73G40Fa10BdIX21tgK0Cgjiw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
age: 7395
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ccc1d45458086694a8221a8a6c6aa3b
b8f1359214f21be812390a6cca80b8e84c26a403
461503caa5ec14c1214bdc19795e47b8c1c3c5be1b21f0f29e923e5191e93846
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8693
x-amzn-requestid: aae6e4f7-9b0a-49da-b2f1-58b625609942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFokoAMFbwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-27854a575dea22e1035454e3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PKD1-NMnB_gBWmi4tmCDLib4ROvVwI4hrOL7CHtoMXEEGgYNYiAsTw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "b8f1359214f21be812390a6cca80b8e84c26a403"
content-type: image/jpeg
age: 7395
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edcd025faafbf7161d4d606f47304c2b
a99519726bc82f2cc0541c79f47ddd15c7362669
ed7b147e3ea371ea4b014805d9c2f45407918924bb2ec540ea6f7cd0a8b1b698
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3529
x-amzn-requestid: 6ee305f1-aaaf-49eb-94b5-1176943a1922
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YCjYWFzNoAMFajg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63174c35-7e8ef3554da3194d47726d0d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 13:33:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: u3PSpvVEoPGJTFmcB643hOaVUAp-iW0X68PxtIaJZvGHc-Bh79gPgQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:44:14 GMT
age: 7656
etag: "a99519726bc82f2cc0541c79f47ddd15c7362669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc186964c-0ddc-4319-8d88-9e4e521689a0.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc186964c-0ddc-4319-8d88-9e4e521689a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4dc91e977d96fa1bb2a0e9db38769ddc
b6ed72862a8b209afd219c78f26ee3413bad47c4
4269334f383f7a21c4da9a3c9adf9d72739c24b9e08fcb61a1cb3c1a40ff2feb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc186964c-0ddc-4319-8d88-9e4e521689a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4049
x-amzn-requestid: 6742fa8a-4647-45e0-b0ad-c9ad0e25c06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG_DjFi2oAMFyvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63191216-5990150815b627fe341c326e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:50:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: yE-WMBW3miH3JBKQSB6I16hXHjcR_VbUNaCmEqAHqca53TMyExgsig==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:18:18 GMT
age: 5612
etag: "b6ed72862a8b209afd219c78f26ee3413bad47c4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:400,500,600,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:400,500,600,700
IP
GET /css?family=Poppins:400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bhootnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 23:51:48 GMT
date: Wed, 07 Sep 2022 23:51:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
172.67.150.65
93.184.220.29
23.36.76.226