Overview

URL mail.buun.so/
IP65.108.230.52
ASNHetzner Online GmbH
Location Finland
Report completed2022-11-24 13:56:33 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-24 2 mail.buun.so/ Phishing
2022-11-24 2 buun.so/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.sele (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc (...) Phishing
2022-11-24 2 buun.so/wp-includes/css/classic-themes.min.css?ver=1 Phishing
2022-11-24 2 buun.so/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?v (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/css/owl.css?ver=2.3.4 Phishing
2022-11-24 2 buun.so/wp-content/themes/creote/assets/css/metabox.css?ver=6.1.1 Phishing
2022-11-24 2 buun.so/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css (...) Phishing
2022-11-24 2 buun.so/wp-content/uploads/elementor/css/post-8.css?ver=1648038231 Phishing
2022-11-24 2 buun.so/wp-content/uploads/elementor/css/post-4522.css?ver=1648887314 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/css/swiper.min.css?ver=6.7.5 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/css/jquery.fancybox.min.cs (...) Phishing
2022-11-24 2 buun.so/wp-content/themes/creote/style.css?ver=6.1.1 Phishing
2022-11-24 2 buun.so/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ve (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons. (...) Phishing
2022-11-24 2 buun.so/wp-content/themes/creote/assets/css/icomoon.css?ver=1.0.0 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/css/aos.css?ver=1.0.0 Phishing
2022-11-24 2 buun.so/wp-content/themes/creote/assets/css/font-awesome.min.css?ver=4.7.0 Phishing
2022-11-24 2 buun.so/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/css/animate.css?ver=3.7.2 Phishing
2022-11-24 2 buun.so/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.0 Phishing
2022-11-24 2 buun.so/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Phishing
2022-11-24 2 buun.so/wp-content/themes/creote/assets/css/bootstrap.min.css?ver=5.1.2 Phishing
2022-11-24 2 buun.so/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Phishing
2022-11-24 2 buun.so/wp-content/uploads/elementor/css/post-85.css?ver=1648895473 Phishing
2022-11-24 2 buun.so/wp-content/uploads/elementor/css/post-2940.css?ver=1648893891 Phishing
2022-11-24 2 buun.so/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/TweenMax.min.js?ver=1.18.0 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/owl.js?ver=2.3.4 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/countdown.js?ver=0.1.0 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/jquery.fancybox.js?ver=3.5.7 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/isotope.min.js?ver=3.0.6 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/simpleParallax.min.js?v (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/appear.js?ver=1.0 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/jquery.countTo.js?ver=1.0 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/sharer.js?ver=0.4.0 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/hc-sticky.js?ver=2.2.7 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/aos.js?ver=1.0.0 Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons//assets/js/sticky-header-desktop.j (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/creote-addons/assets/js/creote-elemetor-extensio (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19 Phishing
2022-11-24 2 buun.so/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.bloc (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.j (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.j (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.mi (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.mi (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.0 Phishing
2022-11-24 2 buun.so/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.0 Phishing
2022-11-24 2 buun.so/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorb (...) Phishing
2022-11-24 2 buun.so/wp-content/themes/creote/assets/webfonts/fonts/icomoon.ttf?lruvdg Phishing
2022-11-24 2 buun.so/wp-content/plugins/elementor/assets/js/lightbox.2b2c155d6ec60974d8c (...) Phishing
2022-11-24 2 buun.so/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.j (...) Phishing
2022-11-24 2 buun.so/ Phishing
2022-11-24 2 mail.buun.so/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (5) 344 No data No data 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-24 05:30:55 UTC 34.117.237.239
mnemonic passive DNS buun.so (92) 0 2022-03-20 14:40:31 UTC 2022-11-24 13:55:42 UTC 65.108.230.52 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.41.252.32
mnemonic passive DNS mail.buun.so (2) 0 No data No data 65.108.230.52 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-24 05:36:55 UTC 34.102.187.140
mnemonic passive DNS fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-11-24 11:11:51 UTC 142.250.74.10
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mnemonic passive DNS maps.google.com (1) 1899 2016-05-21 18:40:38 UTC 2022-11-24 11:17:27 UTC 216.58.211.14
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mnemonic passive DNS ocsp.pki.goog (10) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-09-09 00:40:21 UTC 2022-11-24 11:09:52 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS themepanthers.com (5) 336662 2020-03-28 05:15:01 UTC 2022-11-21 12:01:17 UTC 170.249.194.26
mnemonic passive DNS maps.gstatic.com (1) 0 2016-01-11 16:55:17 UTC 2022-11-24 07:02:29 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 65.108.230.52

Date UQ / IDS / BL URL IP
2022-11-24 13:56:33 +0000
0 - 0 - 55 mail.buun.so/ 65.108.230.52

Last 5 reports on ASN: Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2022-12-09 11:49:19 +0000
0 - 0 - 5 botiga.quinzeous.com/wp-content/plugins/nlcfy (...) 138.201.62.45
2022-12-09 11:38:46 +0000
0 - 0 - 2 dl1.topfiles.net/files/2/688/32793/n2pyynsbbv (...) 95.216.1.112
2022-12-09 11:17:33 +0000
0 - 0 - 2 eksmly.com/sresuSaduiuSR/lilly/n_mlrxmg5mmsez 116.202.231.101
2022-12-09 11:13:59 +0000
0 - 0 - 2 mandemutworld.com/onlne/aa/admin/ 88.99.17.3
2022-12-09 11:01:44 +0000
0 - 0 - 6 sweetx.online/ 78.47.239.33

Last 1 reports on domain: buun.so

Date UQ / IDS / BL URL IP
2022-11-24 13:56:33 +0000
0 - 0 - 55 mail.buun.so/ 65.108.230.52

No other reports with similar screenshot



JavaScript

Executed Scripts (67)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (135)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: mail.buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         65.108.230.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 24 Nov 2022 13:56:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Location: https://mail.buun.so/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   229
Md5:    25c5b196f9c9d099ad5a35b1169be10b
Sha1:   fbf1f86fc0a4bc3186613b410024e3bb3ee24532
Sha256: 0d3dc0b4b3b81381f761f98aa89afc12747ed8a66d3bdf74c3e4093b13497f8e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3110
Expires: Thu, 24 Nov 2022 14:48:10 GMT
Date: Thu, 24 Nov 2022 13:56:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4607
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 13:56:20 GMT
Last-Modified: Thu, 24 Nov 2022 12:39:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 13:17:17 GMT
cache-control: public,max-age=3600
age: 2343
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2480
Expires: Thu, 24 Nov 2022 14:37:40 GMT
Date: Thu, 24 Nov 2022 13:56:20 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: gf91++sfGqZgd92JaRraFdcgRkh4G8WQWQcGGQ2bOOHDV960DxSRq9YPa/F4+Jp5LfrOf4OiDwM=
x-amz-request-id: F0F7GM8MV8GH0XPE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 13:40:25 GMT
age: 956
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 24 Nov 2022 13:56:21 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:29 GMT
accept-ranges: bytes
content-length: 2630
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2630), with no line terminators
Size:   2630
Md5:    eade318fbed91c096467dffa56406638
Sha1:   69d306a2097e792f99c80a5e0bb8863260399cad
Sha256: d589803f3ab380582ab137b22493c2bacaa92424fa88cee212e80288cac11fbb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:07 GMT
accept-ranges: bytes
content-length: 4933
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4933), with no line terminators
Size:   4933
Md5:    e372df47bd19e1563b557d7bdb817188
Sha1:   4efdf4050a78bdbd88aa255955b7423105895dd0
Sha256: 4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:29 GMT
accept-ranges: bytes
content-length: 30603
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30441)
Size:   30603
Md5:    d3ec229e04c8634c88cc4cb3f2934c11
Sha1:   785cb4beecaad98329fff0a54f9a5536cda200ab
Sha256: 73835f9dd494931cd0562ab2d4db8aaf3d54dca375abade1794ad1a12ae0d97c
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:35 GMT
accept-ranges: bytes
content-length: 9281
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9281), with no line terminators
Size:   9281
Md5:    57a347480fbe0b3d235993f4f1ec3b2c
Sha1:   ec01673e887c236765156496c7d00111238554d8
Sha256: 9097a2c579616889e829be95554ebf90ec5900045f4d2282cce31d5a999acc03
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 02 Nov 2022 02:50:57 GMT
accept-ranges: bytes
content-length: 217
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   217
Md5:    95e891f28e44a9b314c09545d86be2b7
Sha1:   f9b13a8bd47273b086a0a07df15f314e0af0bc3e
Sha256: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 2731
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2731
Md5:    e6fae855021a88a0067fcc58121c594f
Sha1:   6299ac3987b5e81725781799dad361d19ac3b99d
Sha256: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Tue, 15 Nov 2022 20:46:18 GMT
accept-ranges: bytes
content-length: 94889
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   94889
Md5:    71d925864153f0edf91037f3d31048e8
Sha1:   cc16a0524ac63b5ce29f703a66412224f0dd771a
Sha256: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
                                        
                                            GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.7.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:29 GMT
accept-ranges: bytes
content-length: 29253
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (29253), with no line terminators
Size:   29253
Md5:    0826f9aa4b7e761ea6044f29ba8e432a
Sha1:   7d3bec8f54ca99e00442ca3ae0026153376f80be
Sha256: 1cc1d2811dc382e9ea8c475cd9ad79b20227fb8a33e6b5225587f58134d99b77

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/css/owl.css?ver=2.3.4 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 3383
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3184)
Size:   3383
Md5:    1bd3b83cc9cd397000e5ad3464c2e3a0
Sha1:   8f34cf07f01f3e9e3d8b94ec154b98be4efe6d3c
Sha256: 17fab6429b4f6e18a1bac42a721588bb22b28d2ea93e020229e7f9084b6ad422

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/creote/assets/css/metabox.css?ver=6.1.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:35:58 GMT
accept-ranges: bytes
content-length: 2881
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2881
Md5:    2212d0fce79bcb42908c04ec2790ed21
Sha1:   1dc424b30df10354dc7c346235d10b80419b6d41
Sha256: 6a47cc1ba5231c130cdb08e39a2cf446137eb02240bbdce9a4223c191dedf020

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:22 GMT
accept-ranges: bytes
content-length: 3812
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3812
Md5:    9c6b63558e5de592c160563dbe08dd0d
Sha1:   e4969ab55cc566759623f6b4e1c7d6b3bcdc21cd
Sha256: 14a77bc82e039ce4be0d9ba9b0237495b0a9578d34eb92d444093d440f6190ba

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-8.css?ver=1648038231 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 23 Mar 2022 12:23:51 GMT
accept-ranges: bytes
content-length: 1117
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1117), with no line terminators
Size:   1117
Md5:    86260c336d08b259c7ba2f5b0216f572
Sha1:   e5f71f3fd57f2e06f23bd2b2f5c40a156ea724e6
Sha256: af796b5afc82063de93d0ff5457b58891ca2766609d424ee036ac405975b9e88

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-4522.css?ver=1648887314 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Sat, 02 Apr 2022 08:15:14 GMT
accept-ranges: bytes
content-length: 6705
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6705), with no line terminators
Size:   6705
Md5:    dbffa2cc485994ca012ab56c744ea698
Sha1:   2a6edbe2a3ac4540ff6fc8a7ee45c7f091e740dc
Sha256: 86f0fc589cec00596d07e4659f09b29d9accdd83f5a7ac33fb9a4c10ddc27610

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/css/swiper.min.css?ver=6.7.5 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 13884
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13620), with CRLF line terminators
Size:   13884
Md5:    b82aa82a218edc521f236b2f9fd64a00
Sha1:   c3802b9fa1cb116c6c03eacf609441b3650a5fe8
Sha256: 1c6ce2e342930fbcd80af7e49d262b7531b6cf87b9b582bc0481bf7c7f0fbb5e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/css/jquery.fancybox.min.css?ver=3.5.7 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 13735
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (13734), with no line terminators
Size:   13735
Md5:    35d290afd71a6053d8195ea13170b4e9
Sha1:   a64676403bb5c23f9800963b0b8f0475b532601f
Sha256: e467f75601e845da217ae845b688b227a19fbf1e8fc776a42a4905869496d2e2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/creote/style.css?ver=6.1.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:36:13 GMT
accept-ranges: bytes
content-length: 10475
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   10475
Md5:    601fa8ed1b759180edfa52a1bccf27d1
Sha1:   2db617a462c630929ef5466eca3209e478d4717d
Sha256: 43f5de6ef066a5d8ee8fd60c8afe41ef11ad656e2d41c3239c4b49c94099a8e6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:35 GMT
accept-ranges: bytes
content-length: 17809
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17809), with no line terminators
Size:   17809
Md5:    1ddf23fcfd1b2941c456ce01da8180a6
Sha1:   156ef5cc77061010e3f4123a47fa415c6391e5ff
Sha256: dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 23 Mar 2022 12:17:26 GMT
accept-ranges: bytes
content-length: 19128
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19082)
Size:   19128
Md5:    50be31853049e4b4a10c277d5f95eb75
Sha1:   ac2dffc0c65ad6b209fedf2169d0c50eb4119a3e
Sha256: b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/creote/assets/css/icomoon.css?ver=1.0.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:35:58 GMT
accept-ranges: bytes
content-length: 22790
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   22790
Md5:    6e3e35e1feba42330f8928d2c917aa8f
Sha1:   c857ba965580eeee888d7d451c304c2d184a7a62
Sha256: c84452932fecb1cdd792b4b1662f03673e9b5ca44aa8d05031e974d64708bc9d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/css/aos.css?ver=1.0.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 26053
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26053), with no line terminators
Size:   26053
Md5:    847da8fca8060ca1a70f976aab1210b9
Sha1:   0557d37454b67f42f2cb101e57e5070fb1193570
Sha256: 1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/creote/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:35:58 GMT
accept-ranges: bytes
content-length: 30609
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30447)
Size:   30609
Md5:    05c36119957d797d9467955acbd6b559
Sha1:   943ec236c7e0e9693169ebc952b9efa626f67aaa
Sha256: ec5aa0ea5b97d27c674757c8f2f9812a6ea490d4aefae08b78ae7752800fa7d2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:05 GMT
accept-ranges: bytes
content-length: 209831
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size:   209831
Md5:    9ed8fcb16418ff477a6c93fe33f86563
Sha1:   47be642692139a2ce63cf655cba31767cb7e8074
Sha256: 3f7c8f55c3c421a6f14efb39bf07abb73d1d244f194e133a2453913330e38819
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 18 Nov 2020 11:36:06 GMT
accept-ranges: bytes
content-length: 11224
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   11224
Md5:    79b4956b7ec478ec10244b5e2d33ac7d
Sha1:   a46025b9d05e3df30d610a8aef14f392c7058dc9
Sha256: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:35 GMT
accept-ranges: bytes
content-length: 62755
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Size:   62755
Md5:    979b8b56e801469d95453055366ef54c
Sha1:   cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
Sha256: d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
                                        
                                            GET /wp-content/plugins/creote-addons//assets/css/animate.css?ver=3.7.2 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 71757
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65341), with CRLF line terminators
Size:   71757
Md5:    6bb3d3878a972db2c6bb9c01264f755b
Sha1:   a884562320da3256afbe0767485b709a32f80a27
Sha256: 36317431694c83b2a0c5b265f4a141aa8a95debdfcac454e83caead0b908a9d0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 23 Mar 2022 12:17:12 GMT
accept-ranges: bytes
content-length: 107876
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   107876
Md5:    43ea9108ad47274899b65d9e3fc4715a
Sha1:   347eb087b05866892022ab4cd1367c928e75ffb6
Sha256: 315755559a48bac3057d5c047e8f37762cffa36a38432b53b4ecc6f252f564a4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 02 Nov 2022 02:51:02 GMT
accept-ranges: bytes
content-length: 89684
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   89684
Md5:    17738318d61d394f1de8890d589afaec
Sha1:   f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
Sha256: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/creote/assets/css/bootstrap.min.css?ver=5.1.2 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:35:57 GMT
accept-ranges: bytes
content-length: 163845
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65307)
Size:   163845
Md5:    4a5e8337357af46f8989279b732319eb
Sha1:   83872018f20bfc657f1c99a3507acaf94a84863c
Sha256: 84ca3805844c91d15fd11ff37b63523a1b7056d818b7b485aafb84786c5d6751

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/creote/assets/css/scss/elements/theme-css.css?ver=6.1.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:35:55 GMT
accept-ranges: bytes
content-length: 733261
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (748), with CRLF, LF line terminators
Size:   733261
Md5:    0d9300eb078da99a2dd8364cbf7e038f
Sha1:   525ceb26e7c15ba7748577418ca3a6c8f720c386
Sha256: 36127729da3073de808a582a1653188179afc6aaf90bb111ab56babba53d8d07
                                        
                                            GET /wp-content/uploads/2022/03/Untitled-1-01.png HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/png
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 15:36:28 GMT
accept-ranges: bytes
content-length: 24634
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 738 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size:   24634
Md5:    4af8d6921e1cca343eadc0664d039722
Sha1:   1881d851bf8ec2fd01718af9e49b8212623ff436
Sha256: ecf762b5e2b33963fb1c1a794ad27890178b1edb0fcc95b11f2ad668db134753
                                        
                                            GET /wp-content/uploads/2022/03/mi-01.png HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/png
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 15:38:06 GMT
accept-ranges: bytes
content-length: 19506
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 717 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size:   19506
Md5:    15886d453647386df635acce16afab26
Sha1:   6ad0774b5f27b3a12397349e99799e72a6994b15
Sha256: ca5fb8f0a14dec6fa06fa70082492e0d44fca38210a4e74dd183926dcf1da8f9
                                        
                                            GET /wp-content/uploads/2021/10/bn-01.png HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/png
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 09:22:32 GMT
accept-ranges: bytes
content-length: 73801
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 2967 x 988, 8-bit/color RGBA, non-interlaced\012- data
Size:   73801
Md5:    383245cd43ab9011712e555703d24cd2
Sha1:   fb5dba55bd24ad183b7a3a0af791ec837ac46985
Sha256: a8dd0ecdbf32525d839f3ec591ec1fea4e5da927be4f65dfb22fb07ca1b0c079
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Tue, 24 May 2022 22:06:45 GMT
accept-ranges: bytes
content-length: 18617
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   18617
Md5:    32beb68a374e3aeac00abdf9e12b84ea
Sha1:   b5d18aa625e8696dd9d07cd0869337717b211ae0
Sha256: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-85.css?ver=1648895473 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Sat, 02 Apr 2022 10:31:13 GMT
accept-ranges: bytes
content-length: 111
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   111
Md5:    709e864149528a8353e0d43ee0d583cf
Sha1:   85759936e3487d959e6c1b1479a26db52bae7be9
Sha256: 952b67efdb886028a6a517ad0f85c2bb623b142f27c0a3069efab09f90cbe6e3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-2940.css?ver=1648893891 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Sat, 02 Apr 2022 10:04:51 GMT
accept-ranges: bytes
content-length: 2576
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2576), with no line terminators
Size:   2576
Md5:    72c4b7585b57bd05f7d1eef8be7c23b8
Sha1:   14cde32fa512b6b4fcf2cdac340d54ea242f2052
Sha256: e53ad94a9603c4601ca16a338f3a71bf736613e7f3d3e6f6283d251a7fbc159a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:38:53 GMT
accept-ranges: bytes
content-length: 59154
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size:   59154
Md5:    aa4c7e30d0f121bf25a7f892dc618ea9
Sha1:   09dc35a42918427d0943cdf6c96805aeeed1664c
Sha256: 9435c8c132bbfd387d4b14f9e07d60c0ba7fb5a1eca2b49882f62b2ef113eee8
                                        
                                            GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:29 GMT
accept-ranges: bytes
content-length: 14927
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (14924), with no line terminators
Size:   14927
Md5:    157f18464a93eab7fb62a7f3e618ac2c
Sha1:   f47727e80d529d6e4941fea32f2e8a8ee5008b8a
Sha256: 9ed8f2a0e573467348e64fb1945eeac1698f32af9e9c723153eb7142d6a43306
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:37 GMT
accept-ranges: bytes
content-length: 21538
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (21538), with no line terminators
Size:   21538
Md5:    d017e13d65b4c79d9a22a4ab9e6bcdf6
Sha1:   f766dedd77e0f910742439a102a23dbeade89299
Sha256: 2ef1fc50a9d78f044028f3ba7378c5bbec0188de74a5217491040f9ba435fca4
                                        
                                            GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.7.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:29 GMT
accept-ranges: bytes
content-length: 24731
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (24731), with no line terminators
Size:   24731
Md5:    502ca2250b797193ecc051d0c323cbdd
Sha1:   3ba0ac15dad090633ddd4ac81472360692ad8bee
Sha256: 93a3315f4ee582595965f888b1381ac13f8fecb6b53df998495fbb4e759a5b1e
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Tue, 24 May 2022 22:06:30 GMT
accept-ranges: bytes
content-length: 6475
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   6475
Md5:    61449413a42d2daaa79dbe7298b40e21
Sha1:   d86c474164c603084397bdc50fb0e469d28b5772
Sha256: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 13:08:53 GMT
cache-control: public,max-age=3600
age: 2848
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 9720
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (9720), with no line terminators
Size:   9720
Md5:    cfb428c02811f0cbe515d5f3dca61de6
Sha1:   e95f8696fbe29a706e66ccf582b36d9bd650ab9f
Sha256: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 02 Nov 2022 02:51:09 GMT
accept-ranges: bytes
content-length: 17823
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size:   17823
Md5:    e495a4709e3eae31c67f8263f25d2d39
Sha1:   d43ba6a092e4823a71f3bff75d5ed279a481636b
Sha256: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
                                        
                                            GET /wp-content/themes/creote/assets/js/bootstrap.min.js?ver=5.1.2 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:35:58 GMT
accept-ranges: bytes
content-length: 78082
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65299)
Size:   78082
Md5:    cc843940a3254ae56458e230d7e382bb
Sha1:   d62f562caaf196df56839b241b1ef2832425cb3e
Sha256: eb01695619b7fad2a661c8f485c28fb534d73b1804350a7acc0e5b8736483d61
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/TweenMax.min.js?ver=1.18.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 115897
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32043)
Size:   115897
Md5:    7ae6465dae50c862dc55a547caa86a66
Sha1:   38cb690397f9eef5a9592efc9ce9e936e4e863cb
Sha256: a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/owl.js?ver=2.3.4 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 44348
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31998)
Size:   44348
Md5:    d00a6a4f038febc9b9e2623e5b05477a
Sha1:   c698fe5281789bdda3e9bf3d8868c0d26da1a4df
Sha256: 6003b424f43fcc42838fc2973447ad03801eda1999f6ca49828c9867fa6f62ad

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/countdown.js?ver=0.1.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 3479
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3328), with CRLF line terminators
Size:   3479
Md5:    b65e7be4b7c8aaa17ed9575f39b9a7f9
Sha1:   cb74b8ce61906eb528cb19f090269d48e7b7572b
Sha256: 150508eb477e1610c0a8b33c0c9e3e109b76d0026275308fe43cecfd9dcaa2d5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/jquery.fancybox.js?ver=3.5.7 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 159342
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   159342
Md5:    b55dbe08d21912bc18d49f38e50e6142
Sha1:   36a2851d9ba535be1d42c8c2e4353743ba0b2374
Sha256: 18bd6350d830b9717f8486f82cf89b303a5cc2b8694e3c3920589ee79ab97e5a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/isotope.min.js?ver=3.0.6 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 35456
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32019), with CRLF line terminators
Size:   35456
Md5:    5fb7c19c9c51cfb99f5ff942629f0f21
Sha1:   14c7f59e73d2a99aa688c2443a9a9b24acbff43c
Sha256: a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/simpleParallax.min.js?ver=5.2.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 9415
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9181), with CRLF line terminators
Size:   9415
Md5:    5e3f64d7d2b142860eb63a73b87b0c27
Sha1:   39f26de957c3e1f3a032f4ad27bf175778e684ea
Sha256: 5c659b80a39a476ac5d82c7c7816a1f48cb893add4133c4bcd8a8de93cc764c6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/appear.js?ver=1.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 4379
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4379
Md5:    5a457d262e3c32d25c003ca412ee7fe6
Sha1:   b08e23c986259073419a7068fcd36296a91b1ae4
Sha256: 46fb2235bcf84086a9b939ae509ecacc01bb31c68ba94e6473e31d8adebec3eb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/jquery.countTo.js?ver=1.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 3466
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3466
Md5:    5ac11c01ea3885061ce1d564f6a4f7ad
Sha1:   7c84e8385d0a002034af9700cd382e8f0f4a2e7b
Sha256: 65800a729f583f1366785a9890e856396f4563f7b1b2d3b8ea4e275950a65d5e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/sharer.js?ver=0.4.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 7422
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7422), with no line terminators
Size:   7422
Md5:    f8b43b9866591258d9d81157f636f70d
Sha1:   68d712fa5b0a65d1e408b4dfd4e2c6e87bffaccf
Sha256: 538221943061b9692f82e6fe1613593ec1bb177dd3dc18b9f591eeb61393279d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/hc-sticky.js?ver=2.2.7 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 10753
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10460)
Size:   10753
Md5:    06f4f90af91a01ea64e54b5d859bdbd2
Sha1:   7a88fa9811c5b19803222f28e8a12e321e63714e
Sha256: 6506ff9c2f00ae06448c66aec1a6e99a2e7bc2f2a68ecb9765b15c20ac381bf6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/aos.js?ver=1.0.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 15756
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15756), with no line terminators
Size:   15756
Md5:    b2796cc548f0cc01f8750deee9d7e1d2
Sha1:   acd76e0d813b6206cb230128edb8d917d1c1b98b
Sha256: f0000bf505fe88a47b03520b3d8785fa97d5d466da3d621fa3831d341f5d8dca

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/aos-active.js?ver=1.0.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 394
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   394
Md5:    d7096c7525da095fb282c7811953762b
Sha1:   7987464911dbec8bc4fae2164cb61bd1fbdc7d8e
Sha256: 37b3c8e6a7414dabcfc9c109a9b67066602080cc569978be4e70d6522a36845e
                                        
                                            GET /wp-content/themes/creote/assets/js/main.js?ver=1.0.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:35:58 GMT
accept-ranges: bytes
content-length: 11002
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   11002
Md5:    99b83aca4e0816b4e3c709da1dc354e3
Sha1:   154d9c12e7761a98a3de4a964fdae454090f4f35
Sha256: 0d76a3c5e70e90b01ed94c5a9657a7eb63f18f302b15a1fc19e11ccdcec9d4c7
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/sticky-header-desktop.js?ver=1.0.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 882
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   882
Md5:    5e9d025a8a7d9b7341ed86059b6b8fa4
Sha1:   cff17539e0991c9bc1f65254304c61fbb72835a1
Sha256: c542fe9925d03861fc9c2cd2aea725f04bcfe4c2ca3dace49b987e23ec25d3dd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/creote-addons/assets/js/creote-elemetor-extension.js?ver=1669298181 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 26628
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   26628
Md5:    1d92a995a4988b424787165053e9ff34
Sha1:   239fe828205bdb4a930a50e40b304bd9b4f0cd74
Sha256: 32f87466cc441649ba2d7e33e8ac6015786a7d7958f24186e891be572f0642f4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:38:54 GMT
accept-ranges: bytes
content-length: 386778
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64288)
Size:   386778
Md5:    811c3da189b804d68fced85b9a191e1e
Sha1:   bc4d1ec616ba622029414fbceb0bc8d9e903f3fc
Sha256: 3b0b8378134e79a3a7058080f4d617969ac9b159d448be7b15e595719e5c9518

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:37 GMT
accept-ranges: bytes
content-length: 9533
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9139)
Size:   9533
Md5:    87c54edf7dad7dfdfde015f6eee45ff1
Sha1:   96ec1a06ea3093c47e1e2fc4444ada7f4456135d
Sha256: ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:37 GMT
accept-ranges: bytes
content-length: 3037
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (3037), with no line terminators
Size:   3037
Md5:    8bc2109ef48cabf7a26b73d7c3536c5f
Sha1:   0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
Sha256: 8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 699
Cache-Control: max-age=156126
Date: Thu, 24 Nov 2022 13:56:22 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:18:28 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:37 GMT
accept-ranges: bytes
content-length: 1834
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1668)
Size:   1834
Md5:    d0a6d8547c66b0d7b0172466558d1208
Sha1:   ff93916519c7b9483251f609e4d29f38c30a66e3
Sha256: 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:37 GMT
accept-ranges: bytes
content-length: 2139
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2139), with no line terminators
Size:   2139
Md5:    b72c1cbb1530a011a27bd9800f26765a
Sha1:   27b825c5d8255f33b8427a059d4545ebd65e1746
Sha256: a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:37 GMT
accept-ranges: bytes
content-length: 2938
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2938), with no line terminators
Size:   2938
Md5:    0fd625c3991a4015814cffdc88e2fc82
Sha1:   d7c2f53e058210ff3ea773297641008bab71a5f3
Sha256: 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.12.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:22 GMT
accept-ranges: bytes
content-length: 4605
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4605), with no line terminators
Size:   4605
Md5:    835ad06a1628a86c8c14947160caff1a
Sha1:   cdb2b9bc32e1961567a38537aa38e004de3a6d42
Sha256: 5b5ffd94d5fe01f62fcd7fbf7d2fa4b479b169409ef2238c043face232183492

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 23 Mar 2022 12:17:26 GMT
accept-ranges: bytes
content-length: 4960
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4921)
Size:   4960
Md5:    9f78b3ee0703284055e0a0151757b584
Sha1:   68f0b5ed88ed3de0bcd49dda79ae0d1a236f540c
Sha256: 6b417383c25554eb37e8d178bae67272ed19daba517ed00671fccf2d0b49530e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 23 Mar 2022 12:17:24 GMT
accept-ranges: bytes
content-length: 14277
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14238)
Size:   14277
Md5:    c050ce35cf2420d5840d8dd0227c1de9
Sha1:   2d65f0fa6da633a8e9fde9413cff10f508e7bde9
Sha256: 838aa5043b6aaa11fdf99582235b1638cb182180c0f601edc893ae1df6e9893a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:40:22 GMT
accept-ranges: bytes
content-length: 11900
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11827)
Size:   11900
Md5:    06a3b48689b0314af6c5da5b6ff27bfd
Sha1:   a98a815d90cba195409d39bd74d31b1e6f9dbf95
Sha256: 4cd7a0d2c9eb03966a0dc60658526c20fa4e8ee4a0660da469f55edaf9a18c9f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 23 Mar 2022 12:17:35 GMT
accept-ranges: bytes
content-length: 12198
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   12198
Md5:    3819c3569da71daec283a75483735f7e
Sha1:   ecd40a5cc6f0b76200c454ca880210dc301cfab8
Sha256: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 02 Nov 2022 02:51:03 GMT
accept-ranges: bytes
content-length: 21440
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   21440
Md5:    034bd11ecaf6fb9240d905245e42e202
Sha1:   ff136c394ed95badfc0107fb98a890dcff642828
Sha256: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 23 Mar 2022 12:17:24 GMT
accept-ranges: bytes
content-length: 37674
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (37635)
Size:   37674
Md5:    78a799135871a38563e18dcaf6589668
Sha1:   8efe4b9e9c6ee5f0e118da3f65a90c19fde1e608
Sha256: cdf438c27294539b20f4949df8192574f18b1852c9f6c61ce4a2096057947852
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/css
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:39:35 GMT
accept-ranges: bytes
content-length: 7043
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7043), with no line terminators
Size:   7043
Md5:    456663a286a204386735fd775542a59e
Sha1:   0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
Sha256: a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/creote/assets/images/preloader.gif HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/gif
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:35:58 GMT
accept-ranges: bytes
content-length: 16479
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 64 x 64\012- data
Size:   16479
Md5:    87904c1852f61f0734451c925d923758
Sha1:   7f9c312fbf39a9806c1dfb71375f3afb07eb084e
Sha256: a8cca5d27a7319c97cc1510091d3ecc0798a6dea27b6feb3cac2e188def2c317
                                        
                                            GET /wp-content/themes/creote/assets/webfonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://buun.so/wp-content/themes/creote/assets/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: font/woff2
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:36:02 GMT
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            GET /wp-content/themes/creote/assets/webfonts/fonts/icomoon.ttf?lruvdg HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/wp-content/themes/creote/assets/css/icomoon.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: font/ttf
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:36:01 GMT
accept-ranges: bytes
content-length: 251032
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size:   251032
Md5:    04976f07ea2c4e9fb750a6136956adc9
Sha1:   b02777c05eb463ea1aa1751f61a741eed481ed5f
Sha256: 8570b6d9da4d8b60e86999ac5c689e4710e7c5acae7f7a41080598e3dfecd324

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2022/03/cmn-01-compressed-1536x1536.jpg HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-frame-options: SAMEORIGIN
last-modified: Tue, 22 Mar 2022 08:40:34 GMT
accept-ranges: bytes
content-length: 273219
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1536x1536, components 3\012- data
Size:   273219
Md5:    8ab840a022557e3e669b7c1ecf91e58a
Sha1:   6b18e4a161773cda0dffe2f35123b085c750c2f4
Sha256: 016dcaeb5e6425aed56c95178376c02ea730b420410e5422389bf791ff297013
                                        
                                            GET /maps?q=mogadishu%20somalia&t=m&z=11&output=embed&iwloc=near HTTP/1.1 
Host: maps.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.14
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Thu, 24 Nov 2022 13:56:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1smogadishu+somalia!5e0!6i11
server: mafe
content-length: 286
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   286
Md5:    00e7f11748e308c418bd2a839af3cd53
Sha1:   e45b5c408ce314d3ed19086cdcd9b0e465bc135b
Sha256: 011e29e579861eb05a633e576374aff35a93b98cce5fe2f2287feec5a3754ff2
                                        
                                            GET /wp-content/uploads/2022/03/trn-01-compressed-1536x1536.jpg HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-frame-options: SAMEORIGIN
last-modified: Tue, 22 Mar 2022 08:44:34 GMT
accept-ranges: bytes
content-length: 298893
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1536x1536, components 3\012- data
Size:   298893
Md5:    66a0f14c1b26ba8911e8d9ce693d56c2
Sha1:   5f1fcc219dedc2bb94c4be06fd76fe5535d98334
Sha256: b0477d13f2b999e01ab8250e4c7c4ef36e614dd198bfe029895815d6f2840331
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/spartan/v14/l7gfbjR61M69yt8Z2QKtlA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://buun.so
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 21:13:32 GMT
expires: Wed, 22 Nov 2023 21:13:32 GMT
cache-control: public, max-age=31536000
age: 146570
last-modified: Tue, 23 Aug 2022 17:58:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31928, version 1.0\012- data
Size:   31928
Md5:    3b3351368e211c09efa0c97b48c8ed66
Sha1:   40da6bbeb1918801457ad57d0e7fd362ee1a6acb
Sha256: f59cc23a049db17ddf37d28c7d4f296442fe7dd8679660af0234664df1a38272
                                        
                                            GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://buun.so
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:03:56 GMT
expires: Fri, 24 Nov 2023 06:03:56 GMT
cache-control: public, max-age=31536000
age: 28346
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size:   37924
Md5:    e08be6d5d433944f7ad52902e4d24db5
Sha1:   e2600c1d60d12d397b3ee44411a021231d71e974
Sha256: 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
                                        
                                            GET /wp-content/uploads/2022/03/rde-01-min-1536x1536.png HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/png
                                        
x-frame-options: SAMEORIGIN
last-modified: Tue, 22 Mar 2022 08:22:00 GMT
accept-ranges: bytes
content-length: 2743471
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1536 x 1536, 8-bit/color RGBA, non-interlaced\012- data
Size:   2743471
Md5:    60fdb4c2f8c178ef0b86045aeac0f837
Sha1:   c767b1b4e6960db2cabaf7d0116a632bf0cbd174
Sha256: 73af399953a10ef6e4e8e5367307e4ccb630b0cbb5aa98882d554a9e27656147
                                        
                                            GET /wp/creote/v1/wp-content/uploads/2021/10/areaof-ecp-1.jpg HTTP/1.1 
Host: themepanthers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         170.249.194.26
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 13:56:22 GMT
last-modified: Fri, 04 Feb 2022 13:31:59 GMT
accept-ranges: bytes
content-length: 140665
date: Thu, 24 Nov 2022 13:56:22 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x720, components 3\012- data
Size:   140665
Md5:    5a0c17fbcf297743f211fedd7a343e11
Sha1:   5823cfa77a54f7cf985206e3827d8076e9d7aaa9
Sha256: 59fd108232774ad37df1c9467804219e844c6a6f8f73b1232c5179a9bbe01589
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0tpGPZuQV4LeOnL4yE0xgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.252.32
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VBwf1JmK/crWSmSoYOxEMZuNn6g=

                                        
                                            GET /wp-content/uploads/2022/03/ddgll-01-1536x1536.png HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/png
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 17:24:32 GMT
accept-ranges: bytes
content-length: 3226643
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1536 x 1536, 8-bit/color RGBA, non-interlaced\012- data
Size:   3226643
Md5:    01386d55ba3affbd8c94cb68b201e855
Sha1:   72088fe3797a57df93017361b218985b0484af84
Sha256: 9118609d59c599b48ada2cf29adc36ff0dd954b333ccc4554087e1078386cf72
                                        
                                            GET /wp/creote/v1/wp-content/uploads/2021/10/about-img-1-min.png HTTP/1.1 
Host: themepanthers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         170.249.194.26
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 13:56:22 GMT
last-modified: Fri, 04 Feb 2022 13:31:59 GMT
accept-ranges: bytes
content-length: 119867
date: Thu, 24 Nov 2022 13:56:22 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 698 x 563, 8-bit colormap, non-interlaced\012- data
Size:   119867
Md5:    d6efb1ae050d663b6952e3fd0bf867f8
Sha1:   c586b5044292e7c03a01917864ef0dcd12c350d9
Sha256: 923b23e549ccae4cceeaaa261fbacb15478aace7b651224769a7e2b821091622
                                        
                                            GET /wp-content/uploads/2022/03/drne-01-compressed-1536x1536.jpg HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-frame-options: SAMEORIGIN
last-modified: Tue, 22 Mar 2022 08:28:51 GMT
accept-ranges: bytes
content-length: 126791
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 13:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp/creote/v1/wp-content/uploads/2022/01/banner-replace-2-1.jpg HTTP/1.1 
Host: themepanthers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         170.249.194.26
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 13:56:22 GMT
last-modified: Sat, 26 Feb 2022 04:12:10 GMT
accept-ranges: bytes
content-length: 170391
date: Thu, 24 Nov 2022 13:56:22 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:10:24 07:56:37], baseline, precision 8, 1920x880, components 3\012- data
Size:   170391
Md5:    2861cee9fcb9318e05fcb37dc143f424
Sha1:   4e7b720431bb5592f92bfa7f43b5366873197316
Sha256: cd5a2dc551cf6e3ccb53f88d3166e94dce32ea874d73a596dfccde81f8694ee5
                                        
                                            GET /wp/creote/v1/wp-content/uploads/2022/01/banner-replace-3-1.jpg HTTP/1.1 
Host: themepanthers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         170.249.194.26
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 13:56:22 GMT
last-modified: Sat, 26 Feb 2022 04:11:42 GMT
accept-ranges: bytes
content-length: 129135
date: Thu, 24 Nov 2022 13:56:22 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:10:24 07:57:14], baseline, precision 8, 1920x880, components 3\012- data
Size:   129135
Md5:    778b58938d7c7d99c39ada47a22b11c5
Sha1:   82a9a044490d5326fd9cef38f359d0af626c1e11
Sha256: a7eaafb20390d9654922fa9f351372f80734bd109408e153de973eb16d787748
                                        
                                            GET /wp/creote/v1/wp-content/uploads/2022/01/banner-replace-1-1.jpg HTTP/1.1 
Host: themepanthers.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         170.249.194.26
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 13:56:22 GMT
last-modified: Sat, 26 Feb 2022 04:13:31 GMT
accept-ranges: bytes
content-length: 122562
date: Thu, 24 Nov 2022 13:56:22 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:10:24 07:56:00], baseline, precision 8, 1920x880, components 3\012- data
Size:   122562
Md5:    e75429315cd3a5a419037b19fb4396f1
Sha1:   f18713d3225b1b06aabdd58db52cf1d6ef81b1ec
Sha256: d915583ae4326fc86f695c391aeb42363ce38fe4972eb78b2ab05fecfde378c6
                                        
                                            POST /?wc-ajax=get_refreshed_fragments HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://buun.so
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
access-control-allow-origin: https://buun.so
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10874
Md5:    af7fce8f644ac1c20a7e22d343f119aa
Sha1:   3f93ee5aac992917d657735a0fb132eabb9f7519
Sha256: 60ed385294e2c59dc6ef3691b35507a44d39f99c6647c399c592dda79f6035ca
                                        
                                            GET /wp-content/plugins/elementor/assets/js/lightbox.2b2c155d6ec60974d8c4.bundle.min.js HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 23 Mar 2022 12:17:24 GMT
accept-ranges: bytes
content-length: 29276
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (29237)
Size:   29276
Md5:    2e471fc578093bd029f64a8707e48667
Sha1:   93ad8b07d3ec0686aa76ef61d122b90bcdb0906b
Sha256: 7b0239f40048034e6d776c33d1321893d472391dd01d7955626bff729a04fc04

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.0 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Wed, 23 Mar 2022 12:17:32 GMT
accept-ranges: bytes
content-length: 2578
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2577)
Size:   2578
Md5:    9bb8540493a7fe11b229870eb37be165
Sha1:   d77f17cb9057dc8f622b8c0bf23f6acb739b3b8e
Sha256: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2021/10/project-6-img.jpg HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:48:04 GMT
accept-ranges: bytes
content-length: 49033
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 731x488, components 3\012- data
Size:   49033
Md5:    c32837b7bb95db5a256d42cc5f286f6b
Sha1:   bd712b313508dd7537578b9066cc0a830d698ace
Sha256: 35066f4426c7d3daa2697cf626aa5f943a49a990ca1468c78922301515726bee
                                        
                                            GET /wp-content/uploads/2021/10/project-4-img.jpg HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:48:03 GMT
accept-ranges: bytes
content-length: 42237
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 827x465, components 3\012- data
Size:   42237
Md5:    57c2f999e9a007cbfdca6383643ecf29
Sha1:   43a5111e4a7887dc5b4ef5c016abace5e927ef6a
Sha256: 7445cab07a90da139cce4399fa6242bbcd54ac652f70676f79fd3899437ba65d
                                        
                                            GET /wp-content/uploads/2021/10/project-5-img.jpg HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:48:04 GMT
accept-ranges: bytes
content-length: 76239
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 887x591, components 3\012- data
Size:   76239
Md5:    a3f989b68377db7f26cfc018d89ca338
Sha1:   a35e91eba83e7385246335b319898dd7bf0aaee8
Sha256: e61797d82310deba7d3016331694e9174ff3e9e091c050eede6b7b2a2771caa8
                                        
                                            GET /wp-content/uploads/2021/10/project-3-img.jpg HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:48:02 GMT
accept-ranges: bytes
content-length: 44762
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 742x495, components 3\012- data
Size:   44762
Md5:    90dc6a9c98dce09cab3985a5a46e14f0
Sha1:   5844c58297aa5c6868e0ac4d6b9c5e8de41645fd
Sha256: e0e9e75eb4fe52cd465e1f7d9bb02e50318d2f3d9eadc5c646e9c94db1b5792c
                                        
                                            GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://buun.so/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: image/png
                                        
x-frame-options: SAMEORIGIN
last-modified: Tue, 16 Nov 2021 02:34:02 GMT
accept-ranges: bytes
content-length: 4119
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   4119
Md5:    000bf649cc8f6bf27cfb04d1bcdcd3c7
Sha1:   d73d2f6d74ec6cdcbae07955592962e77d8ae814
Sha256: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:38:54 GMT
accept-ranges: bytes
content-length: 128805
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   927
Md5:    9fad5bd586fb6c90b0a1b676e7f70e1c
Sha1:   a0ee525c1c2552f3d5b3d28fccbc6db172bbd20f
Sha256: 0708ed476012901abc691c8a18f694eba6dc2b8c070c97a967426b5db7d05a66
                                        
                                            GET /maps-api-v3/embed/js/51/1/init_embed.js HTTP/1.1 
Host: maps.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 07:12:45 GMT
expires: Thu, 23 Nov 2023 07:12:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 21:36:22 GMT
age: 110618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2669)
Size:   68704
Md5:    c088038bb01fdc7f15f21e2216b6b8b4
Sha1:   fa724c5616022f6825ac476354c492b0bf544d21
Sha256: b0ecfa74efada796d206177e1bc78c7ac75250608051c6576335c6231fc2de78
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17830
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:56:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17830
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:56:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17830
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:56:23 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 58111
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7993
Md5:    92c78302bcce1568eb6a5563100b932c
Sha1:   43d1dec7fc06879988c9c3cadd800cc8145df988
Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 24359
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6789
Md5:    d9d93b2a6875d446c3467eb49767eef5
Sha1:   303c571b13b05fcf27ee1159d8fdf6369aaef0a2
Sha256: 2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 58036
etag: "89accd230fba95fe0049678070817b36ead015fa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5070
Md5:    0856fdb55f19f03a1bec38b3d6e0ac77
Sha1:   89accd230fba95fe0049678070817b36ead015fa
Sha256: 17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11969
x-amzn-requestid: e7ab6bb2-9bc5-4862-901b-32f18322db46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwBJFkUoAMFRFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e93a0-56d902c0481eef0932dad57c;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:41:52 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zluh8EkvyvbxVT_lmb1uh3eLph9eMUrsuLlwPYAOmP9-sWAhGyxeMw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
age: 58274
etag: "6bd60504d4450a090e6f82d15f2f28b371e4dfcc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11969
Md5:    1234c13159d1531a698ece38a3bd7ff6
Sha1:   6bd60504d4450a090e6f82d15f2f28b371e4dfcc
Sha256: 488a827d4d2074371860dd556b3611c56a19502d3348e0a7d35c4f7556f63b3a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 31915
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 56887
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7462
Md5:    b4157f2c5c3c77ce699324ecb08f47c7
Sha1:   a7d9135f9d01ba13c3cdaf8b038c70212f159297
Sha256: 2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 66137
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   16002
Md5:    2c5e576c986fa3babe2c32f4a7ca3f3c
Sha1:   2f9f0aaf63ec000b07fc073c26fddfb6ab4e4466
Sha256: f560931ec3844307c32fb2b1503925261fc99f30ecd22d27664b104e13e5567c
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 85733
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET / HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
link: <https://buun.so/wp-json/>; rel="https://api.w.org/", <https://buun.so/wp-json/wp/v2/pages/4522>; rel="alternate"; type="application/json", <https://buun.so/>; rel=shortlink
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
link: <https://buun.so/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
location: https://buun.so/wp-includes/images/w-logo-blue-white-bg.png
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:22 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:56:21 GMT
date: Thu, 24 Nov 2022 13:56:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: mail.buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         65.108.230.52
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
x-redirect-by: WordPress
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
location: https://buun.so/
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:20 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Spartan%3A400%2C500%2C600%2C700%2C800%2C900%7CInter%3A300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:56:21 GMT
date: Thu, 24 Nov 2022 13:56:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/creote-addons//assets/js/swiper.min.js?ver=6.7.5 HTTP/1.1 
Host: buun.so
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buun.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         65.108.230.52
HTTP/2 200 OK
content-type: application/javascript
                                        
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Mar 2022 08:37:37 GMT
accept-ranges: bytes
content-length: 145825
x-xss-protection: 1; mode=block
date: Thu, 24 Nov 2022 13:56:21 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---