urlquery - report: nsk1922.rs/m&tsupport/login.php?country=3D&iso=3D&online

Overview

URL	nsk1922.rs/m&tsupport/login.php?country=3D&iso=3D&online_id=3De112=
IP	65.108.229.254
ASN	Hetzner Online GmbH
Location	Finland
Report completed	2022-07-07 01:38:31 UTC
Status	Loading report..
urlquery Alerts	Phishing website detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-07	2	nsk1922.rs/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357 (...)	Phishing
2022-07-07	2	nsk1922.rs/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js	Phishing
2022-07-07	2	nsk1922.rs/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357 (...)	Phishing
2022-07-07	2	nsk1922.rs/Assets/scripts/Login/Index.js	Phishing
2022-07-07	2	nsk1922.rs/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js	Phishing
2022-07-07	2	nsk1922.rs/Assets/scripts/Login/Index.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (12)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP
[Mnemonic Passive DNS]	resources.mtb.com (8)	144011	2017-02-19 08:29:38 UTC	2022-07-06 04:23:22 UTC	192.216.61.78
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-06 19:05:02 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-06 04:47:23 UTC	54.191.222.112
[Mnemonic Passive DNS]	nsk1922.rs (7)	308022	2021-12-25 15:42:13 UTC	2022-04-21 05:49:30 UTC	65.108.229.254
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.118
[Mnemonic Passive DNS]	r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-07-06 04:41:34 UTC	23.36.77.32
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-06 04:55:23 UTC	54.230.111.14
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	nexus.ensighten.com (1)	2786	2012-05-23 18:34:00 UTC	2022-03-10 22:56:36 UTC	18.200.176.246
[Mnemonic Passive DNS]	ocsp.entrust.net (11)	1208	2013-04-21 23:03:10 UTC	2022-07-06 04:41:48 UTC	104.110.10.32
[Mnemonic Passive DNS]	asset.mtb.com (1)	246397	2017-02-13 04:24:51 UTC	2022-07-06 04:23:23 UTC	54.230.111.37
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-06 17:02:11 UTC	34.120.237.76

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 65.108.229.254

Date	UQ / IDS / BL	URL	IP
2022-07-25 20:57:17 +0000	0 - 0 - 2	https://nsk1922.rs//live/fewfedefeddsfdsfdsfd (...)	65.108.229.254
2022-07-25 20:57:02 +0000	0 - 0 - 2	https://nsk1922.rs//live/asdasffbgfbgdrhryjut (...)	65.108.229.254
2022-07-25 20:56:39 +0000	0 - 0 - 2	https://nsk1922.rs//live/t4t4z9ytyt@94h943h4f (...)	65.108.229.254
2022-07-25 20:56:18 +0000	0 - 0 - 2	https://nsk1922.rs//live/	65.108.229.254
2022-07-25 11:43:34 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=bad (...)	65.108.229.254
2022-07-25 11:38:29 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=589 (...)	65.108.229.254
2022-07-09 06:34:03 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=bad (...)	65.108.229.254
2022-07-08 20:11:33 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=e11 (...)	65.108.229.254
2022-07-08 14:25:55 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=589 (...)	65.108.229.254
2022-07-08 14:23:41 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=bad (...)	65.108.229.254

Last 10 reports on ASN: Hetzner Online GmbH

Date	UQ / IDS / BL	URL	IP
2022-08-20 04:59:07 +0000	2 - 0 - 0	www.tids.biz/	78.46.48.204
2022-08-20 04:02:02 +0000	0 - 0 - 28	aszoran.hr/natus-aut/documents.zip	95.217.76.40
2022-08-20 02:03:35 +0000	0 - 0 - 1	biodigy.ro/aaa/mtt/login.php	188.40.93.203
2022-08-20 01:58:22 +0000	0 - 0 - 6	odeon.co.in/js/jXaaAx2dNgG0/	148.251.13.45
2022-08-20 01:57:03 +0000	0 - 0 - 8	odeon.co.in/js/jeI6pySSN3302iiZvN/	148.251.13.45
2022-08-20 00:23:48 +0000	2 - 0 - 0	shincheonji.eu/	88.99.160.140
2022-08-19 22:51:53 +0000	2 - 0 - 0	www.tids.biz/	78.46.48.204
2022-08-19 22:48:43 +0000	0 - 0 - 1	siasky.net/eaagbwrx950hfvfyvzrpuaxr91cctcflll (...)	65.21.195.162
2022-08-19 20:34:42 +0000	0 - 0 - 2	odeon.co.in/js/jXaaAx2dNgG0/	148.251.13.45
2022-08-19 20:33:14 +0000	0 - 0 - 2	odeon.co.in/js/jeI6pySSN3302iiZvN/	148.251.13.45

Last 10 reports on domain: nsk1922.rs

Date	UQ / IDS / BL	URL	IP
2022-07-25 20:57:17 +0000	0 - 0 - 2	https://nsk1922.rs//live/fewfedefeddsfdsfdsfd (...)	65.108.229.254
2022-07-25 20:57:02 +0000	0 - 0 - 2	https://nsk1922.rs//live/asdasffbgfbgdrhryjut (...)	65.108.229.254
2022-07-25 20:56:39 +0000	0 - 0 - 2	https://nsk1922.rs//live/t4t4z9ytyt@94h943h4f (...)	65.108.229.254
2022-07-25 20:56:18 +0000	0 - 0 - 2	https://nsk1922.rs//live/	65.108.229.254
2022-07-25 11:43:34 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=bad (...)	65.108.229.254
2022-07-25 11:38:29 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=589 (...)	65.108.229.254
2022-07-09 06:34:03 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=bad (...)	65.108.229.254
2022-07-08 20:11:33 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=e11 (...)	65.108.229.254
2022-07-08 14:25:55 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=589 (...)	65.108.229.254
2022-07-08 14:23:41 +0000	0 - 0 - 2	nsk1922.rs/m&tsupport/login.php?online_id=bad (...)	65.108.229.254

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (45)

Request	Response
GET /m&tsupport/login.php?country=3D&iso=3D&online_id=3De112= HTTP/1.1 Host: nsk1922.rs User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 295 Md5: 423d94ebd61846dcdc529ff8e4ee34c1$ 65.108.229.254 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Thu, 07 Jul 2022 01:38:18 GMT Server: Apache Location: https://nsk1922.rs/m&tsupport/login.php?country=3D&iso=3D&online_id=3De112= Content-Length: 295 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 295 Md5: 423d94ebd61846dcdc529ff8e4ee34c1 Sha1: af5e7a8fced06dc3c3c0b269bc62175e70c08f60 Sha256: 0ad2d8d0a6c9ffb755efd6fd812cf1ae4a94335afb814146735ab67622cf4335 Alerts: urlquery: - Phishing website detected
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.118 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 07 Jul 2022 00:56:25 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: FjTxQARJZw9mEprKCvwb3d7T8J4Eb-aLAHvXd_ZLXLMrEkBIquvNGw== Age: 2513 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666" Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7632 Expires: Thu, 07 Jul 2022 03:45:30 GMT Date: Thu, 07 Jul 2022 01:38:18 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1bd93fff937cfdc8744b841243b93fd5 Sha1: 240c31be9cdaeb5d1e4f9e3558c812ba007e6d22 Sha256: 78a5dcfaf2d93d9c87cfb6dbc56100e9f22965d4500554ba65f71cb7d84dd666
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Wed, 06 Jul 2022 03:26:46 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: WUe3gUms4QsEugRBBy5HhnuLhkpvnsXZRrnX03ostvcwhoPuBrYQ_g== age: 79893 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:38:19 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9 HTTP/1.1 Host: nsk1922.rs User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/m&tsupport/login.php?country=3D&iso=3D&online_id=3De112= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f$ 65.108.229.254 HTTP/2 404 Not Found content-length: 315 content-type: text/html; charset=iso-8859-1 date: Thu, 07 Jul 2022 01:38:19 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1 Host: nsk1922.rs User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/m&tsupport/login.php?country=3D&iso=3D&online_id=3De112= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f$ 65.108.229.254 HTTP/2 404 Not Found content-length: 315 content-type: text/html; charset=iso-8859-1 date: Thu, 07 Jul 2022 01:38:19 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17 HTTP/1.1 Host: nsk1922.rs User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/m&tsupport/login.php?country=3D&iso=3D&online_id=3De112= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f$ 65.108.229.254 HTTP/2 404 Not Found content-length: 315 content-type: text/html; charset=iso-8859-1 date: Thu, 07 Jul 2022 01:38:19 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
GET /Assets/scripts/Login/Index.js HTTP/1.1 Host: nsk1922.rs User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/m&tsupport/login.php?country=3D&iso=3D&online_id=3De112= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f$ 65.108.229.254 HTTP/2 404 Not Found content-length: 315 content-type: text/html; charset=iso-8859-1 date: Thu, 07 Jul 2022 01:38:19 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1 Host: nsk1922.rs User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/m&tsupport/login.php?country=3D&iso=3D&online_id=3De112= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f$ 65.108.229.254 HTTP/2 404 Not Found content-length: 315 content-type: text/html; charset=iso-8859-1 date: Thu, 07 Jul 2022 01:38:19 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
GET /mtbank/OE-Prod/Bootstrap.js HTTP/1.1 Host: nexus.ensighten.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	18.200.176.246 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:38:19 GMT content-type: application/javascript; charset=utf-8 content-length: 47 last-modified: Mon, 01 Apr 2013 06:07:33 GMT etag: "51592425-2f" expires: Thu, 07 Jul 2022 01:38:18 GMT cache-control: no-cache, no-store accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 47 Md5: 44668e06996659f6b6ee4132fce33b33 Sha1: e0c9544d8fa1707bcf9241435b9d2f985825f45a Sha256: 2179619d4ea1daa8e9dd10fadee9f787ac5fbab3b50ad2d8020c94b89c534e59
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "009B914A972BE5AC84BD66570A390D3C61993F56A2FDE97B40CEB50621E702AD" Last-Modified: Wed, 06 Jul 2022 23:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3530 Expires: Thu, 07 Jul 2022 02:37:09 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: f0c5d08e16f887dfb6fc57b0c05721cc Sha1: 1c62fca3b361a122323a3ab67391ab6ef729491d Sha256: 009b914a972be5ac84bd66570a390d3c61993f56a2fde97b40ceb50621e702ad
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "009B914A972BE5AC84BD66570A390D3C61993F56A2FDE97B40CEB50621E702AD" Last-Modified: Wed, 06 Jul 2022 23:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3530 Expires: Thu, 07 Jul 2022 02:37:09 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: f0c5d08e16f887dfb6fc57b0c05721cc Sha1: 1c62fca3b361a122323a3ab67391ab6ef729491d Sha256: 009b914a972be5ac84bd66570a390d3c61993f56a2fde97b40ceb50621e702ad
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "009B914A972BE5AC84BD66570A390D3C61993F56A2FDE97B40CEB50621E702AD" Last-Modified: Wed, 06 Jul 2022 23:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3530 Expires: Thu, 07 Jul 2022 02:37:09 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: f0c5d08e16f887dfb6fc57b0c05721cc Sha1: 1c62fca3b361a122323a3ab67391ab6ef729491d Sha256: 009b914a972be5ac84bd66570a390d3c61993f56a2fde97b40ceb50621e702ad
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "009B914A972BE5AC84BD66570A390D3C61993F56A2FDE97B40CEB50621E702AD" Last-Modified: Wed, 06 Jul 2022 23:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3530 Expires: Thu, 07 Jul 2022 02:37:09 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: f0c5d08e16f887dfb6fc57b0c05721cc Sha1: 1c62fca3b361a122323a3ab67391ab6ef729491d Sha256: 009b914a972be5ac84bd66570a390d3c61993f56a2fde97b40ceb50621e702ad
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "009B914A972BE5AC84BD66570A390D3C61993F56A2FDE97B40CEB50621E702AD" Last-Modified: Wed, 06 Jul 2022 23:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3429 Expires: Thu, 07 Jul 2022 02:35:28 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: f0c5d08e16f887dfb6fc57b0c05721cc Sha1: 1c62fca3b361a122323a3ab67391ab6ef729491d Sha256: 009b914a972be5ac84bd66570a390d3c61993f56a2fde97b40ceb50621e702ad
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "E1D50739BD56E2BC2E18E98814FD82D8111158DF6DF80366A4CF30A8890083FA" Last-Modified: Wed, 06 Jul 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3494 Expires: Thu, 07 Jul 2022 02:36:33 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: a93a09e9c778cc20ddc885f23547f434 Sha1: b35eab7810575e5b1d21e6856aad362068786086 Sha256: e1d50739bd56e2bc2e18e98814fd82d8111158df6df80366a4cf30a8890083fa
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "E1D50739BD56E2BC2E18E98814FD82D8111158DF6DF80366A4CF30A8890083FA" Last-Modified: Wed, 06 Jul 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3408 Expires: Thu, 07 Jul 2022 02:35:07 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: a93a09e9c778cc20ddc885f23547f434 Sha1: b35eab7810575e5b1d21e6856aad362068786086 Sha256: e1d50739bd56e2bc2e18e98814fd82d8111158df6df80366a4cf30a8890083fa
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "E1D50739BD56E2BC2E18E98814FD82D8111158DF6DF80366A4CF30A8890083FA" Last-Modified: Wed, 06 Jul 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3538 Expires: Thu, 07 Jul 2022 02:37:17 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: a93a09e9c778cc20ddc885f23547f434 Sha1: b35eab7810575e5b1d21e6856aad362068786086 Sha256: e1d50739bd56e2bc2e18e98814fd82d8111158df6df80366a4cf30a8890083fa
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "E1D50739BD56E2BC2E18E98814FD82D8111158DF6DF80366A4CF30A8890083FA" Last-Modified: Wed, 06 Jul 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3388 Expires: Thu, 07 Jul 2022 02:34:47 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: a93a09e9c778cc20ddc885f23547f434 Sha1: b35eab7810575e5b1d21e6856aad362068786086 Sha256: e1d50739bd56e2bc2e18e98814fd82d8111158df6df80366a4cf30a8890083fa
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "E1D50739BD56E2BC2E18E98814FD82D8111158DF6DF80366A4CF30A8890083FA" Last-Modified: Wed, 06 Jul 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3535 Expires: Thu, 07 Jul 2022 02:37:14 GMT Date: Thu, 07 Jul 2022 01:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: a93a09e9c778cc20ddc885f23547f434 Sha1: b35eab7810575e5b1d21e6856aad362068786086 Sha256: e1d50739bd56e2bc2e18e98814fd82d8111158df6df80366a4cf30a8890083fa
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.118 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Thu, 07 Jul 2022 01:34:57 GMT Cache-Control: max-age=3600 Expires: Thu, 07 Jul 2022 02:08:40 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: i4rl-Gy319jsc__9cLlKAwdhml10uNzNmzB1VIHsBgL0Tm-JP2H2xQ== Age: 203 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /r/simple-layout-responsive/css.mtb?v=08132020140516 HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	192.216.61.78 HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Expires: Fri, 07 Jul 2023 01:38:19 GMT Last-Modified: Thu, 07 Jul 2022 01:38:18 GMT ETag: "1657157899:dtagent10241220422021336cTAl" Vary: User-Agent Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Srv: M-SC-01 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="859048175" Date: Thu, 07 Jul 2022 01:38:19 GMT ntCoent-Length: 258129 Cache-Control: private Content-Encoding: gzip Transfer-Encoding: chunked Set-Cookie: dtCookie=v_4_srv_9_sn_E934159FE7B61C3E165F066FBF451065_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TSf60233d5027=08affc4e07ab20001bc49fe91f51325974b7658e26364ac2c765d2c0f799e23e0e7c26be957c376708dbedd7d211300067876ed851e78439bab0c3c135ce83ffc1bdd8185a9bc82e7a3e71e0bff7bd8af6504c6b17cde2ffe84d3cdf9efe69c0; Path=/ --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size: 34579 Md5: 94482cedc325de5fa3c9222fd12cf125 Sha1: 5edd71496361d7ebf743fccf8b134ec8e244b76d Sha256: 0b6f6fbad9bc49d2650e71728cf536ac1e37270c97b7b7dc3190c8e055110d06
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5717 Cache-Control: 'max-age=158059' Date: Thu, 07 Jul 2022 01:38:20 GMT Last-Modified: Thu, 07 Jul 2022 00:03:03 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 54a5ebdb4e3b060878632555583e462f Sha1: df627b311d6276eabf36fe1390a8219714839aed Sha256: 5c77d20265a9a328455b745ec5191e036ec35814586c1e6bcd1c8b2de01b3ff2
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 230 Md5: 916635d10512ae6a1840614a895dcd38$ 192.216.61.78 HTTP/1.1 200 OK Content-Type: image/svg+xml Last-Modified: Thu, 09 Jun 2022 07:59:38 GMT Accept-Ranges: bytes ETag: "0d1b0ddd67bd81:0" Server: Microsoft-IIS/7.5 X-Srv: M-SC-01 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="-716843618" Date: Thu, 07 Jul 2022 01:38:19 GMT Content-Length: 230 Set-Cookie: TSf60233d5027=08affc4e07ab2000f2e044d9675358ab364fe7e33d5b877673758e354bec9c3a11bfc5e731df0cef08222db6c71130007b1b80431db581ee331ad4ec210a5ecdf18d744f80201ce1647b624cd3cce2ce56ee9d9ea99b16800142972349f5dc49; Path=/ --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 230 Md5: 916635d10512ae6a1840614a895dcd38 Sha1: db175de4c42281bb4d239c57d1b95b8e75c529ec Sha256: d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
GET /Assets/img/mtb-logo.svg HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators Size: 2039 Md5: f2b901cf895852a0866fe4a16c7f1730$ 192.216.61.78 HTTP/1.1 200 OK Content-Type: image/svg+xml Last-Modified: Thu, 09 Jun 2022 07:59:38 GMT Accept-Ranges: bytes ETag: "0d1b0ddd67bd81:0" Server: Microsoft-IIS/7.5 X-Srv: M-SC-01 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="809420603" Date: Thu, 07 Jul 2022 01:38:19 GMT Content-Length: 2039 Set-Cookie: TSf60233d5027=08affc4e07ab2000e2b6dae0e32729aff411181dc15ece01ecc1052b68ce99462140bf24743a557f0814cccf37113000d2f9441f20bfe72f331ad4ec210a5ecdda76a7ff15447271b8100c0739c9abb3952e4c4e9ac9c7cd923b63c612b1a136; Path=/ --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators Size: 2039 Md5: f2b901cf895852a0866fe4a16c7f1730 Sha1: c4240af1ec798477b4e65a185ddbb1b038817da4 Sha256: 5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /Assets/img/mtb-entrust.svg HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators Size: 1349 Md5: 9a569ad20708d7453d89fe6c72e7fcdc$ 192.216.61.78 HTTP/1.1 200 OK Content-Type: image/svg+xml Last-Modified: Thu, 09 Jun 2022 07:59:38 GMT Accept-Ranges: bytes ETag: "0d1b0ddd67bd81:0" Server: Microsoft-IIS/7.5 X-Srv: M-SC-01 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="-81113248" Date: Thu, 07 Jul 2022 01:38:19 GMT Content-Length: 1349 Set-Cookie: TSf60233d5027=08affc4e07ab20002ed1b7f38253f11fbeeb4d91a7d08f04e1872f600ad05b35c98730811c3565fc08d5e7646f113000c70fbd3be1f5aab4331ad4ec210a5ecdea045e901e72a8515223d6a6ef0381afe0eeb1bb49c95fdfcc3acaaf726043ff; Path=/ --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators Size: 1349 Md5: 9a569ad20708d7453d89fe6c72e7fcdc Sha1: 60b6a41620583484642f7c826faf8e3c879a6374 Sha256: b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /r/simple-layout-responsive/js.mtb?v=08132020140516 HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	192.216.61.78 HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Fri, 07 Jul 2023 01:38:19 GMT Last-Modified: Thu, 07 Jul 2022 01:38:18 GMT ETag: "1657157899:dtagent10241220422021336cTAl" Vary: User-Agent Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Srv: M-SC-01 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="777911778" Date: Thu, 07 Jul 2022 01:38:19 GMT Cteonnt-Length: 322405 Cache-Control: private Content-Encoding: gzip Transfer-Encoding: chunked Set-Cookie: dtCookie=v_4_srv_9_sn_3E3B8F1F040D87FABB535504745B9F7B_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TSf60233d5027=08affc4e07ab20000b48e0ba99167574669f422d25cf2cc2c6be0f8d310d5e0f51558290f9a4e0c1088eb29fc5113000633e9cbb64a0c1f3bab0c3c135ce83ff39a2990fe0acc976475e6ce8f3bb2de229bb4671c20dcab23965c3058db1caa8; Path=/ --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 103531 Md5: 727a0de3144aa33cd4534796486e2363 Sha1: 86ed4f75d976f4f5974724a6a19723798f29386e Sha256: 4944e8c395c12a394fb7be2e85d249d24381a5848f743a5d63bf2b0edda3bcdc
GET /Assets/scripts/Login/Index.js HTTP/1.1 Host: nsk1922.rs User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/m&tsupport/login.php?country=3D&iso=3D&online_id=3De112= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f$ 65.108.229.254 HTTP/2 404 Not Found content-length: 315 content-type: text/html; charset=iso-8859-1 date: Thu, 07 Jul 2022 01:38:20 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Yl1KZzOOUzxugjssMR7iWg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	54.191.222.112 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 8/GbPMIgsuPYLUxicdOo3EHVjmE= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://nsk1922.rs Connection: keep-alive Referer: https://resources.mtb.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format, TrueType, length 4776, version 1.0\012- data Size: 4776 Md5: ac13691b89191d11d0e5577eb3cf3d53$ 192.216.61.78 HTTP/1.1 200 OK Content-Type: APPLICATION/X-WOFF Last-Modified: Thu, 09 Jun 2022 07:59:37 GMT Accept-Ranges: bytes ETag: "0d1b0ddd67bd81:0:dtagent10241220422021336cTAl" Server: Microsoft-IIS/7.5 X-Srv: M-SC-01 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Timing-Allow-Origin: * Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1909085134", dtTao;desc="1" Date: Thu, 07 Jul 2022 01:38:19 GMT Content-Length: 4776 Set-Cookie: dtCookie=v_4_srv_2_sn_F15350BA4A79459E90CA424694310976_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_1; Path=/; Domain=.mtb.com TSf60233d5027=08affc4e07ab200063566f38326ce993c8892ea8f4536507b3d1ed8090bf662694c810bf53e79daa080299fa8a1130003b7217bc5fd3be15331ad4ec210a5ecd4a5244b7012254a7d6fc4a98b00855d9d2cd461bf666e0b5f2a93d0183230d25; Path=/ --- Additional Info --- Magic: Web Open Font Format, TrueType, length 4776, version 1.0\012- data Size: 4776 Md5: ac13691b89191d11d0e5577eb3cf3d53 Sha1: 0126fa82c0ab022e61b5de74f1fe3e204a905a7b Sha256: 108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://nsk1922.rs Connection: keep-alive Referer: https://resources.mtb.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format, TrueType, length 67671, version 1.0\012- data Size: 67671 Md5: 6cd469e8613d82d4d07834a5ca7745f0$ 192.216.61.78 HTTP/1.1 200 OK Content-Type: APPLICATION/X-WOFF Last-Modified: Thu, 09 Jun 2022 07:59:37 GMT Accept-Ranges: bytes ETag: "0d1b0ddd67bd81:0:dtagent10241220422021336cTAl" Server: Microsoft-IIS/7.5 X-Srv: M-SC-01 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Timing-Allow-Origin: * Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1416499107", dtTao;desc="1" Date: Thu, 07 Jul 2022 01:38:19 GMT Content-Length: 67671 Set-Cookie: dtCookie=v_4_srv_4_sn_55388F18FED092C9E39D616BB870B6D6_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TSf60233d5027=08affc4e07ab2000a4d36b9af45abed9860d3c8bfb49819b30b90a20aefeb4b59adeb15bb8929e830807ab8ea21130001b9693dadced31ca331ad4ec210a5ecd52818e484ab40b73643a25a3e23272cd3879f90f0a51890b00a9025e4f98d248; Path=/ --- Additional Info --- Magic: Web Open Font Format, TrueType, length 67671, version 1.0\012- data Size: 67671 Md5: 6cd469e8613d82d4d07834a5ca7745f0 Sha1: 95347ba0a03d27e1aa91bc17c937d8aefe53e6ff Sha256: 4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://nsk1922.rs Connection: keep-alive Referer: https://resources.mtb.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format, TrueType, length 64318, version 1.0\012- data Size: 64318 Md5: b245a55f7e33e1cf4d2477570936ef84$ 192.216.61.78 HTTP/1.1 200 OK Content-Type: APPLICATION/X-WOFF Last-Modified: Thu, 09 Jun 2022 07:59:37 GMT Accept-Ranges: bytes ETag: "0d1b0ddd67bd81:0:dtagent10241220422021336cTAl" Server: Microsoft-IIS/7.5 X-Srv: M-SC-01 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Timing-Allow-Origin: * Server-Timing: dtSInfo;desc="0", dtRpid;desc="-904203917", dtTao;desc="1" Date: Thu, 07 Jul 2022 01:38:19 GMT Content-Length: 64318 Set-Cookie: dtCookie=v_4_srv_1_sn_75E0825110C1B341200D7076E7681BE4_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TSf60233d5027=08affc4e07ab20001ff86fe108539f78d33181fcf75121fd175d102863ad268cfbf7528bf452955f08288acc881130005b0e395979f39ca5331ad4ec210a5ecd714a77d65aa48e48f7b48ac80191e227fd527da03219723a90453c4da8633ccf; Path=/ --- Additional Info --- Magic: Web Open Font Format, TrueType, length 64318, version 1.0\012- data Size: 64318 Md5: b245a55f7e33e1cf4d2477570936ef84 Sha1: 12bf1c1eda6db246778f7c343acebbaad8fa36f4 Sha256: b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "A45138B15E2BFD75A1B78E3CC9DDF08E9E2DAC7B2443D5DCF4F9B12585B55581" Last-Modified: Wed, 06 Jul 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3600 Expires: Thu, 07 Jul 2022 02:38:20 GMT Date: Thu, 07 Jul 2022 01:38:20 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 6cce885d14221b85a43cfe65f9ced26b Sha1: b1d3ddebe2b82093ee25a9e8da26b99c51fdcf5d Sha256: a45138b15e2bfd75a1b78e3cc9ddf08e9e2dac7b2443d5dcf4f9b12585b55581
GET /Documents/html/homepage/favicon.ico HTTP/1.1 Host: asset.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://nsk1922.rs/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data Size: 14862 Md5: e82f458a5c1c5353a97401eccc925613$ 54.230.111.37 HTTP/2 200 OK content-type: image/x-icon content-length: 14862 accept-ranges: bytes content-disposition: inline content-encoding: gzip last-modified: Wed, 04 May 2022 18:18:59 GMT server: Apache strict-transport-security: max-age=31536000; includeSubdomains; preload x-content-type-options: nosniff x-dispatcher: dispatcher1useast1 x-frame-options: SAMEORIGIN x-vhost: publish date: Thu, 07 Jul 2022 00:55:37 GMT cache-control: max-age=3600, no-cache="set-cookie" etag: "3dce-5de33a8b9cac0-gzip" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: -IdzV9na_V0xQG6a-Lh19iQwSCtBExmZAgB9xGEgJY5_FhnztFlUxA== age: 3599 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data Size: 14862 Md5: e82f458a5c1c5353a97401eccc925613 Sha1: 949d6c8d06ca14b52f496c20f63fae269b6708c2 Sha256: cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3369 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:38:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3369 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:38:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3369 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:38:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3369 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:38:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf054370-6b80-40cd-a42e-91d4d8e3c37e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7271 x-amzn-requestid: 3fa97801-72ce-40f1-9609-10406e6d70ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UoS0BFjuoAMFw8w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bffe7f-103b3e9a2928a3ed39c62b1b;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 08:14:55 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: TrgAb-pYFci7r56srzmwDp_mnZ6ApHI6KRaOyrHTYgJHmLcx6iNr1g== via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:50:30 GMT age: 13671 etag: "949707b56fd4aa6464f5f4a5d52b18ab72d307ff" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac Sha1: 949707b56fd4aa6464f5f4a5d52b18ab72d307ff Sha256: 66cf72056531f6151e2e72d48f07f1ba063753316160fe165cb00e125efbca90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b3c96c9-a522-4ac7-b26d-8a493fdad54e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5833 Md5: 0c8f6d61cb2fa1b87748d6ea53f21678$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5833 x-amzn-requestid: b1906d58-4339-4e95-933b-111b98d7e7f3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U3UEfHnwIAMFSNA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c60082-7ae16f081c0a62cc04191bf0;Sampled=0 x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:06 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: dImAFhuRZxCSOGV-GrPighqY6j2UV_ZrVJ7YoplNcaMcyhZZZdBeDA== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:50:56 GMT age: 13645 etag: "9e45ca5390279272ab7991b250cd035c569db6c9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5833 Md5: 0c8f6d61cb2fa1b87748d6ea53f21678 Sha1: 9e45ca5390279272ab7991b250cd035c569db6c9 Sha256: 1f909a49d5f85085e8ebc982bf8e2d0fc4f94b2f01946d0c7dbb232020ce5e8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7633309-5f51-4741-aec1-77223d21def2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6219 Md5: 6a5de65d5b600c0785e0415233eb2eae$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6219 x-amzn-requestid: 5c99b20a-4356-4613-a812-994358d8d2f2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U3UD1FbRIAMFcOg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c6007e-63e05e65678eab473ef18a0f;Sampled=0 x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:02 GMT x-amz-cf-pop: SEA19-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: J4b_YTU4EtaFHSTJDWbBLFMxUD4FZ5KIQcA5eS51LHyB0MfgInWyew== via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:53:38 GMT age: 13483 etag: "7721f00647b911279b6f42bf463eed176e389622" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6219 Md5: 6a5de65d5b600c0785e0415233eb2eae Sha1: 7721f00647b911279b6f42bf463eed176e389622 Sha256: 835ba3151816b32ab23e3d8a215d0dee67dd070428bad5bb3ab596b67a1373b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7394f5d-cdce-41b4-a77f-497fd53c5173.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6510 Md5: 35403bff40fe010a03fbbfa56185ef30$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6510 x-amzn-requestid: 94ccabe7-9fb8-4d91-beea-ebd9a669732b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uq6h8EV3oAMFZfQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c10ad9-0d787e463b15c84b2cca0df8;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 03:19:53 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: KJSLnVrt4pTPuOocLg2Sr5uTfRyiaYyBh9Txohz4mMhsXQ262yfeIw== via: 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 06:32:58 GMT age: 68723 etag: "5e1dc99fa1b894ae83dd0ef04b3daa5ff820cd40" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6510 Md5: 35403bff40fe010a03fbbfa56185ef30 Sha1: 5e1dc99fa1b894ae83dd0ef04b3daa5ff820cd40 Sha256: 6c7efc03f6c3ebcf6ed69bff044d63ba19c832cb8ecb7ce291226b69cb7b3ac5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6737 x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeP9ZG93oAMFX6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw== via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 03:53:29 GMT age: 78292 etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de Sha1: 5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5943e946-454d-4fa2-9a42-3742d5c15b9c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8185 Md5: 71f575ec1945ef97114e5125f7f46bec$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8185 x-amzn-requestid: 4175b120-06ce-4a9c-bc4e-03631c38f97b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UoJB0FzDoAMFUTg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bfeed8-705a0dc35090e183285bfa9a;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 07:08:08 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: noyuVo7-k6XK-GX49yRV5JSF3UzqNjEpQ8N8b6Tv5iUok1C9rMFOrQ== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 09:02:03 GMT age: 59778 etag: "71d91b56c51c8e6c72049088c5f48d047e3c2528" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8185 Md5: 71f575ec1945ef97114e5125f7f46bec Sha1: 71d91b56c51c8e6c72049088c5f48d047e3c2528 Sha256: b0aafa06050270acd35bd434d7418ca1c6ed4b66c0680302da29477d78bc4578