Overview

URLbuhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
IP 70.32.23.31 (United States)
ASN#55293 A2HOSTING
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-09 11:38:14 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (35)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.googletagmanager.com (2) 75 2012-10-04 01:07:32 UTC 2022-12-08 17:14:43 UTC 142.250.74.168
apps.elfsight.com (1) 17484 2017-02-13 06:58:22 UTC 2022-12-08 17:09:53 UTC 104.26.6.107
connect.facebook.net (3) 139 2012-05-22 02:51:28 UTC 2022-12-08 17:12:05 UTC 31.13.72.12
fonts.googleapis.com (2) 8877 2012-05-23 12:41:44 UTC 2022-12-08 17:12:12 UTC 142.250.74.106
translate.googleapis.com (1) 1005 2012-05-31 07:21:21 UTC 2022-12-08 17:17:22 UTC 216.58.211.10
logwork.com (1) 288096 2018-09-20 21:40:00 UTC 2022-12-09 10:19:23 UTC 54.39.129.172
z.moatads.com (1) 374 2014-02-11 16:19:47 UTC 2022-12-08 17:12:10 UTC 23.38.201.146
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
buhlmodeltrainsociety.com (31) 0 2019-12-31 20:41:19 UTC 2022-12-09 11:37:56 UTC 70.32.23.31 Unknown ranking
s7.addthis.com (5) 1504 2012-05-21 03:34:04 UTC 2022-12-08 17:12:09 UTC 2.18.172.123
api-public.addthis.com (1) 4111 2012-05-21 13:44:35 UTC 2022-12-08 17:14:20 UTC 2.18.172.123
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
cdn.logwork.com (2) 296632 2019-08-16 17:52:21 UTC 2022-12-09 10:19:23 UTC 54.39.129.172
v1.addthisedge.com (1) 1721 2019-05-22 18:56:22 UTC 2022-12-08 17:12:10 UTC 2.18.172.123
www.facebook.com (2) 99 No data No data 31.13.72.36
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-08 17:12:10 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
maps.gstatic.com (1) 0 2012-05-22 14:23:15 UTC 2022-12-08 17:13:59 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
fonts.gstatic.com (2) 0 2014-04-02 10:51:04 UTC 2022-12-08 17:14:55 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 23.36.76.226
stats.g.doubleclick.net (1) 96 2012-07-01 17:13:23 UTC 2022-12-08 17:14:59 UTC 108.177.14.157
socialplugin.facebook.net (2) 0 2022-07-19 20:27:01 UTC 2022-12-08 17:27:04 UTC 31.13.72.8 Domain (facebook.net) ranked at: 20561
cdnres.willyweather.com (1) 65868 2015-02-24 04:16:23 UTC 2022-12-06 20:56:46 UTC 151.139.128.10
files.elfsightcdn.com (3) 82787 2021-06-02 14:30:27 UTC 2022-12-09 11:38:06 UTC 104.26.5.247
ocsp.pki.goog (18) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 216.58.211.3
siberianhuskywebdesignsinc.com (3) 0 2019-02-05 13:21:00 UTC 2022-12-09 11:38:02 UTC 70.32.23.31 Unknown ranking
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
www.google.com (1) 7 2012-11-08 00:08:21 UTC 2022-12-08 17:22:52 UTC 216.58.207.228
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
translate.google.com (2) 1156 2012-05-30 01:30:32 UTC 2022-12-08 17:14:55 UTC 142.250.74.174
www.google.no (1) 25607 2012-06-26 23:22:08 UTC 2022-12-08 17:14:59 UTC 142.250.74.67
web.logwork.com (3) 585054 2019-06-04 10:14:12 UTC 2022-12-09 10:19:23 UTC 54.39.129.172
m.addthis.com (1) 1448 2013-11-06 20:12:22 UTC 2022-12-08 17:12:10 UTC 2.18.172.123
www.google-analytics.com (1) 40 2012-05-21 09:41:50 UTC 2022-12-08 17:20:06 UTC 142.250.74.110

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-09 2 siberianhuskywebdesignsinc.com//stats//modules/base/js/owa.tracker-combined (...) Phishing
2022-12-09 2 siberianhuskywebdesignsinc.com/stats/modules/base/dist/owa.tracker.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 70.32.23.31
Date UQ / IDS / BL URL IP
2022-12-09 11:38:14 +0000 0 - 0 - 2 buhlmodeltrainsociety.com/v9/pennohiomodelrai (...) 70.32.23.31
2022-11-15 20:58:07 +0000 0 - 0 - 3 theglowconference.com/dir/main/login.htm 70.32.23.31
2022-11-15 07:19:13 +0000 0 - 0 - 3 theglowconference.com/dir/main/login.htm 70.32.23.31
2022-11-15 00:17:46 +0000 0 - 0 - 17 nationalfilmindustryweek.com//wp-includes/IXR (...) 70.32.23.31
2022-11-14 16:49:30 +0000 0 - 0 - 9 nationalfilmindustryweek.com/wp-includes/ixr/ (...) 70.32.23.31


Last 5 reports on ASN: A2HOSTING
Date UQ / IDS / BL URL IP
2023-01-28 13:45:02 +0000 0 - 0 - 1 omscoc.pappai.com/a0y7i8h.zip 85.187.128.14
2023-01-28 13:44:53 +0000 0 - 0 - 1 oms.pappai.com/is0wuuwa.tar 85.187.128.14
2023-01-28 13:44:40 +0000 0 - 0 - 2 orsan.gruporhynous.com/tattered.php 75.98.173.181
2023-01-28 13:34:49 +0000 0 - 0 - 5 prisma.ae/downloads/LOGS00093601/dll/assistant.php 68.66.216.41
2023-01-28 13:21:31 +0000 0 - 0 - 8 ztekkhosting.com/images.pdf 104.255.194.168


Last 1 reports on domain: buhlmodeltrainsociety.com
Date UQ / IDS / BL URL IP
2022-12-09 11:38:14 +0000 0 - 0 - 2 buhlmodeltrainsociety.com/v9/pennohiomodelrai (...) 70.32.23.31


No other reports with similar screenshot

JavaScript

Executed Scripts (48)

Executed Evals (2)
#1 JavaScript::Eval (size: 11) - SHA256: 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16
addthis.cbs
#2 JavaScript::Eval (size: 8) - SHA256: 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f
_ate.cbs

Executed Writes (0)


HTTP Transactions (118)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6092
Expires: Fri, 09 Dec 2022 13:19:34 GMT
Date: Fri, 09 Dec 2022 11:38:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12577
Expires: Fri, 09 Dec 2022 15:07:39 GMT
Date: Fri, 09 Dec 2022 11:38:02 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 11:07:50 GMT
age: 1812
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7038
Expires: Fri, 09 Dec 2022 13:35:20 GMT
Date: Fri, 09 Dec 2022 11:38:02 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 42pjzk7kOcBScdXMbv6gLpjqu83Q7KeUJhQobFcsrmJQNY+30D9iTL/QT6xPpvM0chQELgwFQYvVKH0gmXNHTw==
x-amz-request-id: BJRTJEJYDV7N3GBW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 10:48:18 GMT
age: 2984
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Dec 2022 11:38:02 GMT
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v9/pennohiomodelrailroadersannual.php HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Set-Cookie: fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; expires=Sun, 11-Dec-2022 11:38:02 GMT; Max-Age=172800; path=/ fusion71SbQ_visited=yes; expires=Sat, 09-Dec-2023 11:38:02 GMT; Max-Age=31536000; path=/ fusion71SbQ_lastvisit=1670582282; expires=Fri, 09-Dec-2022 12:38:02 GMT; Max-Age=3600; path=/v9/; domain=buhlmodeltrainsociety.com; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1, private, must-revalidate
Content-Length: 15056
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10609), with CRLF, LF line terminators
Size:   15056
Md5:    934d22f71615ce2d1764428df3e6d86e
Sha1:   128535acedc26d9745e1aa416839b8f134ba218e
Sha256: ac261d8950f15337ed3c831afac0f0623e962f2e73e410d3073f53195f3c2e20
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/

search
                                         2.18.172.123
HTTP/1.1 308 Permanent Redirect
Content-Type: text/html
                                        
Server: nginx/1.15.8
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Fri, 09 Dec 2022 11:38:02 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   171
Md5:    3c417e9efbcaeb3bf7e7df75cf3b22fd
Sha1:   00465aec6b8ec302eae8abb99678fc5c09c3f343
Sha256: 21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
                                        
                                            GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1 
Host: translate.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/

search
                                         142.250.74.174
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 09 Dec 2022 11:38:02 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

                                        
                                            GET /v9/includes/bootstrap/bootstrap-submenu.min.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2017 20:25:22 GMT
ETag: "5ead63c-13c6-55d7e7ca4f080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 698
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4878), with CRLF line terminators
Size:   698
Md5:    f186dce281492745fa7400d42e75f627
Sha1:   8b5fe32cec4f79a6b46e9fc8f40aad4831aba6c2
Sha256: 39fd2dddc9ea04b576cdf77633a20706d3bbf392c25e533fd6067658df7c5a63
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         2.18.172.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116406
date: Fri, 09 Dec 2022 11:38:02 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54602)
Size:   116406
Md5:    722e21e12eaa431752dfae3577fe0619
Sha1:   cdf8ee4381284ad6b6081663ae6ee322998e1b35
Sha256: 998242560562ed6542b378745338b65d06b0001ee9c4c9bb843166524bd4c407
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-139436980-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 11:38:02 GMT
expires: Fri, 09 Dec 2022 11:38:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   44742
Md5:    a9d1e916f9f1f3317da8858edee92dee
Sha1:   cdf931e94a0e73a20886a6debb42a9f3d563e720
Sha256: e09029599845d8fd31e1b53f619d43e6f59afd4b0598f0ddc7d6c45a05743f16
                                        
                                            GET /v9/includes/fonts/entypo/entypo.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Sep 2018 02:08:49 GMT
ETag: "62202e3-4ef3-575022377ee40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 3430
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   3430
Md5:    bef163c24e65860472a880058649b16e
Sha1:   5c9c76b66bd3766d20a9b61b74903c1c9f99a429
Sha256: 890f56210122efa2cb3a4182ac1a2b8270ba367bbc3532f4003b4793ce520d74
                                        
                                            GET /v9/includes/fonts/font-awesome/css/font-awesome.min.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Sep 2018 01:48:09 GMT
ETag: "622191b-7918-57501d98f0840-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 7053
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   7053
Md5:    52f1a8a2ce85fa8432308b33bc1a2e79
Sha1:   fd80917af5371c8ecad0198592a1e7cce4b77b0e
Sha256: 07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
                                        
                                            GET /v9/includes/bootstrap/bootstrap.min.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Mar 2021 17:55:29 GMT
ETag: "5ead70f-1de55-5bd1e417e0640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 20248
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (64972), with CRLF line terminators
Size:   20248
Md5:    8c57abf46669afd662d3c456b88f17ae
Sha1:   3066324906b4a3c05862f17b98b07240b0878549
Sha256: 05e7a9867c3a8556647368d3d528ddbcc0bfcfd4ede0f14de680383ba1900ebd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "392544746E1AD0B83D71D60D6AE367DBC41BD687B1A15E4D12F9254BA3FB688E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14358
Expires: Fri, 09 Dec 2022 15:37:20 GMT
Date: Fri, 09 Dec 2022 11:38:02 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-872C90LY8Y&l=dataLayer&cx=c HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 11:38:02 GMT
expires: Fri, 09 Dec 2022 11:38:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77048
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22462)
Size:   77048
Md5:    77b366c6d7a0c9857e0ebf7851a3f82c
Sha1:   e33eb8b0d9fb3ddb741d0b9c39c38f0808a8958d
Sha256: c7cbdf1995e20fd3788dca15aaf5281d73dc0470721e916fd406ee646eedc1ab
                                        
                                            GET /v9/themes/Xmas/styles.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Mar 2021 08:30:02 GMT
ETag: "606b686-89f7-5bd3e96f7d680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 7598
Keep-Alive: timeout=3, max=497
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (680)
Size:   7598
Md5:    cb7480fb58b93e3b875d1623079cefb9
Sha1:   b1770f41480037816febf2bdcb978fe26a951eb8
Sha256: 3f3593af59d3d5c52bb8a298fc19c75d1721c8b24b686f26196ad71ca9c085db
                                        
                                            GET /v9/includes/fonts/entypo/animation.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1, private, must-revalidate
Content-Length: 6061
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1360), with CRLF, LF line terminators
Size:   6061
Md5:    3a16d2befdec632f950f1b0259853ff3
Sha1:   6d74c134020031933cb9f338abe809c75a95d9ed
Sha256: b34562111e806d268f5ec465e6da06480a47698dfb92593c53d5f1af79db969a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /widget/countdown.js HTTP/1.1 
Host: cdn.logwork.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.39.129.172
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Dec 2022 11:38:02 GMT
Content-Length: 319
Last-Modified: Tue, 27 Apr 2021 11:04:31 GMT
Connection: keep-alive
ETag: "6087efbf-13f"
gzipenable: yes
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (319), with no line terminators
Size:   319
Md5:    54f05ba56c73460db65c002a229f8ab0
Sha1:   8aa869603bcd4f58ece767077684a3546b920af0
Sha256: cdcf02532052dbd92b93f7a570fdc2eb576b6a1a3f9a169a1a9120b41a03282e
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 11:07:45 GMT
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
age: 1817
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /v9/includes/jquery/jquery.min.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2017 20:33:12 GMT
ETag: "5f022b0-14e4e-55d7e98a89200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 29830
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065), with CRLF line terminators
Size:   29830
Md5:    fb6d7a7eb1d6c06d314ed0c63c7295ea
Sha1:   7d9d354b1d37909a3588cfe4eb3f290769e99e72
Sha256: 980c97264fdc547205cf436cbf77f12af6d924543f662b2d8ff6230aafda195b
                                        
                                            GET /v9/includes/jscripts/jscript.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2017 20:33:21 GMT
ETag: "5f022b5-2a01-55d7e9931e640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 3104
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   3104
Md5:    ba29ce60746c52bc4d1871f00776b571
Sha1:   25f31e3dad2bba4b2f115c87d971db080b36721b
Sha256: ac1f2ae048cd7147ccd8092a3fd91ef9603560f3e355055dcbcb6ee53f3ebbbd
                                        
                                            GET /v9/includes/fonts/entypo/entypo-ie7.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1, private, must-revalidate
Content-Length: 6062
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1360), with CRLF, LF line terminators
Size:   6062
Md5:    88262d305f94e3f3817eb47e56118f97
Sha1:   fbb9e9509f0e1512290c3da2b6140e61886af2ce
Sha256: e70a5d8d6760b12b5c9b3112866844c1dc82650ca65e2d978d88b43e074e89f4
                                        
                                            GET /v9/boxstyle.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 13 May 2018 18:27:57 GMT
ETag: "5ce6ba4-2a2-56c1a87368540-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 359
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   359
Md5:    679dcc964ac125dab7e9e02350f99594
Sha1:   9cddac3664a05d5ecfb8dd0ddd1eba5e6262e8ff
Sha256: d088ff2a11d0136c1f9e6564a0e0390e9e232af5923f879960421459d39a9f25
                                        
                                            GET /v9/themes/Xmas/includes/search.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Nov 2017 18:39:21 GMT
ETag: "628e4e1-4e9-55f3792020840-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 605
Keep-Alive: timeout=3, max=497
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   605
Md5:    de229ad153ee2b059f6053a539649b7c
Sha1:   5595b6a157c7c76ec676197b4591f206840b431d
Sha256: 3454f6dd1c092c5efc27420c5fab71f4f516a86c9a9c27f867446cb1e8763778
                                        
                                            GET /v9/infusions/cookiebar_panel/cookiebar_panel.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jun 2018 12:39:10 GMT
ETag: "62701d5-14a8-56f2633ad7780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 1537
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1537
Md5:    7efa02992a24ac5468ab7ab40750dd4b
Sha1:   7268fb72674715e7d05bb725a1e24df6e77c92f9
Sha256: 4345fc8877dbd1c24d0572426423c53bcfff69526997ab9be6824f03e1b2efb2
                                        
                                            GET /v9/includes/jquery/colorbox/jquery.colorbox.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2017 20:33:06 GMT
ETag: "62223a3-8ef0-55d7e984d0480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 8922
Keep-Alive: timeout=3, max=495
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   8922
Md5:    5bbfdb6153eccdf6f70fe0245b52f1c2
Sha1:   fba85e5cfad1e38034e1b9586c70c0e33115643d
Sha256: 55dec639c5008802c260fa89f067e84aa7bb9812a5ac6003cc1b26bf7d861720
                                        
                                            GET /v9/includes/bootstrap/bootstrap.min.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2017 20:25:25 GMT
ETag: "5ead710-91df-55d7e7cd2b740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 9930
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (32004), with CRLF line terminators
Size:   9930
Md5:    7460e06856161809381cb6699068adbd
Sha1:   d06e3a099448e2dc93eef3de5b13d2e024d0544f
Sha256: 708524b9cb4fc05712c2e4381ba44c028bfb8f2463d56e2e052ef12d5286903f
                                        
                                            GET /v9/includes/fonts/entypo/entypo-ie7-codes.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:02 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1, private, must-revalidate
Content-Length: 6062
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1360), with CRLF, LF line terminators
Size:   6062
Md5:    b7c0ab163df82f5d400514cd75c9c367
Sha1:   4613f140eba9fe783c45e6f4c5e14bffe424c1dd
Sha256: 0481a59072efe8070cc9565fc25b968e93e6490f0936da63e14831352f36d452
                                        
                                            GET //stats//modules/base/js/owa.tracker-combined-min.js HTTP/1.1 
Host: siberianhuskywebdesignsinc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://siberianhuskywebdesignsinc.com/stats/modules/base/dist/owa.tracker.js
Content-Length: 285
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   285
Md5:    be3b16a39a4f27a5b248ea2043ef489a
Sha1:   93d6b39e7aedcb3569c84122bd56c8a2cd351f70
Sha256: 377a035e9ae7c258a8c85735166a102dc9df746ed46e626c5f8125910e3363be

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5139
Cache-Control: max-age=168871
Date: Fri, 09 Dec 2022 11:38:03 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:32:34 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v9/includes/bootstrap/bootstrap-submenu.min.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2017 20:25:22 GMT
ETag: "5ead70c-aea-55d7e7ca4f080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 973
Keep-Alive: timeout=3, max=496
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2610), with CRLF line terminators
Size:   973
Md5:    6d5eb6c1af0d27227dba70aa701bcdc4
Sha1:   0226369752d217559a4275e45a1dc9511b3721f1
Sha256: 9689fcacf43b3f8ca6855a607cf9a855188d3b1449e0fb57e805f7c0ebe1235f
                                        
                                            GET /v9/includes/bootstrap/holder.min.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2017 20:25:30 GMT
ETag: "5ead712-7b5a-55d7e7d1f0280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 11276
Keep-Alive: timeout=3, max=497
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (31360), with CRLF line terminators
Size:   11276
Md5:    7a12092b2854c6e48d600255845c8b3c
Sha1:   6cc581d2326de69a51470c99f94a4689c59d0e45
Sha256: a8d137945da7438afc501eeb467768daf2054421cc31291eb1496eb5a62a121a
                                        
                                            GET /v9/includes/fonts/PHPFusion/font.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/themes/templates/default.min.css
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2017 20:32:48 GMT
ETag: "6216543-383-55d7e973a5c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 391
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   391
Md5:    2aa29dd0b1cfc2d12fc4ff41b9cc511e
Sha1:   f47b427b3c1b46300bc2d5a87b4a5c724cce7239
Sha256: 20624838d38bc32af16240954c59c775d454085818b243d8fe122d16815574d9
                                        
                                            GET /v9/includes/jquery/admin-msg.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1, private, must-revalidate
Content-Length: 6065
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1360), with CRLF, LF line terminators
Size:   6065
Md5:    1b497228a7cc38d9594383de2cd86af4
Sha1:   d85629d33c976f29c7694c615babc8f591032f01
Sha256: b7e086b602f330438adcc1c08b62f4a59d1b9adb89f5e969793717d960a47676
                                        
                                            GET /v9/includes/dynamics/assets/select2/select2.min.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2017 20:31:21 GMT
ETag: "6216450-deca-55d7e920ad840-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 13179
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (778), with CRLF line terminators
Size:   13179
Md5:    fe65172311e90f0a73f37c06f65c3e7a
Sha1:   475284813a73b4067a652ed67c846ff01fdb1c6f
Sha256: a717fae75956cfd406ea1bbb573b1fc54294220f0c5c4f70d418f7fa7c76b30a
                                        
                                            GET /p/platform.js HTTP/1.1 
Host: apps.elfsight.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.6.107
HTTP/2 301 Moved Permanently
                                        
date: Fri, 09 Dec 2022 11:38:02 GMT
location: https://static.elfsight.com/platform/platform.js
cache-control: max-age=3600
expires: Fri, 09 Dec 2022 12:38:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdKXbAs81mFmVYmyYyVS3wUyxfwlrqIKM6TOoPCFsNYN6uwt3mx9%2FuuxvObhFhFRuMW3w505dZwePzoQiSUYynwk63P8Z3AVOOtveMCaVqcQaZ2ARUNUtcg6lShcxR%2Bm4C1O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 776d73c5fa85b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   668
Md5:    de9a2d189a3669934abe6e13ebe89f3a
Sha1:   e38727f5b63b6cf98bb1c32ecf1acbbc1246dc39
Sha256: 09ffe042819c33c4b020ad296491b6ae7d5375c308bd915237f90a1a3fb8d042
                                        
                                            GET /v9/includes/fonts/entypo/entypo-codes.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1, private, must-revalidate
Content-Length: 6062
Keep-Alive: timeout=3, max=494
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1360), with CRLF, LF line terminators
Size:   6062
Md5:    5695b9c148e3eab47ce568580f38818c
Sha1:   ca9882c20db466a93932e23f8e4d983c2ac67464
Sha256: a915feb5a392319429983a0375a5671f903603a120560980ec42c0bb62b7926a
                                        
                                            GET /stats/modules/base/dist/owa.tracker.js HTTP/1.1 
Host: siberianhuskywebdesignsinc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Feb 2022 11:06:54 GMT
ETag: "7300058-d0d8-5d820a5b1cf80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 17642
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive


--- Additional Info ---
Magic:  C source, Unicode text, UTF-8 text, with very long lines (27110)
Size:   17642
Md5:    9e72006d9a587836c7d4df5404b88370
Sha1:   8973b607cbe07dfc8a6bdc5f1f60aa698cae00b7
Sha256: 8b2e1cd35b132eff0272f04e4a1e2fb5f809383ba2300687e20adc1921d519ef

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v9/includes/fonts/entypo/entypo-embedded.css HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
Cookie: fusion71SbQ_lastvisit=1670582282; fusion71SbQ_session=4dde597b1300032d42b5aa06751060be; fusion71SbQ_visited=yes

search
                                         70.32.23.31
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1, private, must-revalidate
Content-Length: 6062
Keep-Alive: timeout=3, max=497
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1360), with CRLF, LF line terminators
Size:   6062
Md5:    c765f14ab533efd8475325de059c817a
Sha1:   43694d39bc9f5bc7d5f28c6143ea0b60c4100143
Sha256: e85c7c0aeacd01e7f71f2f0e710b9805a7d40c18879babe5caaacfc94bc600a2
                                        
                                            GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1 
Host: translate.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 11:38:02 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+635; expires=Sun, 08-Dec-2024 11:38:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (560)
Size:   26348
Md5:    b5b72f4a66259ab50cf9377ccec2298b
Sha1:   521504b9681f75d56ee6c86b20e9f96fff3bda88
Sha256: d4dc59474b2e65d787be813be83c6bbb387190d094c4d1bb11ff84a1ad614eb8
                                        
                                            GET /widget/warning/loadView.html?id=112573 HTTP/1.1 
Host: cdnres.willyweather.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.139.128.10
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 11:38:03 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 1048
x-hw: 1670585882.cds241.sk1.hn,1670585882.cds214.sk1.sc,1670585882.dop203.sj3.r,1670585883.cds117.sj3.sc,1670585883.cds117.sj3.p,1670585883.cds214.sk1.p
server: Apache/2.4.46 (IUS)
x-powered-by: PHP/7.0.32
cache-control: max-age=300, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (729)
Size:   1048
Md5:    4750224650c037cd3dfca36310f32039
Sha1:   b982d19caf3bc8704469501a709ec7a49297cb7e
Sha256: 2a988873cd07cddf33bb19a10b5a93167ea1ff57809b259023444287c1496c46
                                        
                                            POST /g/collect?v=2&tid=G-872C90LY8Y&gtm=2oebu0&_p=1220794031&cid=1323018671.1670585882&ul=en-us&sr=1280x1024&_s=1&sid=1670585881&sct=1&seg=0&dl=http%3A%2F%2Fbuhlmodeltrainsociety.com%2Fv9%2Fpennohiomodelrailroadersannual.php&dt=Buhl%20Model%20Train%20Society&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://buhlmodeltrainsociety.com
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: http://buhlmodeltrainsociety.com
date: Fri, 09 Dec 2022 11:38:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /translate_static/css/translateelement.css HTTP/1.1 
Host: translate.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 11:01:07 GMT
expires: Fri, 09 Dec 2022 12:01:07 GMT
cache-control: public, max-age=3600
age: 2216
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18670)
Size:   3619
Md5:    897ba9a21d9625286674da769dacc2e2
Sha1:   84b4923ab7dee562395160824d53496314499b77
Sha256: 696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /widget/countdown_api.js?v=202211911 HTTP/1.1 
Host: cdn.logwork.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.39.129.172
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Dec 2022 11:38:03 GMT
Last-Modified: Wed, 07 Dec 2022 16:21:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6390bd88-10c1"
gzipenable: yes
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4289), with no line terminators
Size:   1484
Md5:    30bfad9e77063d22f5328c6f15ab3891
Sha1:   a443e5e573d193447e53bd3162957fe27570e88c
Sha256: 8c9c905bb6c4f7f17e3f9cb1aaed6bd728861ad45b08467bc625b66760e57584
                                        
                                            GET /maps/embed?pb=!1m18!1m12!1m3!1d3000.2662109879816!2d-80.47110348457885!3d41.23775877927818!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8833c065a7bff1c9%3A0x6491e3bb9ce68353!2s2140%20Highland%20Rd%2C%20Hermitage%2C%20PA%2016148!5e0!3m2!1sen!2sus!4v1610528692518!5m2!1sen!2sus HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         216.58.207.228
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Dec 2022 11:38:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-1wZNWMqvX7xE17e9trtoww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 915
x-xss-protection: 0
server-timing: gfet4t7; dur=202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1565)
Size:   915
Md5:    5cbf06a1ed71738be968ac3e60219da7
Sha1:   e8df06417046cf4682ac13fbae7f5a710fea7618
Sha256: dfb4e082d72339881688024fbaa74fedbfea32eec9d7acc307b20216c70cbf49
                                        
                                            GET /v9/themes/Xmas/images/main-bg.jpg HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Mar 2021 13:26:13 GMT
ETag: "628e4d6-16528-5bd0660ada740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1920x900, components 3\012- data
Size:   84620
Md5:    13174f086ac22ece67f0f5fb678f080f
Sha1:   97517a389d6758124b6c804a24f1fd49330f2443
Sha256: 0eefe3af2cfe5ea4927571a6857810abb53d8ae8a0d7dc6fa3ee15022d72a8e6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps-api-v3/embed/js/51/3/init_embed.js HTTP/1.1 
Host: maps.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69327
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:12:31 GMT
expires: Thu, 07 Dec 2023 20:12:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 18:55:12 GMT
age: 141933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2669)
Size:   69327
Md5:    670da89542ecf04a8bbff2049748654f
Sha1:   2fcd2c31427edfd9b3180e233a009677b0d88973
Sha256: d1bdcacb4973ce7c60a0f59144bf6fb699eea4fc016ca1780cdf61dbd9efb3bc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v9/includes/jquery/admin-msg.js HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Set-Cookie: fusion71SbQ_session=c9c3e5de4cd6a03bf1aa192209d2e27f; expires=Sun, 11-Dec-2022 11:38:03 GMT; Max-Age=172800; path=/ fusion71SbQ_visited=yes; expires=Sat, 09-Dec-2023 11:38:03 GMT; Max-Age=31536000; path=/ fusion71SbQ_lastvisit=1670582283; expires=Fri, 09-Dec-2022 12:38:03 GMT; Max-Age=3600; path=/v9/; domain=buhlmodeltrainsociety.com; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1, private, must-revalidate
Content-Length: 6067
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1360), with CRLF, LF line terminators
Size:   6067
Md5:    c9589b3b07d24fc2426b95972c2ccd24
Sha1:   07ce314c21edb3f0a0589130ed208cd20629b37b
Sha256: e050bffb4f5344bd70a1fb2333f8a58b75e2edc14be5f32fafcf2f956bc2ceab
                                        
                                            GET /widget/countdown/?text=Countdown&timezone=America%2FNew_York&width=&style=&uid=214451&loc=https://logwork.com/countdown-w2fz&language=&textcolor=&background=&date=2022-09-25%2014%3A00&digitscolor=&unitscolor=&url=http://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php HTTP/1.1 
Host: logwork.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         54.39.129.172
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 09 Dec 2022 11:38:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text
Size:   1045
Md5:    288384ba778cc2e4dd210662f1ef8253
Sha1:   6de9957001f67952def754ac2f34ab4fe30147c2
Sha256: ee887a35ac2063c1cf4c1879578769a9ccd5b6d03a5e9aa909d6a0738b06b308
                                        
                                            GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         2.18.172.123
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 09 Dec 2022 11:38:04 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size:   26421
Md5:    707317ccaabe08d32d1bd781754e6871
Sha1:   bb82dcd3e044c960e0861c2ce878f5504e628f78
Sha256: d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7658
Expires: Fri, 09 Dec 2022 13:45:42 GMT
Date: Fri, 09 Dec 2022 11:38:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7658
Expires: Fri, 09 Dec 2022 13:45:42 GMT
Date: Fri, 09 Dec 2022 11:38:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7658
Expires: Fri, 09 Dec 2022 13:45:42 GMT
Date: Fri, 09 Dec 2022 11:38:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7658
Expires: Fri, 09 Dec 2022 13:45:42 GMT
Date: Fri, 09 Dec 2022 11:38:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8497
Expires: Fri, 09 Dec 2022 13:59:41 GMT
Date: Fri, 09 Dec 2022 11:38:04 GMT
Connection: keep-alive

                                        
                                            GET /v9/includes/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://buhlmodeltrainsociety.com
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: font/woff; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Sep 2018 01:48:16 GMT
ETag: "6221c6e-17ee8-57501d9f9d800"
Accept-Ranges: bytes
Content-Length: 98024
Vary: Accept-Encoding
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Size:   12909
Md5:    2dc43d84e6d9573da7f06ebf90ddfdbc
Sha1:   d47eef897de8569d7467154380a73f5793f169a3
Sha256: cfb7b3183f42e6e7b38d52d7645e98625558ea117545f0e5b74e4574144c3de1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 28578
etag: "7558222788f06623ddae6e883413e38e1146281e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7897
Md5:    8c3214044657f3b876d1f1848bca5684
Sha1:   7558222788f06623ddae6e883413e38e1146281e
Sha256: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 67020
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5188
Md5:    fba9a3854df65740512f96efe7442e58
Sha1:   8fbff7725c842d70e047c635a725723a9dc9c55a
Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 29017
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6578
Md5:    8546542f00ea29ef4df6ab8d3c7c2164
Sha1:   5c8ffe91490006a9890188b53f875568c2b6bd8f
Sha256: 7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 00:33:39 GMT
age: 39865
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10205
Md5:    45e0c1638ad919bde19731f7987ab064
Sha1:   1e492807c665e6e6b24ec6ce19035fdfc6f23b92
Sha256: f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 08:30:07 GMT
age: 11277
etag: "2506152cdd1056533116feb9350124356e570e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7217
Md5:    955c6ac69b89f6cbd497df53fcb2ae1b
Sha1:   2506152cdd1056533116feb9350124356e570e54
Sha256: fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 26956
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5169
Md5:    06514ce96ae21cb01f526a5febdcbeb4
Sha1:   ebb97e5b97f394e8c67098f55581d5329ce819a2
Sha256: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
                                        
                                            GET /cores/178/tpl/main/widget/countdown/js/flipdown.js HTTP/1.1 
Host: web.logwork.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         54.39.129.172
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Dec 2022 11:38:04 GMT
Last-Modified: Wed, 07 Dec 2022 16:21:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6390bd89-1915"
Expires: Sat, 09 Dec 2023 11:38:04 GMT
minify: yes
Cache-Control: max-age=31536000, public, no-transform
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (6421), with no line terminators
Size:   2035
Md5:    779866d98df6f17a7c7d2a45040a73fb
Sha1:   74c729228a6b74135601b735c4443518fe4cc935
Sha256: bf41f674aa0c36e0d00b305ff06d6a1e799bb8f04b7c08867aea827a0b51606d
                                        
                                            GET /cores/178/tpl/main/widget/countdown/css/flip.css?v1 HTTP/1.1 
Host: web.logwork.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logwork.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         54.39.129.172
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 09 Dec 2022 11:38:04 GMT
Last-Modified: Tue, 02 Mar 2021 10:40:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"603e1623-1a84"
Expires: Sat, 09 Dec 2023 11:38:04 GMT
minify: yes
Cache-Control: max-age=31536000, public, no-transform
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   1647
Md5:    b5a4787ded2b8d205e1063d36116d123
Sha1:   60c9ed362a18e0c79990fe156acc215c9399ad47
Sha256: 2c1d6852ec3ae2c2799af534134f9fc227915754a7952dd5570d05c34cbf9342
                                        
                                            GET /v9/themes/Xmas/images/bg_main.gif HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sat, 29 Sep 2018 17:02:22 GMT
ETag: "628e363-769f5c-577058915c380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 458 x 257\012- data
Size:   7600329
Md5:    abcd625f50745a40436c2bb527abe2dd
Sha1:   1b5b92fd25e9c3a91db1eeda35c1720e8d63044e
Sha256: c7a5d6e5426e1a257c69a5feaf6753a000afa4039090a43fbddd94866a6a8380
                                        
                                            GET /live/red_lojson/300lo.json?si=63931e1a4f2d3d83&bkl=0&bl=1&pdt=462&sid=63931e1a4f2d3d83&pub=ra-5af23bc2b2322dcb&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=buhlmodeltrainsociety.com&fp=v9%2Fpennohiomodelrailroadersannual.php&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670585883366&jsl=1&uvs=63931e1a98db5d10000&skipb=1&callback=addthis.cbs.jsonp__7819987762096490 HTTP/1.1 
Host: m.addthis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         2.18.172.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 88
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Fri, 09 Dec 2022 11:38:05 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   88
Md5:    ae91eb927bf1910b50bc516a8ae5b740
Sha1:   72c14af6b8fd9ce3e0c3efcf34ce105c23689249
Sha256: a7abb4451b24a3f924994f76de862324aa8a60e8f45ebaa041303b273c15b669
                                        
                                            GET /v9/images/favicons/favicon-16x16.png HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Cookie: fusion71SbQ_lastvisit=1670582283; fusion71SbQ_session=c9c3e5de4cd6a03bf1aa192209d2e27f; fusion71SbQ_visited=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Dec 2022 11:38:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Jul 2018 19:01:50 GMT
ETag: "5e40b24-55e-56ff4b69d0380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 1363
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   1363
Md5:    89ecfb97854650bc6ab1dcae86b3f55d
Sha1:   bd3a0d7e2bbaedb351381d51e9dbce40e59dd436
Sha256: 4e30019f0a3e19059b9156a43a2aa2dc4ab8270b532317ea956cc854dc4ce475
                                        
                                            GET /cores/178/tpl/main/widget/countdown/js/js.js HTTP/1.1 
Host: web.logwork.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         54.39.129.172
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Dec 2022 11:38:04 GMT
Last-Modified: Wed, 07 Dec 2022 16:21:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6390bd89-f7a"
Expires: Sat, 09 Dec 2023 11:38:04 GMT
minify: yes
Cache-Control: max-age=31536000, public, no-transform
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3680), with no line terminators
Size:   1830
Md5:    fac7e8ab17eb707ea77770c9ed098972
Sha1:   47e6a4a58b9068c626f90fb15debace9f9e4bebe
Sha256: ff59cac612ec57f6564dd7f27868298b4fec7fc21cc2133334fbad1daac073ef
                                        
                                            GET //stats//log.php?owa_timestamp=1670585882&owa_event_type=base.page_request&owa_is_new_visitor=true&owa_visitor_id=1670585882648229641&owa_fsts=1670585882&owa_dsfs=0&owa_last_req=&owa_session_id=1670585882231825763&owa_is_new_session=true&owa_nps=0&owa_dsps=0&owa_site_id=be9fe21866f3bce9a8d65334f1293ec4&owa_page_url=http%3A%2F%2Fbuhlmodeltrainsociety.com%2Fv9%2Fpennohiomodelrailroadersannual.php&owa_HTTP_REFERER=&owa_page_title=Buhl+Model+Train+Society& HTTP/1.1 
Host: siberianhuskywebdesignsinc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Content-encoding: none
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Expires: Wed, 11 Jan 2000 12:59:00 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 42
Last-Modified: Wed, 11 Jan 2006 12:59:00 GMT
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    9b5e8704c89f018cff215cb5ed3e0128
Sha1:   2a9fa3661b326c503e492b89cdd9130d12ead03d
Sha256: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
                                        
                                            GET /live/boost/ra-5af23bc2b2322dcb/_ate.track.config_resp HTTP/1.1 
Host: v1.addthisedge.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         2.18.172.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 542
etag: -591745542--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
date: Fri, 09 Dec 2022 11:38:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1585), with no line terminators
Size:   542
Md5:    c90656f71217c35a1754b31497bf8c63
Sha1:   9e98bcfef91ecd96afbbb4768ce35455ce38df34
Sha256: 5e07ca79e24d7e570651dbb408b1fe6498ca820fa918e10211749d60819013be
                                        
                                            GET /addthismoatframe568911941483/moatframe.js HTTP/1.1 
Host: z.moatads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.146
HTTP/2 200 OK
content-type: application/x-javascript
                                        
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=16929
date: Fri, 09 Dec 2022 11:38:05 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   948
Md5:    f14b4e1f799b14f798a195f43cf58376
Sha1:   b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
Sha256: 92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
                                        
                                            GET /v9/images/favicons/apple-touch-icon.png HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Cookie: fusion71SbQ_lastvisit=1670582283; fusion71SbQ_session=c9c3e5de4cd6a03bf1aa192209d2e27f; fusion71SbQ_visited=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Dec 2022 11:38:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Jul 2018 19:01:54 GMT
ETag: "5e40b20-d65f-56ff4b6da0c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 54657
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   54657
Md5:    856b106894fa34b0321fccf63673c3bc
Sha1:   326984c46c7f8b7c72123e7bb709c3f01dde4cce
Sha256: 1a641a88fbb04177d541999cd2f6ab3ac5a8ba964b387baf8ecf502ecff29cd2
                                        
                                            GET /en_US/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://buhlmodeltrainsociety.com
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3d002a9d8b6856f638f82d209adac6a5
etag: "bb91471686bb654c25900e7759fa6b34"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Dec 2022 11:47:44 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ibchzJeQJdm+yuw2rjdg4w==
x-fb-debug: 9RSs7QfryUDb2P5JJP1/ziDFS89VwapLJC432gJ7vXbWDR8uHAEReople213NrCWMkXcXCEj353dmr8K2Hhy+g==
priority: u=3,i
content-length: 1685
x-fb-trip-id: 1904183273
date: Fri, 09 Dec 2022 11:38:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1957)
Size:   1685
Md5:    89b721cc979025d9becaec36ae3760e3
Sha1:   8b3ce1f1493b6bcee40e127d0ff69f3e1687d904
Sha256: 771738c8198b2b1264c7a1bf38a1a851625ed495b0c2f8052cc15286455bceaa
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 10:41:08 GMT
expires: Fri, 09 Dec 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 3417
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /en_US/sdk/xfbml.customerchat.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 71ba8d60336eaed0e101f730b073d876
etag: "b7a5a25482440015464ecab0616bc721"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Dec 2022 11:49:03 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: GBfGPuQMrMpy0gP1WkgWVA==
x-fb-debug: ipfFsmZpyVkScKf9XG2SBA5iOkXJxrk+U6i2sZ0O0tAzHN494wVvHFVCbqOXWo6pvZfE30HNGBrP6CdPQzgm0w==
content-length: 91016
x-fb-trip-id: 1904183273
date: Fri, 09 Dec 2022 11:38:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18734)
Size:   91016
Md5:    1817c63ee40cacca72d203f55a481654
Sha1:   86e73ce9b0b35d217035cceead870d33d84003ee
Sha256: 79c76b3e0a6c81936550f2a046b97e05a5423ad7f80de3c18208b67b8c76bf1c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2737
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 11:38:05 GMT
Last-Modified: Fri, 09 Dec 2022 10:52:28 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         2.18.172.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77691
date: Fri, 09 Dec 2022 11:38:05 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   77691
Md5:    ac1b5db6377f89a6d7f517c571b8ddba
Sha1:   87205f72f7338d717dd2966119ecb6aae22d5835
Sha256: 9164225c4ffa9eded3fd96fd8403249cf67e2047354fc245fb349216565d00a2
                                        
                                            GET /en_US/sdk.js?hash=a99b33e9c4c6ad8defc8fefcc738428e HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://buhlmodeltrainsociety.com
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b754255a9f38a97940265439fd1b9fe6
etag: "19038301e86bfc9a6852d2d590b54b46"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 09 Dec 2023 10:01:20 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: MRzxnUIP7VIvfYAVALL93g==
x-fb-debug: 33DVI5hzfDFSw+gj4/hmMfKmA+fVRC1FeAJS0npzjS/mQwTQqvhTN0vUTsejcPLshaJ79QRvAL6YiAxvk+O/yw==
priority: u=3,i
content-length: 88437
x-fb-trip-id: 1904183273
date: Fri, 09 Dec 2022 11:38:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18530)
Size:   88437
Md5:    311cf19d420fed522f7d801500b2fdde
Sha1:   0bcb19426510300951e566d4ecaaa8e7e220020a
Sha256: 1e3681ebb547536781aa679d22b1b338a4c2688decf230f0930c4695af24fb6a
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 144251
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 144249
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /static/195.461912c47007775093ae.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         2.18.172.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-180"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 298
date: Fri, 09 Dec 2022 11:38:05 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (384), with no line terminators
Size:   298
Md5:    b3a09bfb320e3798865e9543432f891f
Sha1:   1b852bdc37086072c734acec0af4d1971e6ec320
Sha256: 62048a133b36399f6990ddbf705fc3a2cd9a8a9d010e1fb89ed8bdd25d56fca3
                                        
                                            GET /tr/?id=523373791195503&ev=fb_page_view&dl=http%3A%2F%2Fbuhlmodeltrainsociety.com%2Fv9%2Fpennohiomodelrailroadersannual.php&rl=&if=false&ts=1670585884793&sw=1280&sh=1024&at= HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 11:38:05 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-139436980-1&cid=1323018671.1670585882&jid=377897024&gjid=629430459&_gid=721676242.1670585885&_u=YADAAUAAAAAAACAAI~&z=815011226 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://buhlmodeltrainsociety.com
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         108.177.14.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://buhlmodeltrainsociety.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 11:38:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            GET /v5.0/plugins/like.php?action=like&app_id=523373791195503&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df192c8893c31a5%26domain%3Dbuhlmodeltrainsociety.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fbuhlmodeltrainsociety.com%252Ff3a3ec5b6240ab6%26relation%3Dparent.parent&container_width=846&href=https%3A%2F%2Fbuhlmodeltrainsociety.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&size=small&width= HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 2JKpqM7JJxQFLaoNm8aBUIemDBilOy4sDtHmMXobpgX6/QhU2pVN/yhCQs9QvM2MJuOtUHHL6svoWWf/Rc3z2A==
content-length: 0
date: Fri, 09 Dec 2022 11:38:05 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-139436980-1&cid=1323018671.1670585882&jid=377897024&_u=YADAAUAAAAAAACAAI~&z=767211557 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.67
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 11:38:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4639
Cache-Control: max-age=106451
Date: Fri, 09 Dec 2022 11:38:06 GMT
Etag: "639208d2-117"
Expires: Sat, 10 Dec 2022 17:12:17 GMT
Last-Modified: Thu, 08 Dec 2022 15:54:58 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4639
Cache-Control: max-age=106451
Date: Fri, 09 Dec 2022 11:38:06 GMT
Etag: "639208d2-117"
Expires: Sat, 10 Dec 2022 17:12:17 GMT
Last-Modified: Thu, 08 Dec 2022 15:54:58 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5744
Cache-Control: max-age=107556
Date: Fri, 09 Dec 2022 11:38:06 GMT
Etag: "639208d2-117"
Expires: Sat, 10 Dec 2022 17:30:42 GMT
Last-Modified: Thu, 08 Dec 2022 15:54:58 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 11:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fbuhlmodeltrainsociety.com%2Fv9%2Fpennohiomodelrailroadersannual.php HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: http://buhlmodeltrainsociety.com
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

search
                                         2.18.172.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://buhlmodeltrainsociety.com/v9/pennohiomodelrailroadersannual.php
last-modified: Fri, 09 Dec 2022 11:00:00 GMT
access-control-allow-origin: http://buhlmodeltrainsociety.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 09 Dec 2022 11:38:06 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /05b62c8a-5c64-4981-9ba1-d45cb37a2e15/43e4f33e-5fef-4a42-ae1f-b58dc102de52.png HTTP/1.1 
Host: files.elfsightcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.5.247
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 11:38:06 GMT
content-length: 22543
cache-control: max-age=14400
x-hw: 1670585886.dop230.sk1.t,1670585886.cds252.sk1.hn,1670585886.cds218.sk1.p
x-rgw-object-type: Normal
etag: "df7a4294082bcf44f2ddac80024c82cc"
x-amz-request-id: tx0000000000000364815ad-0063931e1e-21d29c43-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 14 Jan 2020 21:45:03 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZkILHqOGZcHROmiCfLHyCixy1ayP2rGBHflo4dcBn%2FHhBgKhdX2Z%2FSgAx6jRZTJrS3QlweEQEz0hLNwLgxsvE2J4JO%2BEhX51agL4QKyDsKSB38okvG27ItE5YckxAU5%2Bo9hEW6fzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d73dc2a9eb517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 118 x 118, 8-bit/color RGBA, non-interlaced\012- data
Size:   22543
Md5:    df7a4294082bcf44f2ddac80024c82cc
Sha1:   b84c7d9f61dd5ebc6e2cc705b9274fb6e33737d8
Sha256: 9c98d63fbdf568703a7835f44834e5a56f93e2dd9317a81aa707d08674b4cdce
                                        
                                            GET /05b62c8a-5c64-4981-9ba1-d45cb37a2e15/009dc480-ce8b-411f-9a59-1b97389541b3.png HTTP/1.1 
Host: files.elfsightcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.5.247
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 11:38:07 GMT
content-length: 17908
cache-control: max-age=14400
x-hw: 1670585886.dop065.sk1.t,1670585886.cds071.sk1.hn,1670585886.cds201.sk1.p
x-rgw-object-type: Normal
etag: "20e749f8a5b1db63ad6a65c5ca5da3d8"
x-amz-request-id: tx0000000000000032090a5-0063931e1e-2c2c0512-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 12 Jan 2020 22:47:33 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djs0R2R%2FIVYNaB3hH3DpI9KR1z5O%2BmJ%2Bap7eN1hQept19moWhO4Y68o%2BsLm%2BvHYxeiQUvMtoIWJF0PjMY1bmWVp%2BYnkjtqqnPrE46JfbATPbsVDM63fLrLNz1QtM%2FK4JYtYCJNhcOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d73dc2aa9b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 122 x 122, 8-bit/color RGBA, non-interlaced\012- data
Size:   17908
Md5:    20e749f8a5b1db63ad6a65c5ca5da3d8
Sha1:   5d2dc60e530e056260f85519a0e6695ed05d1ad0
Sha256: 80857de1243d32c22b81583e7ead9243be5a7fdf59037766a349115afbfce62c
                                        
                                            GET /05b62c8a-5c64-4981-9ba1-d45cb37a2e15/f3beee8b-4901-4417-8df5-3f92daa76caf.png HTTP/1.1 
Host: files.elfsightcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.5.247
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 11:38:07 GMT
content-length: 22953
cache-control: max-age=14400
x-hw: 1670585886.dop021.sk1.t,1670585886.cds221.sk1.hn,1670585886.cds258.sk1.p
x-rgw-object-type: Normal
etag: "802038cbfa149428872be3715477bb95"
x-amz-request-id: tx0000000000000032090a3-0063931e1e-2c2c0512-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 21 Jan 2020 21:34:57 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chcx%2FV1UmcQ9ARQW%2Fm59H21LIt1U8aYijMu6UN0IWROTSl05LoX4mxf%2Ba2L4A3wDMIiu2fUU1sDmYq1fhfSGdCicSChWdWyjvpewaKFEuzmh2xkkjw13STHe97YJBvEKaLSF%2BFKeoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d73dc1a7fb517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   22953
Md5:    802038cbfa149428872be3715477bb95
Sha1:   594cfa18852ad29e4c0b59e3f6a296179c3646f7
Sha256: 0ea6a7a73f66d70d0e5affafc76e047dabc196937c9377f1305142583bd458e2
                                        
                                            GET /v9/includes/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://buhlmodeltrainsociety.com
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: font/woff2; charset=utf-8
                                        
Date: Fri, 09 Dec 2022 11:38:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Sep 2018 01:48:17 GMT
ETag: "6221c75-12d68-57501da091a40"
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
                                        
                                            GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 11:38:05 GMT
date: Fri, 09 Dec 2022 11:38:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v9/includes/fonts/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1 
Host: buhlmodeltrainsociety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://buhlmodeltrainsociety.com
Referer: http://buhlmodeltrainsociety.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         70.32.23.31
HTTP/1.1 200 OK
Content-Type: font/ttf
                                        
Date: Fri, 09 Dec 2022 11:38:04 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Sep 2018 01:48:15 GMT
ETag: "6221b9b-286ac-57501d9ea95c0"
Accept-Ranges: bytes
Content-Length: 165548
Vary: Accept-Encoding
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive


--- Additional Info ---
                                        
                                            GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 11:38:05 GMT
date: Fri, 09 Dec 2022 11:38:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /new_domain_gating/?endpoint=customerchat&page_id=381892885337641&suppress_http_code=1 HTTP/1.1 
Host: socialplugin.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://buhlmodeltrainsociety.com
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: http://buhlmodeltrainsociety.com
x-fb-debug: OvgaGx9r63Muh6Knk0LwRcUvWksOeB9SmKupYc2qPyuUAzMJbnFBspyBqGub7Tng8hDErlDDOP6foJedhsr4AA==
date: Fri, 09 Dec 2022 11:38:05 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /new_domain_gating/?endpoint=customerchat&page_id=381892885337641&suppress_http_code=1 HTTP/1.1 
Host: socialplugin.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://buhlmodeltrainsociety.com
Connection: keep-alive
Referer: http://buhlmodeltrainsociety.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: http://buhlmodeltrainsociety.com
x-fb-debug: Qs56jRsuVb3LUvH6h4HtmkuUtiCDrfy53vd2ef8jaR3YdeWoorwnWLrmmVex93cr7FLciZrFHcL9cV1Wd5FTbw==
date: Fri, 09 Dec 2022 11:38:06 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---