urlquery - report: pelisquatch.com/login.php?online

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
ocsp.entrust.net (9)	1208	2013-07-24 12:09:14 UTC	2022-09-21 04:20:44 UTC	104.110.10.32
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-21 15:45:34 UTC	93.184.220.29
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-21 04:20:37 UTC	52.41.253.170
asset.mtb.com (1)	246397	2017-02-13 04:24:51 UTC	2022-09-21 14:10:06 UTC	54.230.111.59
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-21 14:38:57 UTC	34.120.237.76
r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-09-21 04:18:22 UTC	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-09-21 16:01:18 UTC	143.204.55.36
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-21 04:18:32 UTC	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-21 04:20:37 UTC	34.117.237.239
resources.mtb.com (8)	144011	2014-11-08 14:57:30 UTC	2022-09-21 17:36:18 UTC	24.75.29.77
pelisquatch.com (7)	0	2021-11-18 11:48:13 UTC	2022-09-20 17:25:27 UTC	95.111.225.194	Unknown ranking

Scan Date	Severity	Indicator	Comment
2022-09-21	2	pelisquatch.com/login.php?online_id=27df63b215344e368	Phishing
2022-09-21	2	pelisquatch.com/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js	Phishing
2022-09-21	2	pelisquatch.com/Assets/scripts/Login/Index.js	Phishing
2022-09-21	2	pelisquatch.com/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js	Phishing
2022-09-21	2	pelisquatch.com/Assets/scripts/Login/Index.js	Phishing

Date	UQ / IDS / BL	URL	IP
2022-09-21 23:31:21 +0000	0 - 0 - 4	pelisquatch.com/login.php?online_id=dae34dfb3 (...)	95.111.225.194
2022-09-21 23:23:35 +0000	0 - 0 - 4	pelisquatch.com/login.php?country={{country}} (...)	95.111.225.194
2022-09-21 23:18:03 +0000	0 - 0 - 3	pelisquatch.com/login.php?country={{country}} (...)	95.111.225.194
2022-09-21 23:15:21 +0000	0 - 0 - 3	aaditriagrotech.com/	95.111.225.194
2022-09-21 23:13:16 +0000	0 - 0 - 4	pelisquatch.com/login.php?country={{country}} (...)	95.111.225.194

Date	UQ / IDS / BL	URL	IP
2023-02-05 14:46:05 +0000	0 - 0 - 1	apkrebrand.co.uk/sportsguide/hotbox/api/vpn	62.171.140.18
2023-02-05 14:17:24 +0000	0 - 0 - 1	apkrebrand.co.uk/plite/pirates/api/1.php?code (...)	62.171.140.18
2023-02-05 14:17:24 +0000	0 - 0 - 1	apkrebrand.co.uk/plite/pirates/api/api.php	62.171.140.18
2023-02-05 12:17:50 +0000	0 - 0 - 7	host.phdt.lk/pwnkit/MXUPS-experss/CLfinal/UPS (...)	173.249.28.141
2023-02-05 11:38:12 +0000	0 - 0 - 186	paddle-lab.com/shop-by-category/paracanoe.html	185.215.180.46

Date	UQ / IDS / BL	URL	IP
2022-09-21 23:31:21 +0000	0 - 0 - 4	pelisquatch.com/login.php?online_id=dae34dfb3 (...)	95.111.225.194
2022-09-21 23:23:35 +0000	0 - 0 - 4	pelisquatch.com/login.php?country={{country}} (...)	95.111.225.194
2022-09-21 23:18:03 +0000	0 - 0 - 3	pelisquatch.com/login.php?country={{country}} (...)	95.111.225.194
2022-09-21 23:13:16 +0000	0 - 0 - 4	pelisquatch.com/login.php?country={{country}} (...)	95.111.225.194
2022-09-21 23:10:09 +0000	0 - 0 - 4	pelisquatch.com/login.php?country=&iso=&onlin (...)	95.111.225.194

Date	UQ / IDS / BL	URL	IP
2023-02-01 11:51:41 +0000	15 - 2 - 42	aslottonownext.line.pm/	45.42.203.197
2023-02-01 10:40:52 +0000	19 - 2 - 56	bit.do/fVX3D	23.21.31.78
2023-02-01 09:04:55 +0000	19 - 2 - 54	aslottonownext.line.pm/	45.42.203.197
2023-02-01 04:07:16 +0000	16 - 2 - 47	bit.do/fVX3D	23.21.31.78
2023-02-01 02:31:13 +0000	19 - 2 - 54	aslottonownext.line.pm/	45.42.203.197

Request	Response
GET /login.php?online_id=27df63b215344e368 HTTP/1.1 Host: pelisquatch.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: pelisquatch.com/login.php?online_id=27df63b215344e368 FQDN: pelisquatch.com IP: 95.111.225.194 HASH: 179f859e76864bbb7c6e4ca09d6b5f51f760679f8f3798edb2375244fa63a0a5 95.111.225.194 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Wed, 21 Sep 2022 21:51:21 GMT Server: Apache Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (960), with CRLF line terminators Size: 14639 Md5: 081bdda16bbdeca91f420f7898d60f08 Sha1: cb837a7c87fbd60615fb9453ca1c939a34f4e840 Sha256: 179f859e76864bbb7c6e4ca09d6b5f51f760679f8f3798edb2375244fa63a0a5 Alerts: Blocklists: - fortinet: Phishing
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.36 HASH: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 143.204.55.36 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Wed, 21 Sep 2022 21:23:54 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 3dgdCfzVoLs1COYUhKFQMjprO_2k5bPQzqiLm__VMM_jG_5XOtNZKA== Age: 1647 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 2d12f67fe57a87e7366b662d153a5582 Sha1: d7b02d81cc74f24a251d9363e0f4b0a149264ec1 Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2" Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6413 Expires: Wed, 21 Sep 2022 23:38:14 GMT Date: Wed, 21 Sep 2022 21:51:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a26d0784548ecab22f417f3d689daf23 Sha1: 8893b79366bbadeb5c8d587b8f023e310694df1c Sha256: 35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02" Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4699 Expires: Wed, 21 Sep 2022 23:09:40 GMT Date: Wed, 21 Sep 2022 21:51:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: afb65a07bf7214addf83d17a53acba32 Sha1: a8e973204431320aa7b362a4e73944520c4b51b9 Sha256: 46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: +ovKVBS/5o4xxvaXmLcpk9V+Hyb4GFmcSylGTj8PGFyBjUklc64NXgjsQZ1JRdNxTM9YH7ZvNtgqpmCl0BcK2A== x-amz-request-id: MPYABEE102RR9AFH content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 21 Sep 2022 21:43:27 GMT age: 474 last-modified: Sat, 10 Sep 2022 18:47:45 GMT etag: "6113f8408c59aebe188d6af273b90743" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9 HTTP/1.1 Host: pelisquatch.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://pelisquatch.com/login.php?online_id=27df63b215344e368	URL: pelisquatch.com/TSPD/0856addebbab2000ba949201dad9f67efc (...) FQDN: pelisquatch.com IP: 95.111.225.194 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 95.111.225.194 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Wed, 21 Sep 2022 21:51:21 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 21 Sep 2022 21:51:21 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1 Host: pelisquatch.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://pelisquatch.com/login.php?online_id=27df63b215344e368	URL: pelisquatch.com/ruxitagentjs_ICA2SVfhjqrux_102052012181 (...) FQDN: pelisquatch.com IP: 95.111.225.194 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 95.111.225.194 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Wed, 21 Sep 2022 21:51:21 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
GET /Assets/scripts/Login/Index.js HTTP/1.1 Host: pelisquatch.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://pelisquatch.com/login.php?online_id=27df63b215344e368	URL: pelisquatch.com/Assets/scripts/Login/Index.js FQDN: pelisquatch.com IP: 95.111.225.194 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 95.111.225.194 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Wed, 21 Sep 2022 21:51:21 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17 HTTP/1.1 Host: pelisquatch.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://pelisquatch.com/login.php?online_id=27df63b215344e368	URL: pelisquatch.com/TSPD/0856addebbab2000ba949201dad9f67efc (...) FQDN: pelisquatch.com IP: 95.111.225.194 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 95.111.225.194 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Wed, 21 Sep 2022 21:51:21 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1 Host: pelisquatch.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://pelisquatch.com/login.php?online_id=27df63b215344e368	URL: pelisquatch.com/ruxitagentjs_ICA2SVfhjqrux_102052012181 (...) FQDN: pelisquatch.com IP: 95.111.225.194 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 95.111.225.194 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Wed, 21 Sep 2022 21:51:21 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "3193F673C8E507D4D3897C58A0D5E2DDCE00DB10C79AC1A56F1CA8996ED1BB4C" Last-Modified: Wed, 21 Sep 2022 11:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3036 Expires: Wed, 21 Sep 2022 22:41:58 GMT Date: Wed, 21 Sep 2022 21:51:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: 4125aa59aa4bc29d75a7c50e10b120c9 Sha1: 37dfe87306cd6d70453ca1f932485bb4abd086d7 Sha256: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "3193F673C8E507D4D3897C58A0D5E2DDCE00DB10C79AC1A56F1CA8996ED1BB4C" Last-Modified: Wed, 21 Sep 2022 11:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3036 Expires: Wed, 21 Sep 2022 22:41:58 GMT Date: Wed, 21 Sep 2022 21:51:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: 4125aa59aa4bc29d75a7c50e10b120c9 Sha1: 37dfe87306cd6d70453ca1f932485bb4abd086d7 Sha256: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "3193F673C8E507D4D3897C58A0D5E2DDCE00DB10C79AC1A56F1CA8996ED1BB4C" Last-Modified: Wed, 21 Sep 2022 11:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3036 Expires: Wed, 21 Sep 2022 22:41:58 GMT Date: Wed, 21 Sep 2022 21:51:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: 4125aa59aa4bc29d75a7c50e10b120c9 Sha1: 37dfe87306cd6d70453ca1f932485bb4abd086d7 Sha256: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "3193F673C8E507D4D3897C58A0D5E2DDCE00DB10C79AC1A56F1CA8996ED1BB4C" Last-Modified: Wed, 21 Sep 2022 11:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=3036 Expires: Wed, 21 Sep 2022 22:41:58 GMT Date: Wed, 21 Sep 2022 21:51:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: 4125aa59aa4bc29d75a7c50e10b120c9 Sha1: 37dfe87306cd6d70453ca1f932485bb4abd086d7 Sha256: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "A6E69A3FFF61F3BF87E2AA83D506B2DC24FAD8206848483375E4677FC6EA1A77" Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3541 Expires: Wed, 21 Sep 2022 22:50:23 GMT Date: Wed, 21 Sep 2022 21:51:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 46daa149483f4424079a717225076273 Sha1: 8b7a560a52f30d02c45346358aca724d64fc6f80 Sha256: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "A6E69A3FFF61F3BF87E2AA83D506B2DC24FAD8206848483375E4677FC6EA1A77" Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3541 Expires: Wed, 21 Sep 2022 22:50:23 GMT Date: Wed, 21 Sep 2022 21:51:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 46daa149483f4424079a717225076273 Sha1: 8b7a560a52f30d02c45346358aca724d64fc6f80 Sha256: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "A6E69A3FFF61F3BF87E2AA83D506B2DC24FAD8206848483375E4677FC6EA1A77" Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3541 Expires: Wed, 21 Sep 2022 22:50:23 GMT Date: Wed, 21 Sep 2022 21:51:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 46daa149483f4424079a717225076273 Sha1: 8b7a560a52f30d02c45346358aca724d64fc6f80 Sha256: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "A6E69A3FFF61F3BF87E2AA83D506B2DC24FAD8206848483375E4677FC6EA1A77" Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3541 Expires: Wed, 21 Sep 2022 22:50:23 GMT Date: Wed, 21 Sep 2022 21:51:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 46daa149483f4424079a717225076273 Sha1: 8b7a560a52f30d02c45346358aca724d64fc6f80 Sha256: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.36 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.36 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Wed, 21 Sep 2022 21:03:22 GMT Expires: Wed, 21 Sep 2022 21:55:43 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Oem12fjohSHxEDRZVPq2wGWe7X2q1MK0sr5KUOjxdS0m8k4ckK9FQQ== Age: 2880 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /r/simple-layout-responsive/css.mtb?v=08132020140516 HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://pelisquatch.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/r/simple-layout-responsive/css.mtb?v= (...) FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 2269c7300f76270849225e1b1f045bf65e36ea325d5fed63ffb55f3a5758195a 24.75.29.77 HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Expires: Thu, 21 Sep 2023 21:51:21 GMT Last-Modified: Wed, 21 Sep 2022 21:51:20 GMT ETag: "1663797081:dtagent10247220811100421ZWhG" Vary: User-Agent X-Srv: B-SC-03 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="158401308" Date: Wed, 21 Sep 2022 21:51:20 GMT ntCoent-Length: 258715 Cache-Control: private Content-Encoding: gzip Set-Cookie: dtCookie=v_4_srv_9_sn_4AE0A2B2450AE4CB9B1E386015FE355B_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_1; Path=/; Domain=.mtb.com TS019299a7=01fb46a9261247a06d33c034968a9a5eb2716de5c857c07c0e4f4fdaa2763aef370c6fcba4e80abed7109c616b89444a7ce8baf451; Path=/ TS0128739d=01fb46a92686440a0c525157d5345a21d8db9f05c657c07c0e4f4fdaa2763aef370c6fcba46a322c72bd8476ab07308f43a2f3d961c69bd98b52527e916e2bb6809d71c78e; path=/; domain=.mtb.com TSea15929a027=0856addebbab2000b2c910acce98e1e1a7d63d55d92e13414d07f5518a22feea9c6f875b55caad5608a3a46c52113000e6826cb0ecbb5d837a5c9b82dd3ae9ae40a40fa855e7e511798db2b33ba2dc9b95d78e2ea907c2d06f661a00cf659dad; Path=/ Transfer-Encoding: chunked --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size: 34712 Md5: da035f53931c132155280b9c00893409 Sha1: 94ae91f42af9f8af8eed42934ea710bd409fdee8 Sha256: 2269c7300f76270849225e1b1f045bf65e36ea325d5fed63ffb55f3a5758195a
GET /Assets/img/mtb-entrust.svg HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://pelisquatch.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/Assets/img/mtb-entrust.svg FQDN: resources.mtb.com IP: 24.75.29.77 HASH: b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5 24.75.29.77 HTTP/1.1 200 OK Content-Type: image/svg+xml Last-Modified: Wed, 21 Sep 2022 01:18:32 GMT Accept-Ranges: bytes ETag: "0a4321058cdd81:0" X-Srv: B-SC-03 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1784551186" Date: Wed, 21 Sep 2022 21:51:21 GMT Content-Length: 1349 Set-Cookie: TSea15929a027=0856addebbab2000fb9ca84217f8144c4e70909b5d5353a3ae3e1a389f0b272f2cfbec605dc09e2108f30595c911300044cc75cfc8e132d47a5c9b82dd3ae9aefcc78ced4b919e1a00981b9dd35f51416474ffc5085fe6d5cfee592d1f565e43; Path=/ --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators Size: 1349 Md5: 9a569ad20708d7453d89fe6c72e7fcdc Sha1: 60b6a41620583484642f7c826faf8e3c879a6374 Sha256: b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /Assets/img/mtb-logo.svg HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://pelisquatch.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/Assets/img/mtb-logo.svg FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac 24.75.29.77 HTTP/1.1 200 OK Content-Type: image/svg+xml Last-Modified: Wed, 21 Sep 2022 01:18:32 GMT Accept-Ranges: bytes ETag: "0a4321058cdd81:0" X-Srv: B-SC-03 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1983512475" Date: Wed, 21 Sep 2022 21:51:21 GMT Content-Length: 2039 Set-Cookie: TSea15929a027=0856addebbab2000d3a786e2ecc9e50bb716d9dfe0a373543793025540dd762fbd075d702fcddcbe086dbf772c1130000454de623367cc357a5c9b82dd3ae9ae8e30329ef600829587c713e30fa825552343171f41e3437cc8f3153d7c59d5e0; Path=/ --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators Size: 2039 Md5: f2b901cf895852a0866fe4a16c7f1730 Sha1: c4240af1ec798477b4e65a185ddbb1b038817da4 Sha256: 5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://pelisquatch.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/Assets/img/mtb-equalhousinglender.svg FQDN: resources.mtb.com IP: 24.75.29.77 HASH: d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad 24.75.29.77 HTTP/1.1 200 OK Content-Type: image/svg+xml Last-Modified: Wed, 21 Sep 2022 01:18:32 GMT Accept-Ranges: bytes ETag: "0a4321058cdd81:0" X-Srv: B-SC-03 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="651302959" Date: Wed, 21 Sep 2022 21:51:21 GMT Content-Length: 230 Set-Cookie: TSea15929a027=0856addebbab2000b32dafb6ad651fb89b1eb4b6a1f8a35044f22bd132946dda6657c619a9054bd308698d3aea11300080e5a9b8811ce4577a5c9b82dd3ae9aeabeab74624cb796778bf144b7edcd287338935b5fecc63838698120b89f41a02; Path=/ --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 230 Md5: 916635d10512ae6a1840614a895dcd38 Sha1: db175de4c42281bb4d239c57d1b95b8e75c529ec Sha256: d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6283 Cache-Control: 'max-age=158059' Date: Wed, 21 Sep 2022 21:51:22 GMT Last-Modified: Wed, 21 Sep 2022 20:06:39 GMT Server: ECS (ska/F704) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ff6d50919e56aed75c47feb45ee2f2ec Sha1: 98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef Sha256: b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
GET /r/simple-layout-responsive/js.mtb?v=08132020140516 HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://pelisquatch.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/r/simple-layout-responsive/js.mtb?v=0 (...) FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 3ac3d1438229e5d19ab15b5a7552eb05497af3ea08ecc93fb3c5d084d73e60b9 24.75.29.77 HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Thu, 21 Sep 2023 21:51:21 GMT Last-Modified: Wed, 21 Sep 2022 21:51:20 GMT ETag: "1663797081:dtagent10247220811100421ZWhG" Vary: User-Agent X-Srv: B-SC-03 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="1575778519" Date: Wed, 21 Sep 2022 21:51:20 GMT ntCoent-Length: 322405 Cache-Control: private Content-Encoding: gzip Set-Cookie: dtCookie=v_4_srv_9_sn_A427684F132ACEE34CDB6B52254B211A_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TS019299a7=01fb46a926064c5cc5963663fe3487286740057868d2871a6a7a7e5ef05efda1b252c3af18dd756574ec5e07ea11ea5587a09b1af5; Path=/ TS0128739d=01fb46a9269145b924360510d4932f965ac2cd5e3bd2871a6a7a7e5ef05efda1b252c3af1860973e1f1159857673cf07623837729d079e30e29f4668fbf28e569d33d3bba8; path=/; domain=.mtb.com TSea15929a027=0856addebbab2000360ad7abe78cfa49c80f8b53b6ad0a70b755cc162442c0b3f370f6c2a68dd96c08110b5c771130004ccab1d85a491dd97a5c9b82dd3ae9ae53b29ca85cf7a55cfc2769338d88433ad2696e1c5d6ddc76cc7d9c959f8173fa; Path=/ Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 103531 Md5: 709ebc99ab68894c16d41797eb08e778 Sha1: 76a47991fe6d37cfff3521535bf366798a97e292 Sha256: 3ac3d1438229e5d19ab15b5a7552eb05497af3ea08ecc93fb3c5d084d73e60b9
GET /Assets/scripts/Login/Index.js HTTP/1.1 Host: pelisquatch.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://pelisquatch.com/login.php?online_id=27df63b215344e368	URL: pelisquatch.com/Assets/scripts/Login/Index.js FQDN: pelisquatch.com IP: 95.111.225.194 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 95.111.225.194 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Wed, 21 Sep 2022 21:51:22 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: Blocklists: - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: tixfKyz+11Ks05nm+Ws73A== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.41.253.170 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.41.253.170 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: oJB3NlT3v9RIJpxukC84nhVtKE4= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://pelisquatch.com Connection: keep-alive Referer: https://resources.mtb.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2 24.75.29.77 HTTP/1.1 200 OK Content-Type: APPLICATION/X-WOFF Last-Modified: Wed, 21 Sep 2022 01:18:31 GMT Accept-Ranges: bytes ETag: "0a4321058cdd81:0:dtagent10247220811100421ZWhG" X-Srv: B-SC-03 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Timing-Allow-Origin: * Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1817360419", dtTao;desc="1" Date: Wed, 21 Sep 2022 21:51:21 GMT Content-Length: 67671 Set-Cookie: dtCookie=v_4_srv_4_sn_CEDA8914F7A6796C71F0983F7B0C6625_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TS019299a7=01fb46a926fa2e2d1ea525c83c9379b430dde4f3cc94fbe4cd1f1d773f321b831d1a96d6628c09ca04a35d1f43ce99eac46347c621; Path=/ TS0128739d=01fb46a9268571544153a9918a7f53f5cfb1b4511294fbe4cd1f1d773f321b831d1a96d662ec7940ad4ad68d7c086d0653ff9d411e6357d52d5eff0fb8dd75257b53b5ceb8; path=/; domain=.mtb.com TSea15929a027=0856addebbab2000a96de02dffc65da81fd158cb67dc085371b49937f167ff1f2e9bf2242a5fa65c08966f7a0511300053e68cb7222ef8677a5c9b82dd3ae9ae05ea30866e79079e7129d9a2a6026f30e6cadf80251a271aa7773f9727c7e94b; Path=/ --- Additional Info --- Magic: Web Open Font Format, TrueType, length 67671, version 1.0\012- data Size: 67671 Md5: 6cd469e8613d82d4d07834a5ca7745f0 Sha1: 95347ba0a03d27e1aa91bc17c937d8aefe53e6ff Sha256: 4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://pelisquatch.com Connection: keep-alive Referer: https://resources.mtb.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/assets/fonts/mandtpg-iconfont.woff FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df 24.75.29.77 HTTP/1.1 200 OK Content-Type: APPLICATION/X-WOFF Last-Modified: Wed, 21 Sep 2022 01:18:31 GMT Accept-Ranges: bytes ETag: "0a4321058cdd81:0:dtagent10247220811100421ZWhG" X-Srv: B-SC-03 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Timing-Allow-Origin: * Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1639887082", dtTao;desc="1" Date: Wed, 21 Sep 2022 21:51:21 GMT Content-Length: 4776 Set-Cookie: dtCookie=v_4_srv_6_sn_4F51BF231E4AA1BE1E3001FA47A00A49_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TS019299a7=01fb46a926f07a2ca6080cdf06e093e98e52db7f45930bbd8b9a06bb063b9fe349f3dc8a51ed462789358fc043060ae6184b275128; Path=/ TS0128739d=01fb46a926a18bab697e15f5e6fe2996f00682298a930bbd8b9a06bb063b9fe349f3dc8a51be7008240d229be3033fe506cab6858678b4030a347cd67731231d7f02eaa2e2; path=/; domain=.mtb.com TSea15929a027=0856addebbab2000b59c9713a3ba961697ebe8cd9509d87641f5e78735b39c6bac7231293bc7bcea0840ce20ba113000b68af6b6df08f91374ed42604b04acf87d644bbceb7d2f7fa64da57680bbd60d5c9179a94c27287fd8d9a4b021764db1; Path=/ --- Additional Info --- Magic: Web Open Font Format, TrueType, length 4776, version 1.0\012- data Size: 4776 Md5: ac13691b89191d11d0e5577eb3cf3d53 Sha1: 0126fa82c0ab022e61b5de74f1fe3e204a905a7b Sha256: 108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://pelisquatch.com Connection: keep-alive Referer: https://resources.mtb.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff FQDN: resources.mtb.com IP: 24.75.29.77 HASH: b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc 24.75.29.77 HTTP/1.1 200 OK Content-Type: APPLICATION/X-WOFF Last-Modified: Wed, 21 Sep 2022 01:18:31 GMT Accept-Ranges: bytes ETag: "0a4321058cdd81:0:dtagent10247220811100421ZWhG" X-Srv: B-SC-03 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Timing-Allow-Origin: * Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1350329807", dtTao;desc="1" Date: Wed, 21 Sep 2022 21:51:21 GMT Content-Length: 64318 Set-Cookie: dtCookie=v_4_srv_11_sn_7C19CEC10964A1C09C4B5E9341D60019_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TS019299a7=01fb46a92670e60d748fdaa9c900b9d8a9d1cd89191cede3381c3645d8728225eba89d8ec4c98b02a8777e96b2881ff35b29cd72e4; Path=/ TS0128739d=01fb46a926b422fdf557b483f066fac0adf28d302a1cede3381c3645d8728225eba89d8ec4a34206f2eea95c529bae524d9f46372c6ba3e5142df753d533b11a1d86da1c19; path=/; domain=.mtb.com TSea15929a027=0856addebbab2000a58bb1a8bc3a29d3026809f0d2b1e1edbb55934b8d4685a4f2758329e1f26e690802a0e418113000489c33776e441c5774ed42604b04acf873325bb29d7f9e45cba14c8ab8c90bcab6d04c8204d33eb4ac979d045b32db11; Path=/ --- Additional Info --- Magic: Web Open Font Format, TrueType, length 64318, version 1.0\012- data Size: 64318 Md5: b245a55f7e33e1cf4d2477570936ef84 Sha1: 12bf1c1eda6db246778f7c343acebbaad8fa36f4 Sha256: b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: d30acf11c0eaa476931811ca96bb5429470111047c33503151b3569268d030b1 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "D30ACF11C0EAA476931811CA96BB5429470111047C33503151B3569268D030B1" Last-Modified: Wed, 21 Sep 2022 15:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3530 Expires: Wed, 21 Sep 2022 22:50:13 GMT Date: Wed, 21 Sep 2022 21:51:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 7bffb0766a300f6feb8e44b8a917ba8a Sha1: 35d7e4b0b9f8d015e025101b4844a303193fa78f Sha256: d30acf11c0eaa476931811ca96bb5429470111047c33503151b3569268d030b1
GET /Documents/html/homepage/favicon.ico HTTP/1.1 Host: asset.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://pelisquatch.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: asset.mtb.com/Documents/html/homepage/favicon.ico FQDN: asset.mtb.com IP: 54.230.111.59 HASH: cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3 54.230.111.59 HTTP/2 200 OK content-type: image/x-icon content-length: 14862 accept-ranges: bytes content-disposition: inline content-encoding: gzip last-modified: Wed, 04 May 2022 18:18:59 GMT server: Apache strict-transport-security: max-age=31536000; includeSubdomains; preload x-content-type-options: nosniff x-dispatcher: dispatcher1useast1 x-frame-options: SAMEORIGIN x-vhost: publish date: Wed, 21 Sep 2022 21:51:18 GMT cache-control: max-age=3600, no-cache="set-cookie" etag: "3dce-5de33a8b9cac0-gzip" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: K1Lb8CKuKwd05uO5s_Au0RtI0QPLgo0Aoe1jBefmn-GZXTuCx8FZyQ== age: 846 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data Size: 14862 Md5: e82f458a5c1c5353a97401eccc925613 Sha1: 949d6c8d06ca14b52f496c20f63fae269b6708c2 Sha256: cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4885 Expires: Wed, 21 Sep 2022 23:12:48 GMT Date: Wed, 21 Sep 2022 21:51:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8ebb267e443b81854ef9a01b3eb6489d Sha1: b932e9e5679da5a9160da5429458041765509b52 Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4885 Expires: Wed, 21 Sep 2022 23:12:48 GMT Date: Wed, 21 Sep 2022 21:51:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8ebb267e443b81854ef9a01b3eb6489d Sha1: b932e9e5679da5a9160da5429458041765509b52 Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4885 Expires: Wed, 21 Sep 2022 23:12:48 GMT Date: Wed, 21 Sep 2022 21:51:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8ebb267e443b81854ef9a01b3eb6489d Sha1: b932e9e5679da5a9160da5429458041765509b52 Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4885 Expires: Wed, 21 Sep 2022 23:12:48 GMT Date: Wed, 21 Sep 2022 21:51:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8ebb267e443b81854ef9a01b3eb6489d Sha1: b932e9e5679da5a9160da5429458041765509b52 Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6897 x-amzn-requestid: 280a2e44-c21a-4d78-991b-3328e816d045 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YwWSpE0SoAMFaxw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63299daa-55cb53491be78c4d5bed0462;Sampled=0 x-amzn-remapped-date: Tue, 20 Sep 2022 11:02:02 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: eNkM22Xu--qgJdsrH-UrTG5-Ie4nAsyLjiMaJ5ZKIz0bbw7cYrvFjw== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google date: Wed, 21 Sep 2022 02:18:26 GMT age: 70377 etag: "91df60162a8322469cada0dd8eb93619f28aec1a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6897 Md5: 8bae3a7a80ff40df1d701dfc925ddeff Sha1: 91df60162a8322469cada0dd8eb93619f28aec1a Sha256: fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11832 x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YugI_EsLIAMFdmQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0 x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Sep 2022 22:09:43 GMT age: 85300 etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11832 Md5: 2ed7323b395e757f7766ea0045efdaca Sha1: 8b91bc3069a3217bc719c27959d578b353b5d9dc Sha256: 8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10244 x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YYwBkGqjIAMFz0Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0 x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google date: Wed, 21 Sep 2022 12:08:27 GMT age: 34976 etag: "b1cd04a66852694284eeef16a1cde38896e33c03" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10244 Md5: 14e6ddceb639a5f4875aecb796f95c79 Sha1: b1cd04a66852694284eeef16a1cde38896e33c03 Sha256: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8861 x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YO2wuE0AoAMF7Gw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0 x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: UStTyIXPucbY9WmDl3W5bTyeT-2SJ5CTUjv8TLeexqZtKd1p2sJrNA== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Wed, 21 Sep 2022 03:25:34 GMT age: 66349 etag: "56f228d7358ba9deef000f53214dc7c1dc358109" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8861 Md5: a504981ee10d8341b64f19001464ae8a Sha1: 56f228d7358ba9deef000f53214dc7c1dc358109 Sha256: 0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9201 x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YxzxlEYcoAMFaQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0 x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw== via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Wed, 21 Sep 2022 21:43:23 GMT age: 480 etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9201 Md5: a692964324dbb9c460a1b855808d02e6 Sha1: 1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54 Sha256: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10038 x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Yxy1mHDCIAMF5-g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0 x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google date: Wed, 21 Sep 2022 21:47:25 GMT age: 238 etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10038 Md5: dab1f2cd68979d2004ba4449d759a341 Sha1: 54ed14436a75ba2aeb8459bad2ce70229aff4203 Sha256: e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.36

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Wed, 21 Sep 2022 21:23:54 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: 3dgdCfzVoLs1COYUhKFQMjprO_2k5bPQzqiLm__VMM_jG_5XOtNZKA== 

                                        
                                            
Age: 1647 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    2d12f67fe57a87e7366b662d153a5582

                                                Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1

                                                Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02" 

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4699 

                                        
                                            
Expires: Wed, 21 Sep 2022 23:09:40 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:21 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    afb65a07bf7214addf83d17a53acba32

                                                Sha1:   a8e973204431320aa7b362a4e73944520c4b51b9

                                                Sha256: 46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02

                                        
                                            GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9 HTTP/1.1 

                                        
                                            
Host: pelisquatch.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://pelisquatch.com/login.php?online_id=27df63b215344e368

                                         95.111.225.194

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html; charset=iso-8859-1

                                        

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:21 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Content-Length: 315 

                                        
                                            
Keep-Alive: timeout=5, max=99 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   315

                                                Md5:    a34ac19f4afae63adc5d2f7bc970c07f

                                                Sha1:   a82190fc530c265aa40a045c21770d967f4767b8

                                                Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

                                        
                                            GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17 HTTP/1.1 

                                        
                                            
Host: pelisquatch.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://pelisquatch.com/login.php?online_id=27df63b215344e368

                                         95.111.225.194

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html; charset=iso-8859-1

                                        

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:21 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Content-Length: 315 

                                        
                                            
Keep-Alive: timeout=5, max=100 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   315

                                                Md5:    a34ac19f4afae63adc5d2f7bc970c07f

                                                Sha1:   a82190fc530c265aa40a045c21770d967f4767b8

                                                Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "3193F673C8E507D4D3897C58A0D5E2DDCE00DB10C79AC1A56F1CA8996ED1BB4C" 

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 11:00:00 UTC 

                                        
                                            
Content-Length: 1588 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3036 

                                        
                                            
Expires: Wed, 21 Sep 2022 22:41:58 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:22 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1588

                                                Md5:    4125aa59aa4bc29d75a7c50e10b120c9

                                                Sha1:   37dfe87306cd6d70453ca1f932485bb4abd086d7

                                                Sha256: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "3193F673C8E507D4D3897C58A0D5E2DDCE00DB10C79AC1A56F1CA8996ED1BB4C" 

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 11:00:00 UTC 

                                        
                                            
Content-Length: 1588 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3036 

                                        
                                            
Expires: Wed, 21 Sep 2022 22:41:58 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:22 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1588

                                                Md5:    4125aa59aa4bc29d75a7c50e10b120c9

                                                Sha1:   37dfe87306cd6d70453ca1f932485bb4abd086d7

                                                Sha256: 3193f673c8e507d4d3897c58a0d5e2ddce00db10c79ac1a56f1ca8996ed1bb4c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "A6E69A3FFF61F3BF87E2AA83D506B2DC24FAD8206848483375E4677FC6EA1A77" 

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC 

                                        
                                            
Content-Length: 1585 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3541 

                                        
                                            
Expires: Wed, 21 Sep 2022 22:50:23 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:22 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1585

                                                Md5:    46daa149483f4424079a717225076273

                                                Sha1:   8b7a560a52f30d02c45346358aca724d64fc6f80

                                                Sha256: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "A6E69A3FFF61F3BF87E2AA83D506B2DC24FAD8206848483375E4677FC6EA1A77" 

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC 

                                        
                                            
Content-Length: 1585 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3541 

                                        
                                            
Expires: Wed, 21 Sep 2022 22:50:23 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:22 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1585

                                                Md5:    46daa149483f4424079a717225076273

                                                Sha1:   8b7a560a52f30d02c45346358aca724d64fc6f80

                                                Sha256: a6e69a3fff61f3bf87e2aa83d506b2dc24fad8206848483375e4677fc6ea1a77

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.36

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Date: Wed, 21 Sep 2022 21:03:22 GMT 

                                        
                                            
Expires: Wed, 21 Sep 2022 21:55:43 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: Oem12fjohSHxEDRZVPq2wGWe7X2q1MK0sr5KUOjxdS0m8k4ckK9FQQ== 

                                        
                                            
Age: 2880 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET /Assets/img/mtb-entrust.svg HTTP/1.1 

                                        
                                            
Host: resources.mtb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://pelisquatch.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         24.75.29.77

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/svg+xml

                                        

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 01:18:32 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "0a4321058cdd81:0" 

                                        
                                            
X-Srv: B-SC-03 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ 

                                        
                                            
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1784551186" 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:21 GMT 

                                        
                                            
Content-Length: 1349 

                                        
                                            
Set-Cookie: TSea15929a027=0856addebbab2000fb9ca84217f8144c4e70909b5d5353a3ae3e1a389f0b272f2cfbec605dc09e2108f30595c911300044cc75cfc8e132d47a5c9b82dd3ae9aefcc78ced4b919e1a00981b9dd35f51416474ffc5085fe6d5cfee592d1f565e43; Path=/ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators

                                                Size:   1349

                                                Md5:    9a569ad20708d7453d89fe6c72e7fcdc

                                                Sha1:   60b6a41620583484642f7c826faf8e3c879a6374

                                                Sha256: b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5

                                        
                                            GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1 

                                        
                                            
Host: resources.mtb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://pelisquatch.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         24.75.29.77

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/svg+xml

                                        

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 01:18:32 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "0a4321058cdd81:0" 

                                        
                                            
X-Srv: B-SC-03 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ 

                                        
                                            
Server-Timing: dtSInfo;desc="0", dtRpid;desc="651302959" 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:21 GMT 

                                        
                                            
Content-Length: 230 

                                        
                                            
Set-Cookie: TSea15929a027=0856addebbab2000b32dafb6ad651fb89b1eb4b6a1f8a35044f22bd132946dda6657c619a9054bd308698d3aea11300080e5a9b8811ce4577a5c9b82dd3ae9aeabeab74624cb796778bf144b7edcd287338935b5fecc63838698120b89f41a02; Path=/ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators

                                                Size:   230

                                                Md5:    916635d10512ae6a1840614a895dcd38

                                                Sha1:   db175de4c42281bb4d239c57d1b95b8e75c529ec

                                                Sha256: d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad

                                        
                                            GET /r/simple-layout-responsive/js.mtb?v=08132020140516 HTTP/1.1 

                                        
                                            
Host: resources.mtb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://pelisquatch.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         24.75.29.77

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript; charset=utf-8

                                        

                                        
                                            
Expires: Thu, 21 Sep 2023 21:51:21 GMT 

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 21:51:20 GMT 

                                        
                                            
ETag: "1663797081:dtagent10247220811100421ZWhG" 

                                        
                                            
Vary: User-Agent 

                                        
                                            
X-Srv: B-SC-03 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ 

                                        
                                            
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1575778519" 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:20 GMT 

                                        
                                            
ntCoent-Length: 322405 

                                        
                                            
Cache-Control: private 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: dtCookie=v_4_srv_9_sn_A427684F132ACEE34CDB6B52254B211A_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a926064c5cc5963663fe3487286740057868d2871a6a7a7e5ef05efda1b252c3af18dd756574ec5e07ea11ea5587a09b1af5; Path=/
TS0128739d=01fb46a9269145b924360510d4932f965ac2cd5e3bd2871a6a7a7e5ef05efda1b252c3af1860973e1f1159857673cf07623837729d079e30e29f4668fbf28e569d33d3bba8; path=/; domain=.mtb.com
TSea15929a027=0856addebbab2000360ad7abe78cfa49c80f8b53b6ad0a70b755cc162442c0b3f370f6c2a68dd96c08110b5c771130004ccab1d85a491dd97a5c9b82dd3ae9ae53b29ca85cf7a55cfc2769338d88433ad2696e1c5d6ddc76cc7d9c959f8173fa; Path=/ 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   103531

                                                Md5:    709ebc99ab68894c16d41797eb08e778

                                                Sha1:   76a47991fe6d37cfff3521535bf366798a97e292

                                                Sha256: 3ac3d1438229e5d19ab15b5a7552eb05497af3ea08ecc93fb3c5d084d73e60b9

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: tixfKyz+11Ks05nm+Ws73A== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         52.41.253.170

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: oJB3NlT3v9RIJpxukC84nhVtKE4= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1 

                                        
                                            
Host: resources.mtb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: http://pelisquatch.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://resources.mtb.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         24.75.29.77

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: APPLICATION/X-WOFF

                                        

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 01:18:31 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "0a4321058cdd81:0:dtagent10247220811100421ZWhG" 

                                        
                                            
X-Srv: B-SC-03 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ 

                                        
                                            
Timing-Allow-Origin: * 

                                        
                                            
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1639887082", dtTao;desc="1" 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:21 GMT 

                                        
                                            
Content-Length: 4776 

                                        
                                            
Set-Cookie: dtCookie=v_4_srv_6_sn_4F51BF231E4AA1BE1E3001FA47A00A49_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a926f07a2ca6080cdf06e093e98e52db7f45930bbd8b9a06bb063b9fe349f3dc8a51ed462789358fc043060ae6184b275128; Path=/
TS0128739d=01fb46a926a18bab697e15f5e6fe2996f00682298a930bbd8b9a06bb063b9fe349f3dc8a51be7008240d229be3033fe506cab6858678b4030a347cd67731231d7f02eaa2e2; path=/; domain=.mtb.com
TSea15929a027=0856addebbab2000b59c9713a3ba961697ebe8cd9509d87641f5e78735b39c6bac7231293bc7bcea0840ce20ba113000b68af6b6df08f91374ed42604b04acf87d644bbceb7d2f7fa64da57680bbd60d5c9179a94c27287fd8d9a4b021764db1; Path=/ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format, TrueType, length 4776, version 1.0\012- data

                                                Size:   4776

                                                Md5:    ac13691b89191d11d0e5577eb3cf3d53

                                                Sha1:   0126fa82c0ab022e61b5de74f1fe3e204a905a7b

                                                Sha256: 108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "D30ACF11C0EAA476931811CA96BB5429470111047C33503151B3569268D030B1" 

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 15:00:00 UTC 

                                        
                                            
Content-Length: 1585 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3530 

                                        
                                            
Expires: Wed, 21 Sep 2022 22:50:13 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:23 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1585

                                                Md5:    7bffb0766a300f6feb8e44b8a917ba8a

                                                Sha1:   35d7e4b0b9f8d015e025101b4844a303193fa78f

                                                Sha256: d30acf11c0eaa476931811ca96bb5429470111047c33503151b3569268d030b1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" 

                                        
                                            
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4885 

                                        
                                            
Expires: Wed, 21 Sep 2022 23:12:48 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:23 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8ebb267e443b81854ef9a01b3eb6489d

                                                Sha1:   b932e9e5679da5a9160da5429458041765509b52

                                                Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" 

                                        
                                            
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4885 

                                        
                                            
Expires: Wed, 21 Sep 2022 23:12:48 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 21:51:23 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8ebb267e443b81854ef9a01b3eb6489d

                                                Sha1:   b932e9e5679da5a9160da5429458041765509b52

                                                Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6897 

                                        
                                            
x-amzn-requestid: 280a2e44-c21a-4d78-991b-3328e816d045 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YwWSpE0SoAMFaxw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63299daa-55cb53491be78c4d5bed0462;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 20 Sep 2022 11:02:02 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: eNkM22Xu--qgJdsrH-UrTG5-Ie4nAsyLjiMaJ5ZKIz0bbw7cYrvFjw== 

                                        
                                            
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 21 Sep 2022 02:18:26 GMT 

                                        
                                            
age: 70377 

                                        
                                            
etag: "91df60162a8322469cada0dd8eb93619f28aec1a" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6897

                                                Md5:    8bae3a7a80ff40df1d701dfc925ddeff

                                                Sha1:   91df60162a8322469cada0dd8eb93619f28aec1a

                                                Sha256: fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10244 

                                        
                                            
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YYwBkGqjIAMFz0Q= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA== 

                                        
                                            
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 21 Sep 2022 12:08:27 GMT 

                                        
                                            
age: 34976 

                                        
                                            
etag: "b1cd04a66852694284eeef16a1cde38896e33c03" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10244

                                                Md5:    14e6ddceb639a5f4875aecb796f95c79

                                                Sha1:   b1cd04a66852694284eeef16a1cde38896e33c03

                                                Sha256: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9201 

                                        
                                            
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YxzxlEYcoAMFaQQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw== 

                                        
                                            
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 21 Sep 2022 21:43:23 GMT 

                                        
                                            
age: 480 

                                        
                                            
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9201

                                                Md5:    a692964324dbb9c460a1b855808d02e6

                                                Sha1:   1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54

                                                Sha256: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426

URL	pelisquatch.com/login.php?online_id=27df63b215344e368
IP	95.111.225.194 (Germany)
ASN	#51167 Contabo GmbH
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-21 21:51:32 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	5
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (11)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 95.111.225.194

Last 5 reports on ASN: Contabo GmbH

Last 5 reports on domain: pelisquatch.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Overview

Domain Summary (11)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 95.111.225.194

Last 5 reports on ASN: Contabo GmbH

Last 5 reports on domain: pelisquatch.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Network Intrusion Detection Systems