r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17461
Expires: Wed, 01 Feb 2023 07:22:03 GMT
Date: Wed, 01 Feb 2023 02:31:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10831
Expires: Wed, 01 Feb 2023 05:31:33 GMT
Date: Wed, 01 Feb 2023 02:31:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3597
Expires: Wed, 01 Feb 2023 03:30:59 GMT
Date: Wed, 01 Feb 2023 02:31:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 01:35:56 GMT
content-type: application/json
age: 3306
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mKZUwzQtpYBiYAiRMBmxMFkDbseoXwKm86KOR37qniR0wGMSJ/dahLhcWdt0qLf9ed4wNfGfGho=
x-amz-request-id: 8FW105BF6BBPJJKJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 02:22:27 GMT
age: 515
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03edbbad8337653f36564223d82a66a1
9f3bc6fdbf5bbfd8de978f9324a102c8439a6d70
6388413192b2bd6e688990ce5b34a8ad8cc92cc8c7339910638ea3367e45554c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6388413192B2BD6E688990CE5B34A8AD8CC92CC8C7339910638EA3367E45554C"
Last-Modified: Tue, 31 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 01 Feb 2023 08:31:03 GMT
Date: Wed, 01 Feb 2023 02:31:03 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:31:03 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
aslottonownext.line.pm/
45.42.203.197200 OK 6.1 kB IP 45.42.203.197:0
File type PHP script text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7660)
Hash d46d50e6391d76823d3249377a9cc7aa
8b8911080e44915c2c197646c4d909bd292c916e
8f18e2464c582dc359245beffc3ff716d20a399cd07b1bf2ab070f07e6ca1d81
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Content-Length: 6051
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 19:43:54 GMT
ETag: "437b-5f3948d454384-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=9
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=9
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=9 HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 01:49:04 GMT
age: 2519
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=17
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=17
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=17 HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=17
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=17
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=17 HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=9
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=9
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=9 HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18042
Expires: Wed, 01 Feb 2023 07:31:45 GMT
Date: Wed, 01 Feb 2023 02:31:03 GMT
Connection: keep-alive
aslottonownext.line.pm/Assets/js/tealium_prod.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/js/tealium_prod.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/js/tealium_prod.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/Assets/scripts/kessel-help.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/scripts/kessel-help.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/scripts/kessel-help.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/Assets/js/mtb_app_wbk.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/js/mtb_app_wbk.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/ruxitagentjs_ICA2NVfghjqrux_10255221104040649.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/ruxitagentjs_ICA2NVfghjqrux_10255221104040649.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /ruxitagentjs_ICA2NVfghjqrux_10255221104040649.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=17
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=17
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /TSPD/0856addebbab2000240df4b85f20ab5ae11296b2f080cbf7c90f0c4887955ec2ea382b5f255479e3?type=17 HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/Assets/js/kessel-client-prod.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/js/kessel-client-prod.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/js/kessel-client-prod.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/Assets/scripts/Login/Index.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/scripts/Login/Index.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/Assets/js/mtb_app_wbk.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/js/mtb_app_wbk.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ra7heGtHffBQuFkGTTgaJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZUGotzsP66eV1xYvW3LWIkUJFOc=
aslottonownext.line.pm/ruxitagentjs_ICA2NVfghjqrux_10255221104040649.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/ruxitagentjs_ICA2NVfghjqrux_10255221104040649.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /ruxitagentjs_ICA2NVfghjqrux_10255221104040649.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/Assets/js/tealium_prod.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/js/tealium_prod.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/js/tealium_prod.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash e03a5c475ae20dee22b8fc035845b2c1
c6df138d4c357704d88f103c8f4ec3f614d7b51f
a5ccee90cb2d16c26a6c6d6c1d0d2c4e53ba409b88feab5a626623bbaac3de12
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "A5CCEE90CB2D16C26A6C6D6C1D0D2C4E53BA409B88FEAB5A626623BBAAC3DE12"
Last-Modified: Tue, 31 Jan 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 01 Feb 2023 03:31:04 GMT
Date: Wed, 01 Feb 2023 02:31:04 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash e03a5c475ae20dee22b8fc035845b2c1
c6df138d4c357704d88f103c8f4ec3f614d7b51f
a5ccee90cb2d16c26a6c6d6c1d0d2c4e53ba409b88feab5a626623bbaac3de12
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "A5CCEE90CB2D16C26A6C6D6C1D0D2C4E53BA409B88FEAB5A626623BBAAC3DE12"
Last-Modified: Tue, 31 Jan 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3595
Expires: Wed, 01 Feb 2023 03:30:59 GMT
Date: Wed, 01 Feb 2023 02:31:04 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash e03a5c475ae20dee22b8fc035845b2c1
c6df138d4c357704d88f103c8f4ec3f614d7b51f
a5ccee90cb2d16c26a6c6d6c1d0d2c4e53ba409b88feab5a626623bbaac3de12
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "A5CCEE90CB2D16C26A6C6D6C1D0D2C4E53BA409B88FEAB5A626623BBAAC3DE12"
Last-Modified: Tue, 31 Jan 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3588
Expires: Wed, 01 Feb 2023 03:30:52 GMT
Date: Wed, 01 Feb 2023 02:31:04 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 006da75789058de9b6fe7eb6ce60696d
456f563624b59fc4c7acee283dcc77fb3f9ca56c
97fe6ad414fcd631c99292390e32a8adf216b50653fe707ad26b22301e92a62d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "97FE6AD414FCD631C99292390E32A8ADF216B50653FE707AD26B22301E92A62D"
Last-Modified: Tue, 31 Jan 2023 21:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3541
Expires: Wed, 01 Feb 2023 03:30:05 GMT
Date: Wed, 01 Feb 2023 02:31:04 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 006da75789058de9b6fe7eb6ce60696d
456f563624b59fc4c7acee283dcc77fb3f9ca56c
97fe6ad414fcd631c99292390e32a8adf216b50653fe707ad26b22301e92a62d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "97FE6AD414FCD631C99292390E32A8ADF216B50653FE707AD26B22301E92A62D"
Last-Modified: Tue, 31 Jan 2023 21:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 01 Feb 2023 03:31:04 GMT
Date: Wed, 01 Feb 2023 02:31:04 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 006da75789058de9b6fe7eb6ce60696d
456f563624b59fc4c7acee283dcc77fb3f9ca56c
97fe6ad414fcd631c99292390e32a8adf216b50653fe707ad26b22301e92a62d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "97FE6AD414FCD631C99292390E32A8ADF216B50653FE707AD26B22301E92A62D"
Last-Modified: Tue, 31 Jan 2023 21:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3584
Expires: Wed, 01 Feb 2023 03:30:48 GMT
Date: Wed, 01 Feb 2023 02:31:04 GMT
Connection: keep-alive
resources.mtb.com/r/simple-layout-responsive/css.mtb?v=12082022125000
24.75.29.77200 OK 35 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/css.mtb?v=12082022125000
IP 24.75.29.77:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash a09551203c370fcc0c14eee4d7af4fac
6fcd08a7f0871a33ded481a49023de7c42bcdbf0
59df120e12a64898104a890d8a3d976a0c9ef2e31c0741215106fd1edfa172d9
GET /r/simple-layout-responsive/css.mtb?v=12082022125000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Expires: Thu, 01 Feb 2024 02:31:04 GMT
Last-Modified: Wed, 01 Feb 2023 02:31:03 GMT
ETag: "1675218664:dtagent10255221104040649ShC2"
Vary: User-Agent
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2005434568"
Date: Wed, 01 Feb 2023 02:31:03 GMT
Cteonnt-Length: 258715
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_4_sn_47BC23AA404F034C35BE5E145BF823B0_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a92617e2a16a3d4f25c11ad89d03c1f47a071bfdeb4b40ea198f57baa54c9f01e7138db5935c2b5b4d764ab1c66e257202d8; Path=/
TS0128739d=01fb46a926180f3f54bf291845c933b8551553be3f1bfdeb4b40ea198f57baa54c9f01e71315dd907c7c7163076e9ddb8cd886323f4372c979dc791055e0289059d8314af9; path=/; domain=.mtb.com
TSea15929a027=0856addebbab2000cbf592086f9cc657992d6e2eefc3ad7c46cd321bd54cf3acad459f779bf67f4608f761d56c1130009a81e2db0888058fe6f3675fbf2a866e6bac0bd8e9167cde8ed82113f374cf3131dac4903d43f3fd175ecf2730d8b01c; Path=/
Transfer-Encoding: chunked
resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
24.75.29.77200 OK 230 B URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
IP 24.75.29.77:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 916635d10512ae6a1840614a895dcd38
db175de4c42281bb4d239c57d1b95b8e75c529ec
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 01 Feb 2023 07:11:00 GMT
Accept-Ranges: bytes
ETag: W/"01a5456c36d91:0"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-2112842652"
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Length: 230
Set-Cookie: TSea15929a027=0856addebbab2000e07e96ece97dc71f91568a7bc510cddc619fda25a593facece0c3fad026718db081d46c6f7113000515d48fab740e095ed368572de94d47e9891e8d7adb3407b566f706813de58bf3c029380175c0b0389b33f6a3e3dbf4f; Path=/
resources.mtb.com/Assets/img/mtb-logo.svg
24.75.29.77200 OK 2.0 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-logo.svg
IP 24.75.29.77:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators
Hash f2b901cf895852a0866fe4a16c7f1730
c4240af1ec798477b4e65a185ddbb1b038817da4
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 01 Feb 2023 07:11:00 GMT
Accept-Ranges: bytes
ETag: W/"01a5456c36d91:0"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="108534310"
Date: Wed, 01 Feb 2023 02:31:03 GMT
Content-Length: 2039
Set-Cookie: TSea15929a027=0856addebbab200070498985030f8be1de7e2a352a38186a6c17ed8605d1dfaa9a27b0ef3e2c4740085b2f36ba113000e8c409e0f9dfd13aed368572de94d47eae53d42c7747d0a03407be5e3a5be4cce650f620aff6bc2285abc935f7e7da4a; Path=/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4150
Expires: Wed, 01 Feb 2023 03:40:15 GMT
Date: Wed, 01 Feb 2023 02:31:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4150
Expires: Wed, 01 Feb 2023 03:40:15 GMT
Date: Wed, 01 Feb 2023 02:31:05 GMT
Connection: keep-alive
resources.mtb.com/Assets/img/mtb-entrust.svg
24.75.29.77200 OK 1.3 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-entrust.svg
IP 24.75.29.77:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators
Hash 9a569ad20708d7453d89fe6c72e7fcdc
60b6a41620583484642f7c826faf8e3c879a6374
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 01 Feb 2023 07:11:00 GMT
Accept-Ranges: bytes
ETag: W/"01a5456c36d91:0"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1652660763"
Date: Wed, 01 Feb 2023 02:31:04 GMT
Content-Length: 1349
Set-Cookie: TSea15929a027=0856addebbab2000bd5dac5734b97e1be4010801195b12bea8c921f8ba95f77cf22b32d6b221926108c3a83003113000e113c7f510f8fc76ed368572de94d47e6397592847f4641b9a5aed6c51dab74b17c6f566af0a1a912412381a003ff035; Path=/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4150
Expires: Wed, 01 Feb 2023 03:40:15 GMT
Date: Wed, 01 Feb 2023 02:31:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4150
Expires: Wed, 01 Feb 2023 03:40:15 GMT
Date: Wed, 01 Feb 2023 02:31:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4150
Expires: Wed, 01 Feb 2023 03:40:15 GMT
Date: Wed, 01 Feb 2023 02:31:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4354120b504a8b1d1c3f4e206eb4611
ba854dec74347525b20dbf3b4e5c13876d56aa1c
bc921fe78a71864819998207c13b5c3ca7913275a4503119c5d105ad7827c377
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9282
x-amzn-requestid: f448477b-b445-46fa-8aee-8c5c527ee95b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feqp8FuToAMFxDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5be3f-30fbf0dd70d17878651809a0;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 00:30:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wOmkr070swJe2KlHn_SbFTSuqgpv4oxECzMVHR0ryygDutjwH5_55A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 09:06:06 GMT
age: 62699
etag: "ba854dec74347525b20dbf3b4e5c13876d56aa1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6544847aa1270cea1c780e4ee562f2a2
7be75a9f2e5f9e945f60a20a5da70849ad32f72d
d820b25b833d644358c0d9d5a3dc05817770095c06a098a6fc8ed9b7230c80e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8415
x-amzn-requestid: 0d44aaae-d472-410f-9438-7527da366b10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCuGHRqoAMFxeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e4c0-7e7330ab2de5c1ba3e87df4b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:15:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zPgCVRUn1Y1HukfmbqB_Pl8L9lNUQfaFWMcIYh-vFn_Z8pM9MFsOhw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 05:03:01 GMT
age: 77284
etag: "7be75a9f2e5f9e945f60a20a5da70849ad32f72d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ad49e3ca0f9935c7ff8f922039e5864
6382ee41cb26e42293e1ba5d9f0d3af64ddb672c
7a838e4e1aff60581fbf939920955ea67dae8fb3fa4e31572787c773404d071e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14809
x-amzn-requestid: fc920367-4bb1-40fd-9f1d-1d50b27cfc77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaXEQEoAMF3Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-0f70e0252fc3a3e5248bb372;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8SGqBRt27x1A3p1Z55UzPW8myS3BPu1ows_X76xLB8KY5xNnfs1pUw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:45:15 GMT
age: 17150
etag: "6382ee41cb26e42293e1ba5d9f0d3af64ddb672c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 16780
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4392f298c9e98515493f1235810838f
b89eebf2b8adac69487262100b07da8bc171ecf7
b368d87d3a0fe4e1a8ddc82bed704b3056ad2874b8d325111b399b18807c1e5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15656
x-amzn-requestid: 6723d22f-8b16-4fb2-af92-9b3257fc2a1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIHpRoAMFRYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-03b1c6646f63ba716a6298e1;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fLrUWOhE6x_v3sqe6kr1hacSgt9H53ld51XXKvh7dL04gc-NDJKmOg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 07:25:12 GMT
age: 68753
etag: "b89eebf2b8adac69487262100b07da8bc171ecf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hjIm9dNf6UE9rpIlKWeLwWuF7Pm6yJeAZgbwchvJcuDy-zkXEr502w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
age: 16787
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
resources.mtb.com/r/simple-layout-responsive/js.mtb?v=12082022125000
24.75.29.77200 OK 104 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/js.mtb?v=12082022125000
IP 24.75.29.77:0
File type ASCII text, with CRLF line terminators
Size 104 kB (103533 bytes)
Hash 08b250830e37bab4db49f49dcfa521aa
196ea486f29834f4f74c9415c3952b725055c866
9b41dafbfb1b1f1d091bcb7593dbdae2d91dddb1c00bbb00eea511b7c9c92443
GET /r/simple-layout-responsive/js.mtb?v=12082022125000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 01 Feb 2024 02:31:04 GMT
Last-Modified: Wed, 01 Feb 2023 02:31:03 GMT
ETag: "1675218664:dtagent10255221104040649ShC2"
Vary: User-Agent
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1341844101"
Date: Wed, 01 Feb 2023 02:31:03 GMT
Cteonnt-Length: 322405
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_9_sn_9AD9033640F7F49FDF427E197682AD09_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a926933c53bf4e9534ef3d497f1ea7b15325b194d8f57d6765afa1e411565caee66e16ad33f41cf67ed7355c0e191fa0392d; Path=/
TS0128739d=01fb46a9269b3d7bd5ba722c2a44a71e3cbdabbc14b194d8f57d6765afa1e411565caee66ee4a2dc837b78a30af8fc81398240537d8f816d0571d58fb2d3be6be831ec0b0e; path=/; domain=.mtb.com
TSea15929a027=0856addebbab20001740a5b8e76395c7674f85e1c930defdcc1d66b85b84583617fff9bb6fe4e137081f5980f6113000017c6a012f8768dce6f3675fbf2a866e3bc8a55728f46273f88f9678177465eec97dbd4c4f15d87833b56a22cee4995f; Path=/
Transfer-Encoding: chunked
resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
24.75.29.77200 OK 4.8 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
IP 24.75.29.77:0
File type Web Open Font Format, TrueType, length 4776, version 1.0\012- data
Hash ac13691b89191d11d0e5577eb3cf3d53
0126fa82c0ab022e61b5de74f1fe3e204a905a7b
108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aslottonownext.line.pm
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Wed, 01 Feb 2023 07:10:59 GMT
Accept-Ranges: bytes
ETag: W/"01a5456c36d91:0:dtagent10255221104040649ShC2"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1551496597", dtTao;desc="1"
Date: Wed, 01 Feb 2023 02:31:04 GMT
Content-Length: 4776
Set-Cookie: dtCookie=v_4_srv_11_sn_773FD31611151BF0CC168CAFF79E7ACD_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_1; Path=/; Domain=.mtb.com
TS019299a7=01fb46a926d90b61c73c04aab9094cd4e3bca4d6297cf44acd67fe619d2aa5bf1868539172c303c209c1fc6bda655ab8dbc34b2cff; Path=/
TS0128739d=01fb46a926b063a63a5aaa89f99de035736db1d08d7cf44acd67fe619d2aa5bf186853917217ad8078e7dec75a32e81c90b33f97b368fe5168c73a8dce168a2b2634438f22; path=/; domain=.mtb.com
TSea15929a027=0856addebbab20003b81f94213e0ff95cba5cc122b2fddb9d0c649349e7729b8365949b0afc2292a0829294b73113000a8018f2b14977dd7ed368572de94d47e9129ea6f1e6b517f2550500e6b6a83c183ce4d9b4d4c78a43557585e4d5f87b9; Path=/
aslottonownext.line.pm/Assets/js/kessel-client-prod.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/js/kessel-client-prod.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/js/kessel-client-prod.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
aslottonownext.line.pm/Assets/scripts/kessel-help.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/scripts/kessel-help.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/scripts/kessel-help.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
24.75.29.77200 OK 68 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
IP 24.75.29.77:0
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aslottonownext.line.pm
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Wed, 01 Feb 2023 07:10:59 GMT
Accept-Ranges: bytes
ETag: W/"01a5456c36d91:0:dtagent10255221104040649ShC2"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1030443315", dtTao;desc="1"
Date: Wed, 01 Feb 2023 02:31:04 GMT
Content-Length: 67671
Set-Cookie: dtCookie=v_4_srv_4_sn_95C2AAAEA87C229D7966FDCC75B9E2C1_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a92692b7f7ee0e64a1217d4365ce1b3e8abfee48dafa56e9d7cd68b8f458c564c3bb36aa76459cd70c1f7deda3a79c216a19; Path=/
TS0128739d=01fb46a926317537a2bf62b95e0363ad098d71e54dee48dafa56e9d7cd68b8f458c564c3bbc742f14f5036337f0a037c4a8af03fc1a5cb11327d3c2d6e973bcc459110bbbe; path=/; domain=.mtb.com
TSea15929a027=0856addebbab2000bb39e8e8590074ead3d86623b71d7330417d2d85f73218f66664f4c35a05a18b0882458d0c113000853080d58af27c5ded368572de94d47e995dcb3a24558a4bb0f0f278622d173e6c72c401caeb28aa798971a2550443e9; Path=/
aslottonownext.line.pm/Assets/scripts/Login/Index.js
45.42.203.197404 Not Found 726 B URL HTTP/1.1 aslottonownext.line.pm/Assets/scripts/Login/Index.js
IP 45.42.203.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e06f441a0f085d26416faed7afa09ad0
9256a85ef9301c0cd0d33cd846b5b40afcba5b41
bf63f6856a4afa5d8fb50c018cd84488661dac9c9983be7005dea1b97dd13cc1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish M & T Bank Coporation
fortinet Phishing
quad9 Sinkholed
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: aslottonownext.line.pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 02:31:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 19:41:56 GMT
ETag: W/"5a1-5f394863827eb"
Content-Encoding: gzip
resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
24.75.29.77200 OK 64 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
IP 24.75.29.77:0
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aslottonownext.line.pm
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Wed, 01 Feb 2023 07:10:59 GMT
Accept-Ranges: bytes
ETag: W/"01a5456c36d91:0:dtagent10255221104040649ShC2"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1312481661", dtTao;desc="1"
Date: Wed, 01 Feb 2023 02:31:04 GMT
Content-Length: 64318
Set-Cookie: dtCookie=v_4_srv_2_sn_0BDC38D7727FD92FC759C2390992EC8B_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a926fcff2d273debc14e77baa3b9e9897b6c31694407c83d6082a5153592945dacd47cb709613741fc5349307b50848d05fc; Path=/
TS0128739d=01fb46a9269e41bc98ca9cf712f4ed851cdd4439c531694407c83d6082a5153592945dacd4be7f398f001189c6e72599c5bf4a0d44047af8c0f6249c6f0b440338e4629ac9; path=/; domain=.mtb.com
TSea15929a027=0856addebbab20009f3d63d4bf91acc9537becadb730b671b430fd0dfadfea638c173cfecb1a98390821c4464c113000396c29ca1a10717aed368572de94d47ebf3f3259ac9f497021235d543b1a8d64594926c3aabfe0372bb6f8e2245b7a4e; Path=/
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash a0d61a2a21877af236bbeff47736df8b
f889a35693502e251388aa1ae634eaae5f7e3c33
f5a29270c45849762813790c95d214a2d29eaef005576f5e5bcb20bc7d725e8f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F5A29270C45849762813790C95D214A2D29EAEF005576F5E5BCB20BC7D725E8F"
Last-Modified: Tue, 31 Jan 2023 15:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3544
Expires: Wed, 01 Feb 2023 03:30:10 GMT
Date: Wed, 01 Feb 2023 02:31:06 GMT
Connection: keep-alive
asset.mtb.com/Documents/html/homepage/favicon.ico
54.230.111.37200 OK 15 kB URL HTTP/2 asset.mtb.com/Documents/html/homepage/favicon.ico
IP 54.230.111.37:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash e82f458a5c1c5353a97401eccc925613
949d6c8d06ca14b52f496c20f63fae269b6708c2
cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aslottonownext.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 14862
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Wed, 04 May 2022 18:18:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Wed, 01 Feb 2023 02:11:01 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "3dce-5de33a8b9cac0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Nf5jieMuVrAZcxncQpZB7TMIb33Y-fYKeGg2p8EN3E3h36ljLyxRPA==
age: 3297
X-Firefox-Spdy: h2