Report - grafexpert.ro/SPORT/mtbnemail/index.htm

Report Overview

Submitted URL
grafexpert.ro/SPORT/mtbnemail/index.htm
IP
89.37.29.45
ASN
#203053 CLAUS WEB srl
Submitted
2022-09-12 14:48:33
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.entrust.net	1208	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	22 kB	23.13.44.131
mtb.d1.sc.omtrdc.net	81289	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.9 kB	15.188.95.229
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
resources.mtb.com	144011	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	286 kB	192.216.61.78
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.39.57.61
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
tags.tiqcdn.com	969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	37 kB	2.18.173.203
cdn.quantummetric.com	2877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	649 B	92 kB	172.67.20.158
ponos.zeronaught.com	11354	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	514 B	1.1 kB	107.162.179.174
grafexpert.ro	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	7.3 kB	89.37.29.45
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.6 kB	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	16 kB	142.250.74.164
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	813 B	2.0 kB	216.58.211.2
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	2.3 kB	192.124.249.22
mtb-app.quantummetric.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	5.6 kB	34.67.142.127
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.33.119.27
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
onlinebanking.mtb.com	109965	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	271 kB	24.75.29.69
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	47 kB	142.250.74.72
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	797 B	757 B	142.250.74.3
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	104.18.32.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-12	medium	grafexpert.ro/SPORT/mtbnemail/index.htm	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113	11 kB	2023-03-07	2023-03-13
Pretty URL tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113 IP 2.18.173.203 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:22 Last Seen2023-03-13 01:11:44 Times Seen1 Hash 55e2dafd4e2f01e1da100818637f6e46 d6c8b0b942eefbed9e13215a7b0624e01b721aa2 651c517ff5f016be06ef6497924c898fdbe4dac5a612ae65c407c60e64c8f8b8 Loading...

	tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209120041&cb=1662994094738	2 B	2023-03-07	2024-04-26
Pretty URL tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209120041&cb=1662994094738 IP 2.18.173.203 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 09:59:27 Times Seen21807 Hash 7bc0ee636b3b83484fc3b9348863bd22 ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610 a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1662994095544&cv=9&fst=1662994095544&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa970&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&auid=1936164006.1662994095&hn=www.google.com&async=1&rfmt=3&fmt=4	2.4 kB	2023-03-07	2023-03-07
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1662994095544&cv=9&fst=1662994095544&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa970&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&auid=1936164006.1662994095&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 216.58.211.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:13:59 Last Seen2023-03-07 15:13:59 Times Seen1 Hash d1d40eccd377b34b243284792bdc0dd9 55b9cc153eff38d68677d774bbfe6f49808e63be d35c1be355d49dc8b66750d3b6469eb3a1f8c57a9d5b37cb7d24c9efb85281fb Loading...

	grafexpert.ro/SPORT/mtbnemail/index.htm	4.7 kB	2023-03-07	2023-03-07
Pretty URL grafexpert.ro/SPORT/mtbnemail/index.htm IP 89.37.29.45 ASN #203053 CLAUS WEB srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:13:59 Last Seen2023-03-07 15:13:59 Times Seen1 Hash 5c8faa0740f31d988348a0248821f013 37b4496a94eaca8154329d984e05c2cbc2392b22 45b433b361f030bca3b5689a777102464ea6b8c81bcb084c484b12815d67e01f Loading...

	onlinebanking.mtb.com/Assets/scripts/Login/Index.js	6.9 kB	2023-03-07	2023-03-17
Pretty URL onlinebanking.mtb.com/Assets/scripts/Login/Index.js IP 24.75.29.69 ASN #16490 MTB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:13:59 Last Seen2023-03-17 11:32:29 Times Seen1 Hash d5e7be622482c49e677eba6c83d64d7d 336bec45009e3220c3caa1d996f135c05142fb91 652e3c2929e037e2128c18a5f5072906b88cb848295c3611af49df2c41ed70a5 Loading...

	grafexpert.ro/SPORT/mtbnemail/index.htm	4.4 kB	2023-03-07	2023-03-07
Pretty URL grafexpert.ro/SPORT/mtbnemail/index.htm IP 89.37.29.45 ASN #203053 CLAUS WEB srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:13:59 Last Seen2023-03-07 15:13:59 Times Seen1 Hash 71c70e64c87a49ca57561ff3f051ae6e a99fc8de9566fbcf53d2fda9db2f34f8cb5b1a90 38a9acd4ba5d3f4660db1c21dc0583c27ad3c77dc1eefba35a5d3e4696f7dc8d Loading...

	onlinebanking.mtb.com/Assets/js/tealium_prod.js	304 B	2023-03-07	2024-01-25
Pretty URL onlinebanking.mtb.com/Assets/js/tealium_prod.js IP 24.75.29.69 ASN #16490 MTB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:13:59 Last Seen2024-01-25 03:37:53 Times Seen3 Hash b07ff0eeb3594dfc675f7bf21c5a3fd4 7a83838261f9353216b7196ec95de4ed10ca93e8 bcc41de3276fb2e7cf0be64b6a62e5306e18efbf14efa5379c1d89acad6ffc2a Loading...

	resources.mtb.com/r/simple-layout-responsive/js.mtb?v=09242021103000	322 kB	2023-03-07	2024-04-14
Pretty URL resources.mtb.com/r/simple-layout-responsive/js.mtb?v=09242021103000 IP 192.216.61.78 ASN #12134 MTB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-14 19:38:09 Times Seen2461 Hash 9c5a48bd789473f18b8bf7bd777371f9 f84d9237854640f2b0cc554b816c17d11376af5a 6ef98ef294d03000d904d5f868598dc98667a0d00338cee40b3080a9d725d1cd Loading...

	onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10227211018092056.js	228 kB	2023-03-07	2023-03-08
Pretty URL onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10227211018092056.js IP 24.75.29.69 ASN #16490 MTB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:14:00 Last Seen2023-03-08 02:27:00 Times Seen1 Hash 559a7410b7628e4b083c526846270e43 d178f3cd3c17b0c9351874da6b3c1d2cff50fe62 a304d13035a3691fd9586497a6d7cee7f7f0923a30a49f4a24973bd2362bb27f Loading...

	onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js	300 kB	2023-03-07	2023-03-07
Pretty URL onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js IP 24.75.29.69 ASN #16490 MTB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:14:00 Last Seen2023-03-07 15:14:00 Times Seen1 Hash bc538a53e2366bd09c851392deb8382b 28e8e4ec1ee29353a7473723ad3c296ce1d162ab 85464a8695cdbfd5afa1f4a3116712831ebd9524dcb69b45f07c5df99f9cafd2 Loading...

	www.googletagmanager.com/gtag/js?id=AW-990489911	118 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=AW-990489911 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:14:00 Last Seen2023-03-07 15:14:00 Times Seen1 Hash d74b8f41680098d59281a85fa2a0540d ed6a61f7dac4c4f200cf517a42d5e1439952320a e6ea7d7ba120cd4951d488f357b54e5173c3073446811bbc6ca6a62f27fdf718 Loading...

	tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js	96 kB	2023-03-07	2023-03-07
Pretty URL tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js IP 2.18.173.203 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:14:00 Last Seen2023-03-07 15:14:00 Times Seen1 Hash 622c01a5e4b6dcdd3c9225031edfc2e8 1add337a62b72d96db770805c920ba18a5d272fa 198f23b5fd45ed48f46b95d10f0f440608b8269c1e4a9ee6b623ef0d2e01e90d Loading...

	cdn.quantummetric.com/qscripts/quantum-mtb.js	251 kB	2023-03-07	2023-03-07
Pretty URL cdn.quantummetric.com/qscripts/quantum-mtb.js IP 172.67.20.158 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:14:00 Last Seen2023-03-07 15:25:11 Times Seen1 Hash f720ca42ed890ba10659bf8d67273186 e56e392885b3c16dc711a13136a9a7f32f74ad65 e6df6946c24101e393c8614e3e071dacca6089825e43a455d7ff76d7c04fd0cf Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-07	2023-03-17
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:19 Last Seen2023-03-17 12:30:23 Times Seen1 Hash 70049e468e315dbffce0c07753fca6f9 6c1cb5e25675de7746ed7dbb4d103aba9faabea0 94cc0d6d41e4b4bcde2f4f3d6292224215a698f20ffe7915c04cb55146537266 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f931b60e9e1cc2b73f8f6eee44ccd31b	39 B	2023-03-07	2024-02-28
Pretty Observations First Seen2023-03-07 13:50:17 Last Seen2024-02-28 12:01:37 Times Seen59 Hash f931b60e9e1cc2b73f8f6eee44ccd31b 20e6fe95538f7e0862f211097eeb7592dcd75e04 9492933ff79788410f5024c44781c500f79cd5512a5599f637110848793013d1 Loading...

	#2 Eval - 202acf93f78a9049dc13a78452cde5c6	8 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 12:06:19 Last Seen2024-04-24 21:24:27 Times Seen539 Hash 202acf93f78a9049dc13a78452cde5c6 b2020e0728418b31434511c792e13a48e4950ca4 120443e43e9f11d641a673958bb3d4c9fc01b621329063c13e8e39ff5193bc53 Loading...

	#3 Eval - e433541f957d0ae2a9ae8e4080820423	63 B	2023-03-07	2024-02-28
Pretty Observations First Seen2023-03-07 13:50:17 Last Seen2024-02-28 12:01:37 Times Seen32 Hash e433541f957d0ae2a9ae8e4080820423 1fb463409f7f8c7033ddc8c6b7d294b07667c33c f1260ff830e2ca835b77b31bc7050dad4a7e61f8d3c4246502682c34832c7e52 Loading...

	#4 Eval - d7bf63ff7cb0cbf57aed210810b9e7af	36 B	2023-03-07	2023-05-04
Pretty Observations First Seen2023-03-07 13:50:17 Last Seen2023-05-04 05:55:40 Times Seen15 Hash d7bf63ff7cb0cbf57aed210810b9e7af c7fad60912222113d6ef80200c845e4ff900ddcd 927f48b4565ad5d957d920881d5bbc2205484edd4ec47d4ef0957ba8c904c28c Loading...

	#5 Eval - ace79e1ed99bbc3510e6b8ce3cb01950	48 B	2023-03-07	2024-02-28
Pretty Observations First Seen2023-03-07 12:06:29 Last Seen2024-02-28 12:01:37 Times Seen32 Hash ace79e1ed99bbc3510e6b8ce3cb01950 1e43f70c7d8e6ac4786538d579267f5dc4994394 fb4b395179f8e9f4ee8e7da018503919e601c3b475b014b2d937ffde76490550 Loading...

	#6 Eval - 68934a3e9455fa72420237eb05902327	5 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 10:59:21 Times Seen14252 Hash 68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Loading...

	#7 Eval - 2cf50ba29ad8a8172138155c4c79e803	55 B	2023-03-07	2023-05-04
Pretty Observations First Seen2023-03-07 13:50:17 Last Seen2023-05-04 05:55:40 Times Seen13 Hash 2cf50ba29ad8a8172138155c4c79e803 18a0272110f85120dbbc4789889cf795e3129aa1 323a2f61e415c7aeb9b334a024fa2ed6e3f6a1bcd0b608258aa71b1615008312 Loading...

	#8 Eval - 50a81671e9e6f56e8bd5ffebc195a71c	44 B	2023-03-07	2024-02-28
Pretty Observations First Seen2023-03-07 13:50:17 Last Seen2024-02-28 12:01:37 Times Seen80 Hash 50a81671e9e6f56e8bd5ffebc195a71c dbb6aee47aa8fddd780cf426d1d6cb0bfafbac4b 03ec36c437a2bc34571f26a1a385ebcb000bf047e90a251e83193f6ab1084cf8 Loading...

HTTP Transactions (66)

URL IP Response Size

grafexpert.ro/SPORT/mtbnemail/index.htm

89.37.29.45

200 OK

7.1 kB

URL HTTP/1.1
grafexpert.ro/SPORT/mtbnemail/index.htm
IP
89.37.29.45:0
ASN
#203053 CLAUS WEB srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1029), with CRLF line terminators
Size
7.1 kB (7060 bytes)
Hash
505f7034ee1fb9df7fc3083879145e87
94139e8f8e568d178aaa17d80583832cd1afc8e0
73d0869ed9b4a566675f105dc2600c3ef3fa359fe93c10620190876d7b84a54a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /SPORT/mtbnemail/index.htm HTTP/1.1
Host: grafexpert.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 14:48:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 05 Jan 2022 11:48:30 GMT
Server: ClausWeb-nginx
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 14:08:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TclQiIP6ubJlslrtaM1jHcCoECSVRQjAZCVakbHqa6YOH6ih5xbjOg==
Age: 2409

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16582
Expires: Mon, 12 Sep 2022 19:24:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YpkfBz5HjqoJ_lr5eD_KoRE8VcKSXJdeCJ48kJr_MsSHmAKdWK9N6w==
age: 27070
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 13:56:07 GMT
Expires: Mon, 12 Sep 2022 14:48:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xfDnsJHMDoW0YHbkxj5g93oTHYI6zHCMfJAnr5DnD7cwK0STxaTfnQ==
Age: 3135

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1585 bytes)
Hash
fdf2e94a204238c07cb93f0f0445aade
52df9c626115a90410aa17803bd25faff1265587
bce7ca675f4daab4a0f67dd110f7c62c7d32b2f34faced0e834441decfe859c0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BCE7CA675F4DAAB4A0F67DD110F7C62C7D32B2F34FACED0E834441DECFE859C0"
Last-Modified: Mon, 12 Sep 2022 08:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 12 Sep 2022 15:48:23 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1585 bytes)
Hash
fdf2e94a204238c07cb93f0f0445aade
52df9c626115a90410aa17803bd25faff1265587
bce7ca675f4daab4a0f67dd110f7c62c7d32b2f34faced0e834441decfe859c0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BCE7CA675F4DAAB4A0F67DD110F7C62C7D32B2F34FACED0E834441DECFE859C0"
Last-Modified: Mon, 12 Sep 2022 08:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Mon, 12 Sep 2022 15:47:35 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1585 bytes)
Hash
53ea2e67d54715ef13e8b359a73c446b
ab1b42b57fbbe987841a9d97377d9e6aab136b99
9538f04f1eff4d090ebbeb4d10c52033df7ccde002e59a2338d976dd7fa53e55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9538F04F1EFF4D090EBBEB4D10C52033DF7CCDE002E59A2338D976DD7FA53E55"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 12 Sep 2022 15:48:23 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1585 bytes)
Hash
53ea2e67d54715ef13e8b359a73c446b
ab1b42b57fbbe987841a9d97377d9e6aab136b99
9538f04f1eff4d090ebbeb4d10c52033df7ccde002e59a2338d976dd7fa53e55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9538F04F1EFF4D090EBBEB4D10C52033DF7CCDE002E59A2338D976DD7FA53E55"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 12 Sep 2022 15:48:23 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1585 bytes)
Hash
53ea2e67d54715ef13e8b359a73c446b
ab1b42b57fbbe987841a9d97377d9e6aab136b99
9538f04f1eff4d090ebbeb4d10c52033df7ccde002e59a2338d976dd7fa53e55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9538F04F1EFF4D090EBBEB4D10C52033DF7CCDE002E59A2338D976DD7FA53E55"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 12 Sep 2022 15:48:23 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5694
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:23 GMT
Last-Modified: Mon, 12 Sep 2022 13:13:29 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

onlinebanking.mtb.com/Assets/scripts/Login/Index.js

24.75.29.69

200 OK

7.0 kB

URL HTTP/1.1
onlinebanking.mtb.com/Assets/scripts/Login/Index.js
IP
24.75.29.69:0
ASN
#16490 MTB

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
7.0 kB (6950 bytes)
Hash
3babf9179a67f9967650540d49367123
0df85be532ac1c57eed3791d48b46bf3f29bec8f
c91e7a2cc1c3999b227fdb4c8656592fb9662e91af49ce4e76f4955c38ababfb

HTTP Headers

GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Last-Modified: Sat, 10 Sep 2022 05:51:00 GMT
Accept-Ranges: bytes
ETag: "03ad24dd9c4d81:0"
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SRV: B-WEB-05
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="1"
Date: Mon, 12 Sep 2022 14:48:23 GMT
Content-Length: 6950
Set-Cookie: dtCookie=v_4_srv_2_sn_ED877B8D3475E23B40B799CC1CCA8E83_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f9945525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a9260f828a75e453ebf4ac42b45f36c005bead942b81de187a0edbc89a4b0678e6e5721f1f9a4be8af0a4655e5d308010d44; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed1472744bf89eb4de1e3b6a703debfdb5ece32bae78efe83ffdd0f25595b837d732457dae72fa4a7b9365fd9bdc235363273; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab2000e0771c14681c09bc548125bd337e9ec18a30443202a233c728f70a62d7c95d6208343ddf791130008ffa5f28800e3ae0b506888e249b08d1c3bb417bdfc7c121a582f35458f44ffbdda0c8e5a6d6c5e49d58209387c94343; Path=/

onlinebanking.mtb.com/Assets/js/tealium_prod.js

24.75.29.69

200 OK

307 B

URL HTTP/1.1
onlinebanking.mtb.com/Assets/js/tealium_prod.js
IP
24.75.29.69:0
ASN
#16490 MTB

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
307 B (307 bytes)
Hash
6cab7150291c8cb24191bc92c73a487e
dd4cbd99cc921486ec7a27525fd66b6a2d3ccc55
e585e536633d98c846579082b6aead897ae524ff8a71e5852d60d129e8fc2ac4

HTTP Headers

GET /Assets/js/tealium_prod.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Last-Modified: Sat, 10 Sep 2022 05:51:00 GMT
Accept-Ranges: bytes
ETag: "03ad24dd9c4d81:0"
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SRV: B-WEB-05
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="1"
Date: Mon, 12 Sep 2022 14:48:23 GMT
Content-Length: 307
Set-Cookie: dtCookie=v_4_srv_11_sn_87D8903358584031397121E5A8B2AF7F_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f9945525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a92605a64a28bd1166854d6a9fea3c930a6fc9589a97f97ef299d414798776d5f48b31e3ba325ba57e8266c44a09b6c8e0fc; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed1478957d1fd2012fc2f3425eaa86d4602124bc071ea295078b13c1802450ab0c3141fe6ee7060378a4c4256547d65d7d8d9; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab200030a9066cfb793116363acab339db2057f6e5bb5e07cc9228e5a39465ff25043c082f0eec45113000864c4a5ac9ea1fd5b506888e249b08d14971013e2c860f972964670c52b4f16200b98d65480fbdbbb362b467c55b4a70; Path=/

resources.mtb.com/r/simple-layout-responsive/css.mtb?v=09242021103000

192.216.61.78

200 OK

35 kB

URL HTTP/1.1
resources.mtb.com/r/simple-layout-responsive/css.mtb?v=09242021103000
IP
192.216.61.78:0
ASN
#12134 MTB

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
35 kB (34712 bytes)
Hash
da035f53931c132155280b9c00893409
94ae91f42af9f8af8eed42934ea710bd409fdee8
2269c7300f76270849225e1b1f045bf65e36ea325d5fed63ffb55f3a5758195a

HTTP Headers

GET /r/simple-layout-responsive/css.mtb?v=09242021103000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Expires: Tue, 12 Sep 2023 14:48:23 GMT
Last-Modified: Mon, 12 Sep 2022 14:48:22 GMT
ETag: "1662994103:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="675691332"
Date: Mon, 12 Sep 2022 14:48:22 GMT
ntCoent-Length: 258715
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_1_sn_BA547BE4303FA76904D20D056FF3B515_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_1; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd7a71de5d701403dcee09889aadc6caa637e41db53ff0633bf0cb779cfed2c98ea6f0e0cc598fad9395c22be1d411b975; Path=/
TS0128739d=019f8203fdc8f10c46ee218417321e11b7953940bd37e41db53ff0633bf0cb779cfed2c98e3a86bc54124f5b63fa5f0f9bdc338b19a89b6cf1ede7960205263c7e9db8f473; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200084d5b85f2f466d6fa066dc75ec3a86c8c6bfe0f9f41e903df286712866d063f9082089a22b113000387424e5ac4113a5b022ecf97610fec298075d91986777418cd0c80679a9debf54e80503a5ae5ef03954fab877525f5c; Path=/
Transfer-Encoding: chunked

push.services.mozilla.com/

52.39.57.61

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.57.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NOaN+0zIKYBgfmQvocvQ+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o0ScOZRMlTrxSDa2wAiItsVc42M=

resources.mtb.com/r/simple-layout-responsive/js.mtb?v=09242021103000

192.216.61.78

200 OK

104 kB

URL HTTP/1.1
resources.mtb.com/r/simple-layout-responsive/js.mtb?v=09242021103000
IP
192.216.61.78:0
ASN
#12134 MTB

File type
ASCII text, with CRLF line terminators
Size
104 kB (103531 bytes)
Hash
727a0de3144aa33cd4534796486e2363
86ed4f75d976f4f5974724a6a19723798f29386e
4944e8c395c12a394fb7be2e85d249d24381a5848f743a5d63bf2b0edda3bcdc

HTTP Headers

GET /r/simple-layout-responsive/js.mtb?v=09242021103000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Expires: Tue, 12 Sep 2023 14:48:23 GMT
Last-Modified: Mon, 12 Sep 2022 14:48:22 GMT
ETag: "1662994103:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="890584628"
Date: Mon, 12 Sep 2022 14:48:22 GMT
Cteonnt-Length: 322405
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_1_sn_940F10A35081D84523BF09D7FD29EB1E_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd62a24d5a0384f129e849e1b2f744b79fbf58cd4373fb5d7b71f603e0acb9b1c53c4b31294b449ae4dc6010a03a47f3a4; Path=/
TS0128739d=019f8203fd14f0e8aa59b1c5e8749ceb35a4d3257ebf58cd4373fb5d7b71f603e0acb9b1c51cfc51d456e44201015fc42b547e41559af6880a9cfd74bd31f4e942f530c14e; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab20001a1cc06b369e7882675f625f611b762715bbc51a606de9cfaed1ada5b4ddfe2208de2566fe1130009a123d4625454353b022ecf97610fec2620180766dd6b91430cf2856f85400ff2f617498a1b52b2513a48b7d2afe11da; Path=/
Transfer-Encoding: chunked

onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10227211018092056.js

24.75.29.69

200 OK

86 kB

URL HTTP/1.1
onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10227211018092056.js
IP
24.75.29.69:0
ASN
#16490 MTB

File type
ASCII text, with very long lines (1629)
Size
86 kB (86087 bytes)
Hash
dfbc58d3a725843d905bb466313afcbf
8642551dc5750aa4e82c2595c2e4d8e28c5658df
7297767ec8d243f3678be6106de01b1facc09b7af1f11178d1de6e8ffce06612

HTTP Headers

GET /ruxitagentjs_ICA2Vfhjqrux_10227211018092056.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=3600
Content-Length: 86087
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Mon, 12 Sep 2022 15:48:23 GMT
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SRV: B-WEB-05
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Date: Mon, 12 Sep 2022 14:48:23 GMT
Set-Cookie: mtbcookie=ffffffffc3a03f9945525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a926321dabd039a24dcaa709a7422a7af7ce9d234194484a90bfc1e6909f952db6c9c83250eab4c94486a6bc5e3e644c07a0; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147c8850e7cd1d476b352ce5fbd1b98f8200142b3c827ab18ad51f00fd543d418f9c0efc4409073baa09cadc0852171b2e9; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab20007d2fa25b1bada1a70eb93f73dcf8691c26baf78dae9f881ba8c4971a6a5968c9086df3971e113000afb6a0933ea8a11eb506888e249b08d1dab91dab82ddfbd398f067a9a6a82769b3a0eb045dfa51c0acf1157a3564a68e; Path=/

onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js

24.75.29.69

200 OK

173 kB

URL HTTP/1.1
onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
IP
24.75.29.69:0
ASN
#16490 MTB

File type
ASCII text, with very long lines (65536), with no line terminators
Size
173 kB (173374 bytes)
Hash
dbe7c96e1778d25cdf7b1f555d874f43
9efd647600ab119e9b61dfebbd52112ee5b84fc0
50d59311e7899e69f61b30a4ece4f33e6242142534fcf185a97b56a2963ef183

HTTP Headers

GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 14:48:23 GMT
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
X-Ion-Hop: 1
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Set-Cookie: e9LegkvD=A6U7LDKDAQAAzennvxSuBZJGifh__pw74OGWKLLZiXJrDup1M4Pls0YCDQCSAVtaKpqcuC2nwH8AADQwAAAAAA|1|0|de70a8a6f11d7d570ba6fa9008e494fdbc4ab247; Path=/; Max-Age=1577847600; Domain=mtb.com
TS01e71088=01fb46a92682ef3fccc25a2197df8a6e2024913cf80031d276c785909f0e2fc7add6c4e9150caeb4b1353e05467e7a2766735d6835; Path=/; Domain=.onlinebanking.mtb.com
TS01ea4191=01fb46a92682ef3fccc25a2197df8a6e2024913cf80031d276c785909f0e2fc7add6c4e9150caeb4b1353e05467e7a2766735d6835; path=/; domain=mtb.com
TSba0bc889027=0856addebbab2000fbd1592f19db537e84b5bf19b55d6d617c06d37c4116da1ebdf83ddb18c2b38408dd67e2ac1130008707235db291d41bb506888e249b08d137803393fa7c9f5f148f5b4ecc84e21aa45dc890e1eead8f8d342a82dd1f49b0; Path=/
Transfer-Encoding: chunked

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3458
Expires: Mon, 12 Sep 2022 15:46:02 GMT
Date: Mon, 12 Sep 2022 14:48:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3458
Expires: Mon, 12 Sep 2022 15:46:02 GMT
Date: Mon, 12 Sep 2022 14:48:24 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36ab1cf7-da3f-4bea-abd5-3f9da5a18c29.jpeg

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36ab1cf7-da3f-4bea-abd5-3f9da5a18c29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9126 bytes)
Hash
beca122055c554548ca6ef68a66a4e2e
cf5ec3650282d05c082eb0534f1b70a59f9f4bbe
a9cf7ef5dfb6a58c66bc29b2a280c2253e56a28ce317d8271273ddae2008d9d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36ab1cf7-da3f-4bea-abd5-3f9da5a18c29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9126
x-amzn-requestid: 86fd10d3-f2bb-4191-93b0-3a416000fd68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJHeGMqoAMFnwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5562-1f8b12e10d7212353f050f3f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WcMMN48JT7YRvUBGR6oAes5EwusRcdgrWT60xJffsOfsbkJ4_XyALg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 61593
etag: "cf5ec3650282d05c082eb0534f1b70a59f9f4bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9466 bytes)
Hash
6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 41556
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8799 bytes)
Hash
c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 61593
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9815 bytes)
Hash
239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
age: 60764
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4162 bytes)
Hash
b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jGj2al3pBpze7UQnHild4DxKndrprY4pTG_EZScw2RukQlgFEvNMkw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:18:04 GMT
age: 27020
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6999 bytes)
Hash
b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 40169
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

resources.mtb.com/Assets/img/mtb-equalhousinglender.svg

192.216.61.78

200 OK

230 B

URL HTTP/1.1
resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
IP
192.216.61.78:0
ASN
#12134 MTB

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
230 B (230 bytes)
Hash
916635d10512ae6a1840614a895dcd38
db175de4c42281bb4d239c57d1b95b8e75c529ec
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad

HTTP Headers

GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 10 Sep 2022 04:29:02 GMT
Accept-Ranges: bytes
ETag: "0fb76dacdc4d81:0"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="811275051"
Date: Mon, 12 Sep 2022 14:48:25 GMT
Content-Length: 230
Set-Cookie: TSf60233d5027=08affc4e07ab2000dfabb7a8aa6bf7406aa0a04f49a87e844f7fce5d6851e887d409b3ca0505e879084d1d14901130000b1a7565a5ed745c4064a3e7425c4f406d51f2b449ef4ef7c5f26e51feef8e8b904158b8537039d7abc349269e9abb8a; Path=/

resources.mtb.com/Assets/img/mtb-entrust.svg

192.216.61.78

200 OK

1.3 kB

URL HTTP/1.1
resources.mtb.com/Assets/img/mtb-entrust.svg
IP
192.216.61.78:0
ASN
#12134 MTB

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators
Size
1.3 kB (1349 bytes)
Hash
9a569ad20708d7453d89fe6c72e7fcdc
60b6a41620583484642f7c826faf8e3c879a6374
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5

HTTP Headers

GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 10 Sep 2022 04:29:02 GMT
Accept-Ranges: bytes
ETag: "0fb76dacdc4d81:0"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1569448750"
Date: Mon, 12 Sep 2022 14:48:25 GMT
Content-Length: 1349
Set-Cookie: TSf60233d5027=08affc4e07ab20003b0cde1c725c3ad76df56e766472d6a767b7f238b32b6b27c0b143d5c402f5b708e212847f113000a2d4aa2befaaaeb74064a3e7425c4f40a9c201cde773e76c6e9e7b5767d46c9f4155e6050d4d5772ed5fba1456dac936; Path=/

resources.mtb.com/Assets/img/mtb-logo.svg

192.216.61.78

200 OK

2.0 kB

URL HTTP/1.1
resources.mtb.com/Assets/img/mtb-logo.svg
IP
192.216.61.78:0
ASN
#12134 MTB

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators
Size
2.0 kB (2039 bytes)
Hash
f2b901cf895852a0866fe4a16c7f1730
c4240af1ec798477b4e65a185ddbb1b038817da4
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac

HTTP Headers

GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 10 Sep 2022 04:29:02 GMT
Accept-Ranges: bytes
ETag: "0fb76dacdc4d81:0"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1417821877"
Date: Mon, 12 Sep 2022 14:48:25 GMT
Content-Length: 2039
Set-Cookie: TSf60233d5027=08affc4e07ab2000b6ac5f1d17973770b6ba0baf3380b0992bfacae19d8f69b921e355f62a36f312081c638b3b113000f8f27c7f3dfc2f6e4064a3e7425c4f405f5657eb640ad81f038da9deffa6207144feda9c6237c06651945709f7f51205; Path=/

tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js

2.18.173.203

200 OK

33 kB

URL HTTP/2
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js
IP
2.18.173.203:0
ASN
#16625 AKAMAI-AS

File type
HTML document, ASCII text, with very long lines (11428)
Size
33 kB (32606 bytes)
Hash
8ce0dd72572691ecd04827a4bf4303e3
29111c875db47508ca2454b7dcb667b727bc3af3
7003d414b590825a4a96e49e9f8260fa27388cf012a4f724426f7129662f5b44

HTTP Headers

GET /utag/mtbank/olb-legacy/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "622c01a5e4b6dcdd3c9225031edfc2e8:1662943282.783522"
last-modified: Mon, 12 Sep 2022 00:41:23 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Mon, 12 Sep 2022 14:53:26 GMT
date: Mon, 12 Sep 2022 14:48:26 GMT
content-length: 32606
X-Firefox-Spdy: h2

tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113

2.18.173.203

200 OK

3.5 kB

URL HTTP/1.1
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113
IP
2.18.173.203:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1579)
Size
3.5 kB (3522 bytes)
Hash
f51f6472c0b3773d744257799dc5a808
5da9efcd4dcb1e9a2cdae9d56dbd04a60dfdfb66
d9487b13d7808c0b581a79cb6f953b7f4b0ac128cdf545d5a2074575f22d3930

HTTP Headers

GET /utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grafexpert.ro/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "55e2dafd4e2f01e1da100818637f6e46:1635801208.490581"
Last-Modified: Mon, 01 Nov 2021 21:13:28 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1296000
Expires: Tue, 27 Sep 2022 14:48:26 GMT
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Length: 3522
Connection: keep-alive

tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209120041&cb=1662994094738

2.18.173.203

200 OK

2 B

URL HTTP/1.1
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209120041&cb=1662994094738
IP
2.18.173.203:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

HTTP Headers

GET /utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209120041&cb=1662994094738 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grafexpert.ro/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
Last-Modified: Thu, 14 Apr 2016 16:57:51 GMT
Server: AkamaiNetStorage
Content-Length: 2
Unused62: 8096267
Cache-Control: max-age=600
Expires: Mon, 12 Sep 2022 14:58:26 GMT
Date: Mon, 12 Sep 2022 14:48:26 GMT
Connection: keep-alive

resources.mtb.com/assets/fonts/mandtpg-iconfont.woff

192.216.61.78

200 OK

4.8 kB

URL HTTP/1.1
resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
IP
192.216.61.78:0
ASN
#12134 MTB

File type
Web Open Font Format, TrueType, length 4776, version 1.0\012- data
Size
4.8 kB (4776 bytes)
Hash
ac13691b89191d11d0e5577eb3cf3d53
0126fa82c0ab022e61b5de74f1fe3e204a905a7b
108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df

HTTP Headers

GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Sat, 10 Sep 2022 04:29:03 GMT
Accept-Ranges: bytes
ETag: "028a8dbcdc4d81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-373376166", dtTao;desc="1"
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Length: 4776
Set-Cookie: dtCookie=v_4_srv_1_sn_50F54345A7EBD98862102AA9A49F7634_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd725805f899e093f4226c3073031adfcc69f554f11e8f1bd8a5027c62035db265c8b78e4e11eb7bdd352b6078035f300d; Path=/
TS0128739d=019f8203fd7821f76d0b13ecba8f2f3417cacd7d4969f554f11e8f1bd8a5027c62035db26563f3d3867db6e54a449a00cabac1c6c16b60f218bee41621674df3666e8786a8; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200036f28b4d4c9328f6244200a6c2ab69037ad0088d14483042af263999e96abf6f0802e6cacb1130000de643e113fcfa234064a3e7425c4f40de79a87bb81501d3764891efa6e0691a3dd1bcc0e208e31a465820f98d4340d4; Path=/

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=AW-990489911

142.250.74.72

200 OK

46 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-990489911
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
46 kB (46087 bytes)
Hash
9cd24c53db7b3e1d8fe5e67623a99ac8
2127bea554f0d7e649af83741b1315cb02e0d3f9
36fa41f17397fbfab6c9e1ac4e7af69720ce5c01813cfa0ec3a29405ab47be97

HTTP Headers

GET /gtag/js?id=AW-990489911 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 14:48:26 GMT
expires: Mon, 12 Sep 2022 14:48:26 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.quantummetric.com/qscripts/quantum-mtb.js

172.67.20.158

301 Moved Permanently

178 B

URL HTTP/1.1
cdn.quantummetric.com/qscripts/quantum-mtb.js
IP
172.67.20.158:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grafexpert.ro/

HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.quantummetric.com/qscripts/quantum-mtb.js
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749971ae9a811c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff

192.216.61.78

200 OK

64 kB

URL HTTP/1.1
resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
IP
192.216.61.78:0
ASN
#12134 MTB

File type
Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Size
64 kB (64318 bytes)
Hash
b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc

HTTP Headers

GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Sat, 10 Sep 2022 04:29:03 GMT
Accept-Ranges: bytes
ETag: "028a8dbcdc4d81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1926896579", dtTao;desc="1"
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Length: 64318
Set-Cookie: dtCookie=v_4_srv_1_sn_D02D55F4A8CC2C47499CC5362C2730EC_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd3f6c9d9da386f247cfa869c49a4e4b3614f204e7c932d6f3d6271454f21d4c08fd4f38971500d6551e0c22ff31ea15fa; Path=/
TS0128739d=019f8203fd4a3bca165376d91cfeb2bfc7ab53d5bc14f204e7c932d6f3d6271454f21d4c087e65bb3fe1300709db54150d7c3c9d6c1ac73fa23996cf208e797c9b2dc7bbd7; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200085d1549bbc7002d0f8df7bfa0dbc5f1f7b9baaf7bac9b3d25003619dd0af075508be98ec7f11300063fced5c5d332c184064a3e7425c4f406013762a572394979d69520560667fd7df2a42f289fae167414667be23d1b45a; Path=/

resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff

192.216.61.78

200 OK

68 kB

URL HTTP/1.1
resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
IP
192.216.61.78:0
ASN
#12134 MTB

File type
Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Size
68 kB (67671 bytes)
Hash
6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2

HTTP Headers

GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Sat, 10 Sep 2022 04:29:03 GMT
Accept-Ranges: bytes
ETag: "028a8dbcdc4d81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-698341773", dtTao;desc="1"
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Length: 67671
Set-Cookie: dtCookie=v_4_srv_4_sn_3EC20F15041CEB2CFD2FBDCBAD5DE2A8_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fdcd2eb68dbe5daddae73b9bf3a8e4ea4efdd4fbcfcbf053964affcc40f47cd9aaa596c4c4072ab373be38fe0976cc197c; Path=/
TS0128739d=019f8203fd19187fda453f5a2bfdab68d06a1b8fd6fdd4fbcfcbf053964affcc40f47cd9aa393688c6f3edd02829e190847ac6d771a3f30c1799570fbb18e82fdd0d713242; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000205e44b24f4afe8fed53fa27031eefe2d1062775576aad196c313cbf2134a35408fd660202113000751c9312997a6d214064a3e7425c4f401576f1ce4742c3b3ffc0fcdacde455ce6cb8b9bb4ca14fe643c715075fe2aadc; Path=/

ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A6U7LDKDAQAApWoJYIcntPzNlEF1zToUy2DnqJS4WqHBhWipk4Pls0YCDQCSAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775

107.162.179.174

200 OK

921 B

URL HTTP/1.0
ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A6U7LDKDAQAApWoJYIcntPzNlEF1zToUy2DnqJS4WqHBhWipk4Pls0YCDQCSAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775
IP
107.162.179.174:0
ASN
#55002 DEFENSE-NET

File type
ASCII text, with very long lines (921), with no line terminators
Size
921 B (921 bytes)
Hash
b66c53a746511bbf785be4208f8e1d74
f0e1131a8a88837730c67e86d977adb1887b243e
8c96eaddd9e7e37410b08dc0c91307c51f036032a7eac0ae5d006d6f3580b6da

HTTP Headers

GET /1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A6U7LDKDAQAApWoJYIcntPzNlEF1zToUy2DnqJS4WqHBhWipk4Pls0YCDQCSAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775 HTTP/1.1
Host: ponos.zeronaught.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.0 200 OK
Access-Control-Allow-Origin: *
Content-Type: text/plain; charset=UTF-8
Connection: close
Content-Length: 921

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1

15.188.95.229

302 Found

0 B

URL HTTP/1.1
mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP
15.188.95.229:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grafexpert.ro/

HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Mon, 12 Sep 2022 14:48:27 GMT
content-type: text/plain;charset=utf-8
expires: Sun, 11 Sep 2022 14:48:27 GMT
last-modified: Tue, 13 Sep 2022 14:48:27 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_nwa=[CS]v4|0-0|631F46BB[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Wed, 11 Sep 2024 14:48:48 GMT; SameSite=None;
location: http://mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&pccr=true&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

16 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1623)
Size
16 kB (15687 bytes)
Hash
4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Sep 2022 14:48:27 GMT
expires: Mon, 12 Sep 2022 14:48:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&pccr=true&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1

15.188.95.229

200 OK

43 B

URL HTTP/1.1
mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&pccr=true&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP
15.188.95.229:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&pccr=true&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://grafexpert.ro/
Connection: keep-alive

HTTP/1.1 200 OK
access-control-allow-origin: *
date: Mon, 12 Sep 2022 14:48:27 GMT
expires: Sun, 11 Sep 2022 14:48:27 GMT
last-modified: Tue, 13 Sep 2022 14:48:27 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_nwa=[CS]v4|7FCD4E09468BC174-21ABF6A6AF6917A|0[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Wed, 11 Sep 2024 14:48:48 GMT; SameSite=None;
etag: 3571252653368836096-4619644465755766288
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.entrust.net/

23.13.44.131

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
23.13.44.131:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1585 bytes)
Hash
943ec7bb74525791a6c626e2c0f23fac
9f72bfefbcbf9aa303454ec1fa468909bd768b08
a2394401445efd3dbfeb8b3d258733c75588f47ae9ba1383f4313b2769f8ba78

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "A2394401445EFD3DBFEB8B3D258733C75588F47AE9BA1383F4313B2769F8BA78"
Last-Modified: Mon, 12 Sep 2022 02:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:49 GMT
Date: Mon, 12 Sep 2022 14:48:27 GMT
Connection: keep-alive

googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1662994095544&cv=9&fst=1662994095544&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa970&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&auid=1936164006.1662994095&hn=www.google.com&async=1&rfmt=3&fmt=4

216.58.211.2

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1662994095544&cv=9&fst=1662994095544&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa970&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&auid=1936164006.1662994095&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2352), with no line terminators
Size
1.1 kB (1074 bytes)
Hash
5a28a72c2ace47f88e32e40de677aed7
ea51f2377df3e83bde970e701325477e5d5260f7
858439679206996c1c6b37ed060785b42a4396637fc06945768f02d62d5d4b6f

HTTP Headers

GET /pagead/viewthroughconversion/990489911/?random=1662994095544&cv=9&fst=1662994095544&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa970&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&auid=1936164006.1662994095&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 14:48:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1074
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 12-Sep-2022 15:03:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.quantummetric.com/qscripts/quantum-mtb.js

172.67.20.158

200 OK

91 kB

URL HTTP/2
cdn.quantummetric.com/qscripts/quantum-mtb.js
IP
172.67.20.158:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3730)
Size
91 kB (91208 bytes)
Hash
a6e762be43d4169feac43fe7a45d56eb
c95d3307648400a8e8077f18e314a7951ec71dd9
9189f96e8ffe57cdef03ef2b90d5b987604c017052a3f133773143112b0e3c30

HTTP Headers

GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://grafexpert.ro/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 14:48:27 GMT
content-type: text/javascript
vary: Accept-Encoding
etag: W/"166299333032716613605351101662969602402"
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-cache-status: MISS
server: cloudflare
cf-ray: 749971b059270b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/990489911/?random=1662994095544&cv=9&fst=1662991200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2104952885&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/990489911/?random=1662994095544&cv=9&fst=1662991200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2104952885&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/990489911/?random=1662994095544&cv=9&fst=1662991200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2104952885&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 14:48:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
587e520a215476b81ca7c92bfe21afbd
9e6715c0bef8a59b59abc814d5f9d3ef463911c3
8f36b22add4c3ed1a3a821510bc8de9d70620fbb108a59c4ed1527330f99da0a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 12 Sep 2022 14:48:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 12 Sep 2022 03:21:01 GMT
Expires: Tue, 13 Sep 2022 03:21:01 GMT
ETag: "9e6715c0bef8a59b59abc814d5f9d3ef463911c3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
a87b9ac0e0abbaa1cd8c3cec01a1833a
6a7c26c33504e3f492ffa4bc04f16f08cbf9c8b8
343b70cf83f0f13e69780aa81d55acd2f3a5ba779fb8bb3e6af6b3683fdc6fd4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 14:48:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 11:27:52 GMT
Expires: Fri, 16 Sep 2022 11:27:51 GMT
Etag: "6a7c26c33504e3f492ffa4bc04f16f08cbf9c8b8"
Cache-Control: max-age=332962,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749971ba9d83b51e-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
a87b9ac0e0abbaa1cd8c3cec01a1833a
6a7c26c33504e3f492ffa4bc04f16f08cbf9c8b8
343b70cf83f0f13e69780aa81d55acd2f3a5ba779fb8bb3e6af6b3683fdc6fd4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 14:48:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 11:27:52 GMT
Expires: Fri, 16 Sep 2022 11:27:51 GMT
Etag: "6a7c26c33504e3f492ffa4bc04f16f08cbf9c8b8"
Cache-Control: max-age=332962,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749971ba9d030b39-OSL

mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096312&z=1&Q=1&Y=1&X=ed3a56d449394b73b3a4ff5f1029da40

34.67.142.127

200 OK

0 B

URL HTTP/2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096312&z=1&Q=1&Y=1&X=ed3a56d449394b73b3a4ff5f1029da40
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096312&z=1&Q=1&Y=1&X=ed3a56d449394b73b3a4ff5f1029da40 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3035
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:28 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: http://grafexpert.ro
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
X-Firefox-Spdy: h2

mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096310&z=1&S=0&N=0&P=0

34.67.142.127

200 OK

1.6 kB

URL HTTP/2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096310&z=1&S=0&N=0&P=0
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.6 kB (1619 bytes)
Hash
8a524324135b9c02b9853f67f8a50c4e
5c9e39cf102de40569a2f3cef1053002d14c10d8
a3f829da364929adf73d2ba4bf97d7c150054243fbcc1c50235d503a6307e1b6

HTTP Headers

POST /?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096310&z=1&S=0&N=0&P=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 391
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:28 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: http://grafexpert.ro
access-control-allow-credentials: true
set-cookie: s=063938b8b99fb4a7e2a6f60829136b92;path=/;samesite=none;secure
U=bc217306bf7601de96f9ed5c0f7e65e3;path=/;expires=Tue, 12 Sep 2023 14:48:28 GMT;samesite=none;secure
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
content-encoding: gzip
X-Firefox-Spdy: h2

mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994097007&H=cbe91dfd3aea9788d2573c82&s=063938b8b99fb4a7e2a6f60829136b92&U=bc217306bf7601de96f9ed5c0f7e65e3&z=1&Q=2&S=0&N=0

34.67.142.127

200 OK

0 B

URL HTTP/2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994097007&H=cbe91dfd3aea9788d2573c82&s=063938b8b99fb4a7e2a6f60829136b92&U=bc217306bf7601de96f9ed5c0f7e65e3&z=1&Q=2&S=0&N=0
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994097007&H=cbe91dfd3aea9788d2573c82&s=063938b8b99fb4a7e2a6f60829136b92&U=bc217306bf7601de96f9ed5c0f7e65e3&z=1&Q=2&S=0&N=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 87
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Cookie: s=063938b8b99fb4a7e2a6f60829136b92; U=bc217306bf7601de96f9ed5c0f7e65e3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:29 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: http://grafexpert.ro
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
X-Firefox-Spdy: h2

mtb-app.quantummetric.com/?s=063938b8b99fb4a7e2a6f60829136b92&H=cbe91dfd3aea9788d2573c82&Q=3

34.67.142.127

200 OK

50 B

URL HTTP/2
mtb-app.quantummetric.com/?s=063938b8b99fb4a7e2a6f60829136b92&H=cbe91dfd3aea9788d2573c82&Q=3
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
50 B (50 bytes)
Hash
e7216d542023258c6c9d2da8ca3bc51c
da037d6db0fbe6f309c0afcedca5033638d4e253
131608ec884c52d801e117af9238303a4123d16104df040545f3c73ddd7e4c42

HTTP Headers

GET /?s=063938b8b99fb4a7e2a6f60829136b92&H=cbe91dfd3aea9788d2573c82&Q=3 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Cookie: s=063938b8b99fb4a7e2a6f60829136b92; U=bc217306bf7601de96f9ed5c0f7e65e3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:28 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: http://grafexpert.ro
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations