grafexpert.ro/SPORT/mtbnemail/index.htm
89.37.29.45200 OK 7.1 kB URL HTTP/1.1 grafexpert.ro/SPORT/mtbnemail/index.htm
IP 89.37.29.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1029), with CRLF line terminators
Hash 505f7034ee1fb9df7fc3083879145e87
94139e8f8e568d178aaa17d80583832cd1afc8e0
73d0869ed9b4a566675f105dc2600c3ef3fa359fe93c10620190876d7b84a54a
Analyzer Verdict Alert fortinet Malware
GET /SPORT/mtbnemail/index.htm HTTP/1.1
Host: grafexpert.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 14:48:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 05 Jan 2022 11:48:30 GMT
Server: ClausWeb-nginx
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 14:08:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TclQiIP6ubJlslrtaM1jHcCoECSVRQjAZCVakbHqa6YOH6ih5xbjOg==
Age: 2409
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16582
Expires: Mon, 12 Sep 2022 19:24:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YpkfBz5HjqoJ_lr5eD_KoRE8VcKSXJdeCJ48kJr_MsSHmAKdWK9N6w==
age: 27070
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 13:56:07 GMT
Expires: Mon, 12 Sep 2022 14:48:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xfDnsJHMDoW0YHbkxj5g93oTHYI6zHCMfJAnr5DnD7cwK0STxaTfnQ==
Age: 3135
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 6809d4fc5fc7b1d665e889ba76964892
0fb2b47d32184f94375e77f8173de43f645d15e0
36634fb84a32fb5658e8fc32c37d36c8128650f7cf51dc48bb5bd1c5e94eeaf2
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36634FB84A32FB5658E8FC32C37D36C8128650F7CF51DC48BB5BD1C5E94EEAF2"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:44 GMT
Date: Mon, 12 Sep 2022 14:48:22 GMT
Connection: keep-alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash fdf2e94a204238c07cb93f0f0445aade
52df9c626115a90410aa17803bd25faff1265587
bce7ca675f4daab4a0f67dd110f7c62c7d32b2f34faced0e834441decfe859c0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BCE7CA675F4DAAB4A0F67DD110F7C62C7D32B2F34FACED0E834441DECFE859C0"
Last-Modified: Mon, 12 Sep 2022 08:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 12 Sep 2022 15:48:23 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash fdf2e94a204238c07cb93f0f0445aade
52df9c626115a90410aa17803bd25faff1265587
bce7ca675f4daab4a0f67dd110f7c62c7d32b2f34faced0e834441decfe859c0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BCE7CA675F4DAAB4A0F67DD110F7C62C7D32B2F34FACED0E834441DECFE859C0"
Last-Modified: Mon, 12 Sep 2022 08:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Mon, 12 Sep 2022 15:47:35 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 53ea2e67d54715ef13e8b359a73c446b
ab1b42b57fbbe987841a9d97377d9e6aab136b99
9538f04f1eff4d090ebbeb4d10c52033df7ccde002e59a2338d976dd7fa53e55
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9538F04F1EFF4D090EBBEB4D10C52033DF7CCDE002E59A2338D976DD7FA53E55"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 12 Sep 2022 15:48:23 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 53ea2e67d54715ef13e8b359a73c446b
ab1b42b57fbbe987841a9d97377d9e6aab136b99
9538f04f1eff4d090ebbeb4d10c52033df7ccde002e59a2338d976dd7fa53e55
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9538F04F1EFF4D090EBBEB4D10C52033DF7CCDE002E59A2338D976DD7FA53E55"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 12 Sep 2022 15:48:23 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 53ea2e67d54715ef13e8b359a73c446b
ab1b42b57fbbe987841a9d97377d9e6aab136b99
9538f04f1eff4d090ebbeb4d10c52033df7ccde002e59a2338d976dd7fa53e55
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9538F04F1EFF4D090EBBEB4D10C52033DF7CCDE002E59A2338D976DD7FA53E55"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 12 Sep 2022 15:48:23 GMT
Date: Mon, 12 Sep 2022 14:48:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5694
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:23 GMT
Last-Modified: Mon, 12 Sep 2022 13:13:29 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
onlinebanking.mtb.com/Assets/scripts/Login/Index.js
24.75.29.69200 OK 7.0 kB URL HTTP/1.1 onlinebanking.mtb.com/Assets/scripts/Login/Index.js
IP 24.75.29.69:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3babf9179a67f9967650540d49367123
0df85be532ac1c57eed3791d48b46bf3f29bec8f
c91e7a2cc1c3999b227fdb4c8656592fb9662e91af49ce4e76f4955c38ababfb
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Last-Modified: Sat, 10 Sep 2022 05:51:00 GMT
Accept-Ranges: bytes
ETag: "03ad24dd9c4d81:0"
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SRV: B-WEB-05
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="1"
Date: Mon, 12 Sep 2022 14:48:23 GMT
Content-Length: 6950
Set-Cookie: dtCookie=v_4_srv_2_sn_ED877B8D3475E23B40B799CC1CCA8E83_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f9945525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a9260f828a75e453ebf4ac42b45f36c005bead942b81de187a0edbc89a4b0678e6e5721f1f9a4be8af0a4655e5d308010d44; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed1472744bf89eb4de1e3b6a703debfdb5ece32bae78efe83ffdd0f25595b837d732457dae72fa4a7b9365fd9bdc235363273; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab2000e0771c14681c09bc548125bd337e9ec18a30443202a233c728f70a62d7c95d6208343ddf791130008ffa5f28800e3ae0b506888e249b08d1c3bb417bdfc7c121a582f35458f44ffbdda0c8e5a6d6c5e49d58209387c94343; Path=/
onlinebanking.mtb.com/Assets/js/tealium_prod.js
24.75.29.69200 OK 307 B URL HTTP/1.1 onlinebanking.mtb.com/Assets/js/tealium_prod.js
IP 24.75.29.69:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 6cab7150291c8cb24191bc92c73a487e
dd4cbd99cc921486ec7a27525fd66b6a2d3ccc55
e585e536633d98c846579082b6aead897ae524ff8a71e5852d60d129e8fc2ac4
GET /Assets/js/tealium_prod.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Last-Modified: Sat, 10 Sep 2022 05:51:00 GMT
Accept-Ranges: bytes
ETag: "03ad24dd9c4d81:0"
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SRV: B-WEB-05
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="1"
Date: Mon, 12 Sep 2022 14:48:23 GMT
Content-Length: 307
Set-Cookie: dtCookie=v_4_srv_11_sn_87D8903358584031397121E5A8B2AF7F_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f9945525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a92605a64a28bd1166854d6a9fea3c930a6fc9589a97f97ef299d414798776d5f48b31e3ba325ba57e8266c44a09b6c8e0fc; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed1478957d1fd2012fc2f3425eaa86d4602124bc071ea295078b13c1802450ab0c3141fe6ee7060378a4c4256547d65d7d8d9; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab200030a9066cfb793116363acab339db2057f6e5bb5e07cc9228e5a39465ff25043c082f0eec45113000864c4a5ac9ea1fd5b506888e249b08d14971013e2c860f972964670c52b4f16200b98d65480fbdbbb362b467c55b4a70; Path=/
resources.mtb.com/r/simple-layout-responsive/css.mtb?v=09242021103000
192.216.61.78200 OK 35 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/css.mtb?v=09242021103000
IP 192.216.61.78:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash da035f53931c132155280b9c00893409
94ae91f42af9f8af8eed42934ea710bd409fdee8
2269c7300f76270849225e1b1f045bf65e36ea325d5fed63ffb55f3a5758195a
GET /r/simple-layout-responsive/css.mtb?v=09242021103000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Expires: Tue, 12 Sep 2023 14:48:23 GMT
Last-Modified: Mon, 12 Sep 2022 14:48:22 GMT
ETag: "1662994103:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="675691332"
Date: Mon, 12 Sep 2022 14:48:22 GMT
ntCoent-Length: 258715
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_1_sn_BA547BE4303FA76904D20D056FF3B515_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_1; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd7a71de5d701403dcee09889aadc6caa637e41db53ff0633bf0cb779cfed2c98ea6f0e0cc598fad9395c22be1d411b975; Path=/
TS0128739d=019f8203fdc8f10c46ee218417321e11b7953940bd37e41db53ff0633bf0cb779cfed2c98e3a86bc54124f5b63fa5f0f9bdc338b19a89b6cf1ede7960205263c7e9db8f473; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200084d5b85f2f466d6fa066dc75ec3a86c8c6bfe0f9f41e903df286712866d063f9082089a22b113000387424e5ac4113a5b022ecf97610fec298075d91986777418cd0c80679a9debf54e80503a5ae5ef03954fab877525f5c; Path=/
Transfer-Encoding: chunked
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NOaN+0zIKYBgfmQvocvQ+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o0ScOZRMlTrxSDa2wAiItsVc42M=
resources.mtb.com/r/simple-layout-responsive/js.mtb?v=09242021103000
192.216.61.78200 OK 104 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/js.mtb?v=09242021103000
IP 192.216.61.78:0
File type ASCII text, with CRLF line terminators
Size 104 kB (103531 bytes)
Hash 727a0de3144aa33cd4534796486e2363
86ed4f75d976f4f5974724a6a19723798f29386e
4944e8c395c12a394fb7be2e85d249d24381a5848f743a5d63bf2b0edda3bcdc
GET /r/simple-layout-responsive/js.mtb?v=09242021103000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Expires: Tue, 12 Sep 2023 14:48:23 GMT
Last-Modified: Mon, 12 Sep 2022 14:48:22 GMT
ETag: "1662994103:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="890584628"
Date: Mon, 12 Sep 2022 14:48:22 GMT
Cteonnt-Length: 322405
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_1_sn_940F10A35081D84523BF09D7FD29EB1E_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd62a24d5a0384f129e849e1b2f744b79fbf58cd4373fb5d7b71f603e0acb9b1c53c4b31294b449ae4dc6010a03a47f3a4; Path=/
TS0128739d=019f8203fd14f0e8aa59b1c5e8749ceb35a4d3257ebf58cd4373fb5d7b71f603e0acb9b1c51cfc51d456e44201015fc42b547e41559af6880a9cfd74bd31f4e942f530c14e; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab20001a1cc06b369e7882675f625f611b762715bbc51a606de9cfaed1ada5b4ddfe2208de2566fe1130009a123d4625454353b022ecf97610fec2620180766dd6b91430cf2856f85400ff2f617498a1b52b2513a48b7d2afe11da; Path=/
Transfer-Encoding: chunked
onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10227211018092056.js
24.75.29.69200 OK 86 kB URL HTTP/1.1 onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10227211018092056.js
IP 24.75.29.69:0
File type ASCII text, with very long lines (1629)
Hash dfbc58d3a725843d905bb466313afcbf
8642551dc5750aa4e82c2595c2e4d8e28c5658df
7297767ec8d243f3678be6106de01b1facc09b7af1f11178d1de6e8ffce06612
GET /ruxitagentjs_ICA2Vfhjqrux_10227211018092056.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=3600
Content-Length: 86087
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Mon, 12 Sep 2022 15:48:23 GMT
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SRV: B-WEB-05
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Date: Mon, 12 Sep 2022 14:48:23 GMT
Set-Cookie: mtbcookie=ffffffffc3a03f9945525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a926321dabd039a24dcaa709a7422a7af7ce9d234194484a90bfc1e6909f952db6c9c83250eab4c94486a6bc5e3e644c07a0; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147c8850e7cd1d476b352ce5fbd1b98f8200142b3c827ab18ad51f00fd543d418f9c0efc4409073baa09cadc0852171b2e9; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab20007d2fa25b1bada1a70eb93f73dcf8691c26baf78dae9f881ba8c4971a6a5968c9086df3971e113000afb6a0933ea8a11eb506888e249b08d1dab91dab82ddfbd398f067a9a6a82769b3a0eb045dfa51c0acf1157a3564a68e; Path=/
onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
24.75.29.69200 OK 173 kB URL HTTP/1.1 onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
IP 24.75.29.69:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 173 kB (173374 bytes)
Hash dbe7c96e1778d25cdf7b1f555d874f43
9efd647600ab119e9b61dfebbd52112ee5b84fc0
50d59311e7899e69f61b30a4ece4f33e6242142534fcf185a97b56a2963ef183
GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 14:48:23 GMT
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
X-Ion-Hop: 1
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Set-Cookie: e9LegkvD=A6U7LDKDAQAAzennvxSuBZJGifh__pw74OGWKLLZiXJrDup1M4Pls0YCDQCSAVtaKpqcuC2nwH8AADQwAAAAAA|1|0|de70a8a6f11d7d570ba6fa9008e494fdbc4ab247; Path=/; Max-Age=1577847600; Domain=mtb.com
TS01e71088=01fb46a92682ef3fccc25a2197df8a6e2024913cf80031d276c785909f0e2fc7add6c4e9150caeb4b1353e05467e7a2766735d6835; Path=/; Domain=.onlinebanking.mtb.com
TS01ea4191=01fb46a92682ef3fccc25a2197df8a6e2024913cf80031d276c785909f0e2fc7add6c4e9150caeb4b1353e05467e7a2766735d6835; path=/; domain=mtb.com
TSba0bc889027=0856addebbab2000fbd1592f19db537e84b5bf19b55d6d617c06d37c4116da1ebdf83ddb18c2b38408dd67e2ac1130008707235db291d41bb506888e249b08d137803393fa7c9f5f148f5b4ecc84e21aa45dc890e1eead8f8d342a82dd1f49b0; Path=/
Transfer-Encoding: chunked
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3458
Expires: Mon, 12 Sep 2022 15:46:02 GMT
Date: Mon, 12 Sep 2022 14:48:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3458
Expires: Mon, 12 Sep 2022 15:46:02 GMT
Date: Mon, 12 Sep 2022 14:48:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36ab1cf7-da3f-4bea-abd5-3f9da5a18c29.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36ab1cf7-da3f-4bea-abd5-3f9da5a18c29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash beca122055c554548ca6ef68a66a4e2e
cf5ec3650282d05c082eb0534f1b70a59f9f4bbe
a9cf7ef5dfb6a58c66bc29b2a280c2253e56a28ce317d8271273ddae2008d9d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36ab1cf7-da3f-4bea-abd5-3f9da5a18c29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9126
x-amzn-requestid: 86fd10d3-f2bb-4191-93b0-3a416000fd68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJHeGMqoAMFnwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5562-1f8b12e10d7212353f050f3f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WcMMN48JT7YRvUBGR6oAes5EwusRcdgrWT60xJffsOfsbkJ4_XyALg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 61593
etag: "cf5ec3650282d05c082eb0534f1b70a59f9f4bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 41556
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 61593
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
age: 60764
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jGj2al3pBpze7UQnHild4DxKndrprY4pTG_EZScw2RukQlgFEvNMkw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:18:04 GMT
age: 27020
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 40169
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
192.216.61.78200 OK 230 B URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 916635d10512ae6a1840614a895dcd38
db175de4c42281bb4d239c57d1b95b8e75c529ec
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 10 Sep 2022 04:29:02 GMT
Accept-Ranges: bytes
ETag: "0fb76dacdc4d81:0"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="811275051"
Date: Mon, 12 Sep 2022 14:48:25 GMT
Content-Length: 230
Set-Cookie: TSf60233d5027=08affc4e07ab2000dfabb7a8aa6bf7406aa0a04f49a87e844f7fce5d6851e887d409b3ca0505e879084d1d14901130000b1a7565a5ed745c4064a3e7425c4f406d51f2b449ef4ef7c5f26e51feef8e8b904158b8537039d7abc349269e9abb8a; Path=/
resources.mtb.com/Assets/img/mtb-entrust.svg
192.216.61.78200 OK 1.3 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-entrust.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators
Hash 9a569ad20708d7453d89fe6c72e7fcdc
60b6a41620583484642f7c826faf8e3c879a6374
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 10 Sep 2022 04:29:02 GMT
Accept-Ranges: bytes
ETag: "0fb76dacdc4d81:0"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1569448750"
Date: Mon, 12 Sep 2022 14:48:25 GMT
Content-Length: 1349
Set-Cookie: TSf60233d5027=08affc4e07ab20003b0cde1c725c3ad76df56e766472d6a767b7f238b32b6b27c0b143d5c402f5b708e212847f113000a2d4aa2befaaaeb74064a3e7425c4f40a9c201cde773e76c6e9e7b5767d46c9f4155e6050d4d5772ed5fba1456dac936; Path=/
resources.mtb.com/Assets/img/mtb-logo.svg
192.216.61.78200 OK 2.0 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-logo.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators
Hash f2b901cf895852a0866fe4a16c7f1730
c4240af1ec798477b4e65a185ddbb1b038817da4
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Sat, 10 Sep 2022 04:29:02 GMT
Accept-Ranges: bytes
ETag: "0fb76dacdc4d81:0"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1417821877"
Date: Mon, 12 Sep 2022 14:48:25 GMT
Content-Length: 2039
Set-Cookie: TSf60233d5027=08affc4e07ab2000b6ac5f1d17973770b6ba0baf3380b0992bfacae19d8f69b921e355f62a36f312081c638b3b113000f8f27c7f3dfc2f6e4064a3e7425c4f405f5657eb640ad81f038da9deffa6207144feda9c6237c06651945709f7f51205; Path=/
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js
2.18.173.203200 OK 33 kB URL HTTP/2 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js
IP 2.18.173.203:0
File type HTML document, ASCII text, with very long lines (11428)
Hash 8ce0dd72572691ecd04827a4bf4303e3
29111c875db47508ca2454b7dcb667b727bc3af3
7003d414b590825a4a96e49e9f8260fa27388cf012a4f724426f7129662f5b44
GET /utag/mtbank/olb-legacy/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "622c01a5e4b6dcdd3c9225031edfc2e8:1662943282.783522"
last-modified: Mon, 12 Sep 2022 00:41:23 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Mon, 12 Sep 2022 14:53:26 GMT
date: Mon, 12 Sep 2022 14:48:26 GMT
content-length: 32606
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113
2.18.173.203200 OK 3.5 kB URL HTTP/1.1 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113
IP 2.18.173.203:0
File type ASCII text, with very long lines (1579)
Hash f51f6472c0b3773d744257799dc5a808
5da9efcd4dcb1e9a2cdae9d56dbd04a60dfdfb66
d9487b13d7808c0b581a79cb6f953b7f4b0ac128cdf545d5a2074575f22d3930
GET /utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grafexpert.ro/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "55e2dafd4e2f01e1da100818637f6e46:1635801208.490581"
Last-Modified: Mon, 01 Nov 2021 21:13:28 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1296000
Expires: Tue, 27 Sep 2022 14:48:26 GMT
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Length: 3522
Connection: keep-alive
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209120041&cb=1662994094738
2.18.173.203200 OK 2 B URL HTTP/1.1 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209120041&cb=1662994094738
IP 2.18.173.203:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209120041&cb=1662994094738 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grafexpert.ro/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
Last-Modified: Thu, 14 Apr 2016 16:57:51 GMT
Server: AkamaiNetStorage
Content-Length: 2
Unused62: 8096267
Cache-Control: max-age=600
Expires: Mon, 12 Sep 2022 14:58:26 GMT
Date: Mon, 12 Sep 2022 14:48:26 GMT
Connection: keep-alive
resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
192.216.61.78200 OK 4.8 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 4776, version 1.0\012- data
Hash ac13691b89191d11d0e5577eb3cf3d53
0126fa82c0ab022e61b5de74f1fe3e204a905a7b
108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Sat, 10 Sep 2022 04:29:03 GMT
Accept-Ranges: bytes
ETag: "028a8dbcdc4d81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-373376166", dtTao;desc="1"
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Length: 4776
Set-Cookie: dtCookie=v_4_srv_1_sn_50F54345A7EBD98862102AA9A49F7634_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd725805f899e093f4226c3073031adfcc69f554f11e8f1bd8a5027c62035db265c8b78e4e11eb7bdd352b6078035f300d; Path=/
TS0128739d=019f8203fd7821f76d0b13ecba8f2f3417cacd7d4969f554f11e8f1bd8a5027c62035db26563f3d3867db6e54a449a00cabac1c6c16b60f218bee41621674df3666e8786a8; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200036f28b4d4c9328f6244200a6c2ab69037ad0088d14483042af263999e96abf6f0802e6cacb1130000de643e113fcfa234064a3e7425c4f40de79a87bb81501d3764891efa6e0691a3dd1bcc0e208e31a465820f98d4340d4; Path=/
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-990489911
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-990489911
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 9cd24c53db7b3e1d8fe5e67623a99ac8
2127bea554f0d7e649af83741b1315cb02e0d3f9
36fa41f17397fbfab6c9e1ac4e7af69720ce5c01813cfa0ec3a29405ab47be97
GET /gtag/js?id=AW-990489911 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 14:48:26 GMT
expires: Mon, 12 Sep 2022 14:48:26 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.quantummetric.com/qscripts/quantum-mtb.js
172.67.20.158301 Moved Permanently 178 B URL HTTP/1.1 cdn.quantummetric.com/qscripts/quantum-mtb.js
IP 172.67.20.158:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grafexpert.ro/
HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.quantummetric.com/qscripts/quantum-mtb.js
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749971ae9a811c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
192.216.61.78200 OK 64 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Sat, 10 Sep 2022 04:29:03 GMT
Accept-Ranges: bytes
ETag: "028a8dbcdc4d81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1926896579", dtTao;desc="1"
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Length: 64318
Set-Cookie: dtCookie=v_4_srv_1_sn_D02D55F4A8CC2C47499CC5362C2730EC_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd3f6c9d9da386f247cfa869c49a4e4b3614f204e7c932d6f3d6271454f21d4c08fd4f38971500d6551e0c22ff31ea15fa; Path=/
TS0128739d=019f8203fd4a3bca165376d91cfeb2bfc7ab53d5bc14f204e7c932d6f3d6271454f21d4c087e65bb3fe1300709db54150d7c3c9d6c1ac73fa23996cf208e797c9b2dc7bbd7; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200085d1549bbc7002d0f8df7bfa0dbc5f1f7b9baaf7bac9b3d25003619dd0af075508be98ec7f11300063fced5c5d332c184064a3e7425c4f406013762a572394979d69520560667fd7df2a42f289fae167414667be23d1b45a; Path=/
resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
192.216.61.78200 OK 68 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Sat, 10 Sep 2022 04:29:03 GMT
Accept-Ranges: bytes
ETag: "028a8dbcdc4d81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-02
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-698341773", dtTao;desc="1"
Date: Mon, 12 Sep 2022 14:48:26 GMT
Content-Length: 67671
Set-Cookie: dtCookie=v_4_srv_4_sn_3EC20F15041CEB2CFD2FBDCBAD5DE2A8_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fdcd2eb68dbe5daddae73b9bf3a8e4ea4efdd4fbcfcbf053964affcc40f47cd9aaa596c4c4072ab373be38fe0976cc197c; Path=/
TS0128739d=019f8203fd19187fda453f5a2bfdab68d06a1b8fd6fdd4fbcfcbf053964affcc40f47cd9aa393688c6f3edd02829e190847ac6d771a3f30c1799570fbb18e82fdd0d713242; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000205e44b24f4afe8fed53fa27031eefe2d1062775576aad196c313cbf2134a35408fd660202113000751c9312997a6d214064a3e7425c4f401576f1ce4742c3b3ffc0fcdacde455ce6cb8b9bb4ca14fe643c715075fe2aadc; Path=/
ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A6U7LDKDAQAApWoJYIcntPzNlEF1zToUy2DnqJS4WqHBhWipk4Pls0YCDQCSAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775
107.162.179.174200 OK 921 B URL HTTP/1.0 ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A6U7LDKDAQAApWoJYIcntPzNlEF1zToUy2DnqJS4WqHBhWipk4Pls0YCDQCSAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775
IP 107.162.179.174:0
File type ASCII text, with very long lines (921), with no line terminators
Hash b66c53a746511bbf785be4208f8e1d74
f0e1131a8a88837730c67e86d977adb1887b243e
8c96eaddd9e7e37410b08dc0c91307c51f036032a7eac0ae5d006d6f3580b6da
GET /1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A6U7LDKDAQAApWoJYIcntPzNlEF1zToUy2DnqJS4WqHBhWipk4Pls0YCDQCSAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775 HTTP/1.1
Host: ponos.zeronaught.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.0 200 OK
Access-Control-Allow-Origin: *
Content-Type: text/plain; charset=UTF-8
Connection: close
Content-Length: 921
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
15.188.95.229302 Found 0 B URL HTTP/1.1 mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 15.188.95.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grafexpert.ro/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Mon, 12 Sep 2022 14:48:27 GMT
content-type: text/plain;charset=utf-8
expires: Sun, 11 Sep 2022 14:48:27 GMT
last-modified: Tue, 13 Sep 2022 14:48:27 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_nwa=[CS]v4|0-0|631F46BB[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Wed, 11 Sep 2024 14:48:48 GMT; SameSite=None;
location: http://mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&pccr=true&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Sep 2022 14:48:27 GMT
expires: Mon, 12 Sep 2022 14:48:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&pccr=true&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
15.188.95.229200 OK 43 B URL HTTP/1.1 mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&pccr=true&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 15.188.95.229:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/mtb/1/JS-2.9.0/s09673431215402?AQB=1&pccr=true&ndh=1&pf=1&t=12%2F8%2F2022%2014%3A48%3A14%201%200&fid=7FCD4E09468BC174-021ABF6A6AF6917A&ce=UTF-8&pageName=OLB%3ALogin%3AIndex&g=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&cc=USD&events=event21&c16=no%20value&c17=Monday%3A10%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&v27=D%3DpageName&c41=OLB&v41=OLB&v136=1662994094641&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://grafexpert.ro/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Mon, 12 Sep 2022 14:48:27 GMT
expires: Sun, 11 Sep 2022 14:48:27 GMT
last-modified: Tue, 13 Sep 2022 14:48:27 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_nwa=[CS]v4|7FCD4E09468BC174-21ABF6A6AF6917A|0[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Wed, 11 Sep 2024 14:48:48 GMT; SameSite=None;
etag: 3571252653368836096-4619644465755766288
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 943ec7bb74525791a6c626e2c0f23fac
9f72bfefbcbf9aa303454ec1fa468909bd768b08
a2394401445efd3dbfeb8b3d258733c75588f47ae9ba1383f4313b2769f8ba78
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "A2394401445EFD3DBFEB8B3D258733C75588F47AE9BA1383F4313B2769F8BA78"
Last-Modified: Mon, 12 Sep 2022 02:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Mon, 12 Sep 2022 15:47:49 GMT
Date: Mon, 12 Sep 2022 14:48:27 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1662994095544&cv=9&fst=1662994095544&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa970&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&auid=1936164006.1662994095&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1662994095544&cv=9&fst=1662994095544&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa970&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&auid=1936164006.1662994095&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2352), with no line terminators
Hash 5a28a72c2ace47f88e32e40de677aed7
ea51f2377df3e83bde970e701325477e5d5260f7
858439679206996c1c6b37ed060785b42a4396637fc06945768f02d62d5d4b6f
GET /pagead/viewthroughconversion/990489911/?random=1662994095544&cv=9&fst=1662994095544&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa970&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&auid=1936164006.1662994095&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 14:48:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1074
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 12-Sep-2022 15:03:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.quantummetric.com/qscripts/quantum-mtb.js
172.67.20.158200 OK 91 kB URL HTTP/2 cdn.quantummetric.com/qscripts/quantum-mtb.js
IP 172.67.20.158:0
File type ASCII text, with very long lines (3730)
Hash a6e762be43d4169feac43fe7a45d56eb
c95d3307648400a8e8077f18e314a7951ec71dd9
9189f96e8ffe57cdef03ef2b90d5b987604c017052a3f133773143112b0e3c30
GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://grafexpert.ro/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 14:48:27 GMT
content-type: text/javascript
vary: Accept-Encoding
etag: W/"166299333032716613605351101662969602402"
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-cache-status: MISS
server: cloudflare
cf-ray: 749971b059270b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/990489911/?random=1662994095544&cv=9&fst=1662991200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2104952885&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/990489911/?random=1662994095544&cv=9&fst=1662991200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2104952885&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/990489911/?random=1662994095544&cv=9&fst=1662991200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2104952885&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 14:48:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 14:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 587e520a215476b81ca7c92bfe21afbd
9e6715c0bef8a59b59abc814d5f9d3ef463911c3
8f36b22add4c3ed1a3a821510bc8de9d70620fbb108a59c4ed1527330f99da0a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 12 Sep 2022 14:48:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 12 Sep 2022 03:21:01 GMT
Expires: Tue, 13 Sep 2022 03:21:01 GMT
ETag: "9e6715c0bef8a59b59abc814d5f9d3ef463911c3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a87b9ac0e0abbaa1cd8c3cec01a1833a
6a7c26c33504e3f492ffa4bc04f16f08cbf9c8b8
343b70cf83f0f13e69780aa81d55acd2f3a5ba779fb8bb3e6af6b3683fdc6fd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 14:48:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 11:27:52 GMT
Expires: Fri, 16 Sep 2022 11:27:51 GMT
Etag: "6a7c26c33504e3f492ffa4bc04f16f08cbf9c8b8"
Cache-Control: max-age=332962,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749971ba9d83b51e-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a87b9ac0e0abbaa1cd8c3cec01a1833a
6a7c26c33504e3f492ffa4bc04f16f08cbf9c8b8
343b70cf83f0f13e69780aa81d55acd2f3a5ba779fb8bb3e6af6b3683fdc6fd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 14:48:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 11:27:52 GMT
Expires: Fri, 16 Sep 2022 11:27:51 GMT
Etag: "6a7c26c33504e3f492ffa4bc04f16f08cbf9c8b8"
Cache-Control: max-age=332962,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749971ba9d030b39-OSL
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096312&z=1&Q=1&Y=1&X=ed3a56d449394b73b3a4ff5f1029da40
34.67.142.127200 OK 0 B URL HTTP/2 mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096312&z=1&Q=1&Y=1&X=ed3a56d449394b73b3a4ff5f1029da40
IP 34.67.142.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096312&z=1&Q=1&Y=1&X=ed3a56d449394b73b3a4ff5f1029da40 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3035
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:28 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: http://grafexpert.ro
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096310&z=1&S=0&N=0&P=0
34.67.142.127200 OK 1.6 kB URL HTTP/2 mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096310&z=1&S=0&N=0&P=0
IP 34.67.142.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 8a524324135b9c02b9853f67f8a50c4e
5c9e39cf102de40569a2f3cef1053002d14c10d8
a3f829da364929adf73d2ba4bf97d7c150054243fbcc1c50235d503a6307e1b6
POST /?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994096310&z=1&S=0&N=0&P=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 391
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:28 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: http://grafexpert.ro
access-control-allow-credentials: true
set-cookie: s=063938b8b99fb4a7e2a6f60829136b92;path=/;samesite=none;secure
U=bc217306bf7601de96f9ed5c0f7e65e3;path=/;expires=Tue, 12 Sep 2023 14:48:28 GMT;samesite=none;secure
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
content-encoding: gzip
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994097007&H=cbe91dfd3aea9788d2573c82&s=063938b8b99fb4a7e2a6f60829136b92&U=bc217306bf7601de96f9ed5c0f7e65e3&z=1&Q=2&S=0&N=0
34.67.142.127200 OK 0 B URL HTTP/2 mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994097007&H=cbe91dfd3aea9788d2573c82&s=063938b8b99fb4a7e2a6f60829136b92&U=bc217306bf7601de96f9ed5c0f7e65e3&z=1&Q=2&S=0&N=0
IP 34.67.142.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=http%3A%2F%2Fgrafexpert.ro%2FSPORT%2Fmtbnemail%2Findex.htm&t=1662994095847&v=1662994097007&H=cbe91dfd3aea9788d2573c82&s=063938b8b99fb4a7e2a6f60829136b92&U=bc217306bf7601de96f9ed5c0f7e65e3&z=1&Q=2&S=0&N=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 87
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Cookie: s=063938b8b99fb4a7e2a6f60829136b92; U=bc217306bf7601de96f9ed5c0f7e65e3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:29 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: http://grafexpert.ro
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?s=063938b8b99fb4a7e2a6f60829136b92&H=cbe91dfd3aea9788d2573c82&Q=3
34.67.142.127200 OK 50 B URL HTTP/2 mtb-app.quantummetric.com/?s=063938b8b99fb4a7e2a6f60829136b92&H=cbe91dfd3aea9788d2573c82&Q=3
IP 34.67.142.127:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e7216d542023258c6c9d2da8ca3bc51c
da037d6db0fbe6f309c0afcedca5033638d4e253
131608ec884c52d801e117af9238303a4123d16104df040545f3c73ddd7e4c42
GET /?s=063938b8b99fb4a7e2a6f60829136b92&H=cbe91dfd3aea9788d2573c82&Q=3 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://grafexpert.ro
Connection: keep-alive
Referer: http://grafexpert.ro/
Cookie: s=063938b8b99fb4a7e2a6f60829136b92; U=bc217306bf7601de96f9ed5c0f7e65e3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 14:48:28 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: http://grafexpert.ro
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
content-encoding: gzip
X-Firefox-Spdy: h2