firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 10:05:05 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pmAFjO5uyYqZz_pFDMPbAEIQtjjg9XpHR9LLZcqG9Usa5oPyEC0VFQ==
Age: 2531
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6123
Expires: Tue, 27 Sep 2022 12:29:19 GMT
Date: Tue, 27 Sep 2022 10:47:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mi-oekAt1EsnKcAbZdTU8rHazv-1CK3CYvCLC2jbHgRXdCmMGRPADA==
age: 4983
X-Firefox-Spdy: h2
business4alltech.com/wp-content/uploads/2022/08/mtbank/auth.php
207.244.251.248200 OK 20 kB URL HTTP/1.1 business4alltech.com/wp-content/uploads/2022/08/mtbank/auth.php
IP 207.244.251.248:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (9275), with CRLF line terminators
Hash 2722abe83b9b5832bd6cb72f210dc827
82e634b26c947f15f08cc9ceb8b6200264279287
a1bf8a17311684839a29b36d7386bbeec1119e2f83662f7eb79906bf31af6434
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/mtbank/auth.php HTTP/1.1
Host: business4alltech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 10:47:16 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:47:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.9.js?utv=ut4.48.202207190010
23.38.200.249200 OK 2.3 kB URL HTTP/2 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.9.js?utv=ut4.48.202207190010
IP 23.38.200.249:0
File type ASCII text, with very long lines (1687)
Hash 1fcbc217d808f4d5768b28decfa82f67
41f333d97d207cc4838f938d4f0ddb848fbbc6c3
528892a53f29312c126ce5fbebe2a637bf0b1ad8061e922497b70954716ba934
GET /utag/mtbank/olb-legacy/prod/utag.9.js?utv=ut4.48.202207190010 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "810e03934b3c10d7c8dec1a74ad420aa:1662399491.418422"
last-modified: Mon, 05 Sep 2022 17:38:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 12 Oct 2022 10:47:17 GMT
date: Tue, 27 Sep 2022 10:47:17 GMT
content-length: 2309
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js
23.38.200.249200 OK 33 kB URL HTTP/2 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js
IP 23.38.200.249:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (11428)
Hash 00ea03b7bd72d30aea8ef9f81725f038
6b7c029ae2e16cc7e92d5f1366a90b942d661cd4
77c885c08aebc8d8080b12f97ea5fa719ef4c57e8ff723fe6fa5582dfa2c5868
GET /utag/mtbank/olb-legacy/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "4e9cf25064003bbb26b1409333c6cc7b:1663204422.838639"
last-modified: Thu, 15 Sep 2022 01:13:43 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Tue, 27 Sep 2022 10:52:17 GMT
date: Tue, 27 Sep 2022 10:47:17 GMT
content-length: 32838
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.1.js?utv=ut4.48.202103120408
23.38.200.249200 OK 22 kB URL HTTP/2 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.1.js?utv=ut4.48.202103120408
IP 23.38.200.249:0
File type ASCII text, with very long lines (11428)
Hash 7c434a02f5c8030b8db5fcf731ed7888
48823e97d85fb8649287e2d924eb81964f1b23a6
ccd002ef76b2127737081d3414c80b245f8c8f9a1792ad53900bc522c9dd0b11
GET /utag/mtbank/olb-legacy/prod/utag.1.js?utv=ut4.48.202103120408 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "65f0adaaf89b2c30ed0eef3dbd1e8105:1662399491.158223"
last-modified: Mon, 05 Sep 2022 17:38:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 12 Oct 2022 10:47:17 GMT
date: Tue, 27 Sep 2022 10:47:17 GMT
content-length: 22296
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113
23.38.200.249200 OK 3.5 kB URL HTTP/2 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113
IP 23.38.200.249:0
File type ASCII text, with very long lines (1579)
Hash f51f6472c0b3773d744257799dc5a808
5da9efcd4dcb1e9a2cdae9d56dbd04a60dfdfb66
d9487b13d7808c0b581a79cb6f953b7f4b0ac128cdf545d5a2074575f22d3930
GET /utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "55e2dafd4e2f01e1da100818637f6e46:1635801208.490581"
last-modified: Mon, 01 Nov 2021 21:13:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 12 Oct 2022 10:47:17 GMT
date: Tue, 27 Sep 2022 10:47:17 GMT
content-length: 3522
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ed2e244851a976fea15ad3b7c390ffdd
22f2c312ef134ec95ebdc940e2c99e9d5230cafb
be0b5ec334ac4e8ff3d30723207b61c9fe397810ae09fadd421cbe94e4c53844
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2083
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:17 GMT
Last-Modified: Tue, 27 Sep 2022 10:12:34 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=AW-990489911
142.250.74.72200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-990489911
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 5c6c5f97c433e08194f91314f852bdf7
9b74636a19e3911c3fb9b755cb2682d867340ae2
c7f214b33b8523ed7f48c0ceb4408a529d31d4d24a4ed4853185807c70a8f112
GET /gtag/js?id=AW-990489911 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 10:47:17 GMT
expires: Tue, 27 Sep 2022 10:47:17 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ed2e244851a976fea15ad3b7c390ffdd
22f2c312ef134ec95ebdc940e2c99e9d5230cafb
be0b5ec334ac4e8ff3d30723207b61c9fe397810ae09fadd421cbe94e4c53844
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2083
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:17 GMT
Last-Modified: Tue, 27 Sep 2022 10:12:34 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3499
Expires: Tue, 27 Sep 2022 11:45:36 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3589
Expires: Tue, 27 Sep 2022 11:47:06 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3499
Expires: Tue, 27 Sep 2022 11:45:36 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3589
Expires: Tue, 27 Sep 2022 11:47:06 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3499
Expires: Tue, 27 Sep 2022 11:45:36 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 09fa2d95bd099c2114cddaa93253987f
7abf8a73caed087100e7b4b211f2172cab1bbaf9
77272003f48a9abe401d1d9027b587a7bbfd339c50b155b8e40fe120a29bd2e6
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "77272003F48A9ABE401D1D9027B587A7BBFD339C50B155B8E40FE120A29BD2E6"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3572
Expires: Tue, 27 Sep 2022 11:46:49 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 09fa2d95bd099c2114cddaa93253987f
7abf8a73caed087100e7b4b211f2172cab1bbaf9
77272003f48a9abe401d1d9027b587a7bbfd339c50b155b8e40fe120a29bd2e6
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "77272003F48A9ABE401D1D9027B587A7BBFD339C50B155B8E40FE120A29BD2E6"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Tue, 27 Sep 2022 11:46:29 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 20d8364719631440f0bebab4665d2e90
f1476294bb0a0c76777da274168cdd29cae3f6d2
a58f45e310200eac6c4257e1a0291e8f845296a802a4de2bdc49484103ce22c2
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "A58F45E310200EAC6C4257E1A0291E8F845296A802A4DE2BDC49484103CE22C2"
Last-Modified: Tue, 27 Sep 2022 08:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3579
Expires: Tue, 27 Sep 2022 11:46:56 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 09fa2d95bd099c2114cddaa93253987f
7abf8a73caed087100e7b4b211f2172cab1bbaf9
77272003f48a9abe401d1d9027b587a7bbfd339c50b155b8e40fe120a29bd2e6
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "77272003F48A9ABE401D1D9027B587A7BBFD339C50B155B8E40FE120A29BD2E6"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3572
Expires: Tue, 27 Sep 2022 11:46:49 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 09fa2d95bd099c2114cddaa93253987f
7abf8a73caed087100e7b4b211f2172cab1bbaf9
77272003f48a9abe401d1d9027b587a7bbfd339c50b155b8e40fe120a29bd2e6
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "77272003F48A9ABE401D1D9027B587A7BBFD339C50B155B8E40FE120A29BD2E6"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Tue, 27 Sep 2022 11:46:29 GMT
Date: Tue, 27 Sep 2022 10:47:17 GMT
Connection: keep-alive
onlinebanking.mtb.com/Assets/js/tealium_prod.js
24.75.29.69200 OK 353 B URL HTTP/1.1 onlinebanking.mtb.com/Assets/js/tealium_prod.js
IP 24.75.29.69:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 101ca6821b5179cc585c3e69a33e9380
793e93a26361db3ba129bc9425d1553d9e3432b6
529eb9139f78fc51456067418c9b48bedcc2225fa99cf8602fa529a4097eb5b7
GET /Assets/js/tealium_prod.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 01:43:56 GMT
Accept-Ranges: bytes
ETag: "096929c5bcdd81:0"
Vary: Accept-Encoding
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-21
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-866543357"
Date: Tue, 27 Sep 2022 10:47:17 GMT
Content-Length: 353
Set-Cookie: dtCookie=v_4_srv_9_sn_2428B8517E51927B7C968A284DDE4B92_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_1; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f7f45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a926db7c6e27f7a78b077cbd2224ddfe1b075fcc0cd698cc8c6be6bfb66c31955fcb28e7be456087ec9f1a418a471cdfc97d; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147325c306c2ebd93d18ca1a011c9db87f3a13ad1a5972d665d68b60895169028e90ddefccd3c822b875ca5393fd20075e3; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab2000b0df0d78c301b6cce41ef054b96a60d3d846c81119e2bbb973811a163d1bb5e908d3d259d9113000b850579645253a53973e2d9affd7af61212769851a49ef47529e4fe4728bd017cdbc963a6e781deeaba19e736741537f; Path=/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 10:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 11:02:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0XvfKqrt67pQvpHp_ypd-6luaFCxF3uGPNgXzQWs1fp7TmESuw25xg==
Age: 2191
resources.mtb.com/r/simple-layout-responsive/css.mtb?v=03142022100000
192.216.61.78200 OK 35 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/css.mtb?v=03142022100000
IP 192.216.61.78:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 612ef637c25041c445e4fdf710694d70
c4037320ef3bf75754dbba6ffbb712cc8ea947cd
d3f9b1bf0a23fba1044ec913042d5068e3445fe37aa9dc4ad2dff2b9fbcfbeef
GET /r/simple-layout-responsive/css.mtb?v=03142022100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Expires: Wed, 27 Sep 2023 10:47:17 GMT
Last-Modified: Tue, 27 Sep 2022 10:47:16 GMT
ETag: "1664275637:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1682543323"
Date: Tue, 27 Sep 2022 10:47:16 GMT
ntCoent-Length: 258715
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_9_sn_89E29B4066994F4DBCFAC2217048B207_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd27702b107be54856871f4c3eace35133cdd9508697e10f835cefe582a43d4b0578f2677f5adde5080b8984bc5cbafe53; Path=/
TS0128739d=019f8203fda4624cdbf0201ed95cc90f909e7fa24fcdd9508697e10f835cefe582a43d4b0503c66c5fc7de3b155326f7a6563ae52b694bf238a1939674de8b2a16bd9a12c3; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000d71ec5d4e932897b421d3dc0f24cce4eefd90d9bf7cea2f347228b1fe862b73108cf616a7a1130007dbfc8929c589b71424944ea4b2391aa6050c08785e55d721c590eb665cc921d5e12761248e5209b2e6b1412f194600c; Path=/
Transfer-Encoding: chunked
onlinebanking.mtb.com/Assets/scripts/kessel-help.js
24.75.29.69200 OK 264 B URL HTTP/1.1 onlinebanking.mtb.com/Assets/scripts/kessel-help.js
IP 24.75.29.69:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3c2bde0d87b8030ce922fa69a25639c7
db153aef185e08cbdcaed9197ed62acd474025d6
91f27df0bf447053fd1bf738a96385714404b7c621c9d862d08f126841f13309
GET /Assets/scripts/kessel-help.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 01:43:56 GMT
Accept-Ranges: bytes
ETag: "096929c5bcdd81:0"
Vary: Accept-Encoding
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-21
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="776849799"
Date: Tue, 27 Sep 2022 10:47:17 GMT
Content-Length: 264
Set-Cookie: dtCookie=v_4_srv_9_sn_317CF4AB7A9C9A7F98D3D1232F0C9A0D_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f7f45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a926953fbb4f5252104cd9ddd1e0a59f90f3be77f781c79ff13060c37286f0e084d744cc468952053e6d2b5f578bc7fe2cde; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147793a268cb6846819cf92028aa8c43da3f3b8808315e2206cabe63fa84f0a6400662b7337ab02aab8bdc62f58a878879b; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab20008eceec3bdc0af2f334d835ce5715424b3cbf1fdda570bd5298bcda281d676f9c080087d8e01130004f9762bc45b3a713973e2d9affd7af61bfcf5c9ec61651e37e8c6a39615db01fb35f937bcf5d1324960973375251ed70; Path=/
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1162
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:17 GMT
Last-Modified: Tue, 27 Sep 2022 10:27:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js
24.75.29.69200 OK 86 kB URL HTTP/1.1 onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js
IP 24.75.29.69:0
File type ASCII text, with very long lines (1629)
Hash dfbc58d3a725843d905bb466313afcbf
8642551dc5750aa4e82c2595c2e4d8e28c5658df
7297767ec8d243f3678be6106de01b1facc09b7af1f11178d1de6e8ffce06612
GET /ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=3600
Content-Length: 86087
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Tue, 27 Sep 2022 11:47:17 GMT
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-21
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Date: Tue, 27 Sep 2022 10:47:16 GMT
Set-Cookie: mtbcookie=ffffffffc3a03f7f45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a92649efde6a3d19c9caddc96dd3df7687d0732e0757c3139fe8dbc82e0e64ae38185305e32ce2b9db9257207e45c2eb9fa8; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147cce98f4d0bfe36298e3a9ae5f3072e85c3be2db07d1f9caf0de78cb73939e4087b407eb1aebe7d8aaba3b9fc1d1b4eba; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab200093382b3e954f98b61f888c396bd71568aadf81eca135a45e6e231879110eb94b08db03d17411300005ae0310d7d87e8c973e2d9affd7af6109a3b731cad9ca5728435e090f195842591ef05f8167f7380560a97e8d06d81d; Path=/
onlinebanking.mtb.com/Assets/scripts/Login/Index.js
24.75.29.69200 OK 2.0 kB URL HTTP/1.1 onlinebanking.mtb.com/Assets/scripts/Login/Index.js
IP 24.75.29.69:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash cca50529c6bd8ea1b8e0a88c7461e03d
3eba19d87fa8954e1b129656fd96690db25b3eea
f4369c531116b5d7ab77159d3c25540ed8336e66a3e5b6ff5e9b545dfd5d813b
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 01:43:56 GMT
Accept-Ranges: bytes
ETag: "096929c5bcdd81:0"
Vary: Accept-Encoding
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-21
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-315414310"
Date: Tue, 27 Sep 2022 10:47:17 GMT
Content-Length: 2008
Set-Cookie: dtCookie=v_4_srv_1_sn_16747C7D1BA839117001D2E27DEA2FCF_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f7f45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a926afba60afeb0d3802e3cb220a53fe9b41f61c8d3de55155d3f0865953152ae109eab57b805f90d7e364302bb5c30f2a19; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147a20c4c72bec1f29fa6e4ccb3fbc3b53bc26a1aed1a31e903c8f9b4b3a64520d36d43aad64ba82e6407dc3c18770cfd25; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab200035e70f449de466afbc320c3347d021427e190581f4d15eda185f16e343bbf950085f5c4eb411300041c536d635a82d7c973e2d9affd7af61ee8546d1a09563c7fd3bdd2b5d494a9c24107937d1317a38ca4a9e6cfa9d8fb6; Path=/
onlinebanking.mtb.com/Assets/js/kessel-client-prod.js
24.75.29.69200 OK 118 kB URL HTTP/1.1 onlinebanking.mtb.com/Assets/js/kessel-client-prod.js
IP 24.75.29.69:0
File type ASCII text, with very long lines (63933), with CRLF line terminators
Size 118 kB (118395 bytes)
Hash 5dcfbd47308d65804db355c0b142c275
8fe82f87d9ee268d0b6deed83066451a1ef10d46
d262cc105c8dba27b9c9b94a8f0feae014236ea91e20e1011d4a538ffeb869cf
GET /Assets/js/kessel-client-prod.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 01:43:56 GMT
Accept-Ranges: bytes
ETag: "096929c5bcdd81:0"
Vary: Accept-Encoding
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-21
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1868316116"
Date: Tue, 27 Sep 2022 10:47:16 GMT
Content-Length: 118395
Set-Cookie: dtCookie=v_4_srv_6_sn_670CC835FD1BECAEB1E2F2CA3333C36D_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f7f45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a926b2be63d29bd58d446a33f6e3048ec8c5399758987616fa31bb82f1ba4be08c8653224880f7b05e4f43bdb3c097bbe04c; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed1476bbb87d69c5b1e13c17787f8dbfb75a806f159150c3f81f2a0b981109b7b9cb75fb4bbb733f3cf4045b44fc4a9db949b; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab200089eab00e208efc339728b7603cc3fafff6877b89fcda3fed362c2d32e0d957f8080b50653a113000b2cd4f96f4be748a973e2d9affd7af6143a4f34798268f4e53f680ba043ca2a57144e9aa29d43b9fb4bcd32053952069; Path=/
onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
24.75.29.69200 OK 174 kB URL HTTP/1.1 onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
IP 24.75.29.69:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 174 kB (174150 bytes)
Hash bb6ff9e6dda228438ef706bae3978b9f
ff88bb6795605c783827637f1edb82fdb9f7f01f
df21e7a880373e7adfd23970dfec875072ddd7292611018e41bcff1c4e079445
GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 10:47:17 GMT
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
X-Ion-Hop: 1
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Set-Cookie: e9LegkvD=A83kjn6DAQAAgk8nT8ZqiQvJdEpmvL0P1YO-TOPE6njfOOtH4U9zBeCgJjqoAVtaKpqcuC2nwH8AADQwAAAAAA|1|0|9322bd7fc9ed9d4049677710a78864966b559cd4; Path=/; Max-Age=1577847600; Domain=mtb.com
TS01e71088=01fb46a9268c9f775f1407595fa297ad1140f2562bfbe1dfc54d4916ac9bdfafdd0ac9c79f2fc00263e27946b5651f4ffa05a758a0; Path=/; Domain=.onlinebanking.mtb.com
TS01ea4191=01fb46a9268c9f775f1407595fa297ad1140f2562bfbe1dfc54d4916ac9bdfafdd0ac9c79f2fc00263e27946b5651f4ffa05a758a0; path=/; domain=mtb.com
TSba0bc889027=0856addebbab2000ed6c9c1da30050440a1ea026c642584267b1eb527e12e5255422eb0142354fe008b2e3194c113000aa1a9b5088f97d87973e2d9affd7af611c6c1933103909bcd7a1322e6df303cb5ae001fea2a64419bb0cec939129a08d; Path=/
Transfer-Encoding: chunked
push.services.mozilla.com/
34.218.159.206101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.159.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Fj0kcG0pkJNKCsjCZWREcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cLpCA0sNSZE7I7my1DBQs5uFpz4=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12146
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 10:47:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12146
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 10:47:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 47072
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d79a3a5bd7dc7aa6cab306176fafd11
0d5cb1f3e3ea510308034a5e569c0e65fae30835
57979dfcf6fdc76f04e4790c2b94b876e188ac780aa49d9bfc8a58c498dc4203
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: e7b997d7-f9ce-40c6-b9bb-372ee10d8ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTAfEX5oAMFcHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb9c-31e295e33ead940f381121a1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:43:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jcYkRITjFxLggD37VzQ_YqTXLyvVX7mMxZSHMDzaMAA_uWZKkkXPAg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:48:57 GMT
age: 46702
etag: "0d5cb1f3e3ea510308034a5e569c0e65fae30835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 34884
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash efaaa002eb6251769ea6dbf306ced3a1
9f99fa947a603fd6b10ff149e379cd04ad83d27a
238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 69480
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 46681
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:02:24 GMT
age: 49495
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
resources.mtb.com/Assets/img/mtb-logo.svg
192.216.61.78200 OK 2.0 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-logo.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators
Hash f2b901cf895852a0866fe4a16c7f1730
c4240af1ec798477b4e65a185ddbb1b038817da4
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 21 Sep 2022 01:07:38 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-2011131637"
Date: Tue, 27 Sep 2022 10:47:20 GMT
Content-Length: 2039
Set-Cookie: TSf60233d5027=08affc4e07ab20001c87c79cf3b3cfe52f92a428083c6d6807ae600b10009185a48aad2f75866fdc08f12d49cf1130006b8485ef853024410e14dd63111838f64c7125071db94c509dc3c6c6683f4d04090ca3df011bacf057ae5e52fb535dda; Path=/
resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
192.216.61.78200 OK 230 B URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 916635d10512ae6a1840614a895dcd38
db175de4c42281bb4d239c57d1b95b8e75c529ec
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 21 Sep 2022 01:07:38 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-571711687"
Date: Tue, 27 Sep 2022 10:47:20 GMT
Content-Length: 230
Set-Cookie: TSf60233d5027=08affc4e07ab20002b57c2526c26217c85e85df7334b67e6c676ec2b7f6302f52db1985e2f626ab508c6bfab7611300094f5e51edbcf03d10e14dd63111838f63ee1dba917c49f7a32f7b20ffdb91bd6cc9e610ba2fc38dc7dc920ed90eb3cd6; Path=/
resources.mtb.com/Assets/img/mtb-entrust.svg
192.216.61.78200 OK 1.3 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-entrust.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators
Hash 9a569ad20708d7453d89fe6c72e7fcdc
60b6a41620583484642f7c826faf8e3c879a6374
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 21 Sep 2022 01:07:38 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1763997041"
Date: Tue, 27 Sep 2022 10:47:20 GMT
Content-Length: 1349
Set-Cookie: TSf60233d5027=08affc4e07ab2000b6b0ed915fd01821b01369afcf2b02357524fcb65682eba865ba2375c23b990c08f708c99c11300051c75f21d70f79130e14dd63111838f60db8b747b4b35f59bf5e088181bc91888be86b9c3b87a89fbd023213446196da; Path=/
cdn.quantummetric.com/qscripts/quantum-mtb.js
104.22.53.252301 Moved Permanently 178 B URL HTTP/1.1 cdn.quantummetric.com/qscripts/quantum-mtb.js
IP 104.22.53.252:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://business4alltech.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 10:47:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.quantummetric.com/qscripts/quantum-mtb.js
CF-Cache-Status: HIT
Age: 10
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7513a92219c8b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash d0b509c9adb0dc8aa9bf0ab1980f624d
4a20f57d5c76fbaf00052258421c56d353bf23d1
a57c02ff6838525846993137c7fc52c335392b8ed59f1180a2dff972c81f0824
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 27 Sep 2022 10:47:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 26 Sep 2022 23:36:42 GMT
Expires: Tue, 27 Sep 2022 23:36:42 GMT
ETag: "4a20f57d5c76fbaf00052258421c56d353bf23d1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209150113&cb=1664275638534
23.38.200.249200 OK 2 B URL HTTP/1.1 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209150113&cb=1664275638534
IP 23.38.200.249:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209150113&cb=1664275638534 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://business4alltech.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
Last-Modified: Thu, 14 Apr 2016 16:57:51 GMT
Server: AkamaiNetStorage
Content-Length: 2
Cache-Control: max-age=600
Expires: Tue, 27 Sep 2022 10:57:20 GMT
Date: Tue, 27 Sep 2022 10:47:20 GMT
Connection: keep-alive
ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A83kjn6DAQAA071IRSxM_ztGB6TanL1qGnVXiZGAojbzZ1SlQ09zBeCgJjqoAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775
107.162.179.174200 OK 921 B URL HTTP/1.0 ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A83kjn6DAQAA071IRSxM_ztGB6TanL1qGnVXiZGAojbzZ1SlQ09zBeCgJjqoAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775
IP 107.162.179.174:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 2414cada61ed1b4de5bc067899c0db55
eb7571a80314e91bd397fbf20a42cc16d43e960f
27db571cbd636c430d2dc5abda62ee97ceceba3df5c96cd2c477c25f4c3b2c9d
GET /1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A83kjn6DAQAA071IRSxM_ztGB6TanL1qGnVXiZGAojbzZ1SlQ09zBeCgJjqoAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775 HTTP/1.1
Host: ponos.zeronaught.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.0 200 OK
Access-Control-Allow-Origin: *
Content-Type: text/plain; charset=UTF-8
Connection: close
Content-Length: 921
resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
192.216.61.78200 OK 4.8 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 4776, version 1.0\012- data
Hash ac13691b89191d11d0e5577eb3cf3d53
0126fa82c0ab022e61b5de74f1fe3e204a905a7b
108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://business4alltech.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Wed, 21 Sep 2022 01:07:37 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="901529823", dtTao;desc="1"
Date: Tue, 27 Sep 2022 10:47:20 GMT
Content-Length: 4776
Set-Cookie: dtCookie=v_4_srv_2_sn_2BC13F0294820DEB50674DA0B1EC4BA6_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd502dbbf2a567d748e60c964b3d31cc3ef413e3ab62c755de4fad8dd3f911524eff5d1dabddf757e860c3c25f3054c003; Path=/
TS0128739d=019f8203fdad012b10be8f4d644bee936bc146f7e6f413e3ab62c755de4fad8dd3f911524e0f3e880f9a314f1b6126905c6a9595737a5ce69a37dfefc913c35c1db4aa92e7; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab20004610820f07b04a34f3cbd7c9475f07b0f1cd1a805e7308cb819d8cd2c7292f6008b2338379113000a5d2e133023260210e14dd63111838f62c49c5690981b6a18c5d439407bf6df70f50227d8d11ec373125458585040f85; Path=/
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash fc3e2f0eff5cf10ad05fd5b65ac00fa0
78c9a7bbf69937fd6bae311138da07ab2d71ca11
66c0ac49c7e48140c3b6ce931c4ca4949c1e60206fc2555b9313f0e04951993b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 27 Sep 2022 10:47:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 04:18:08 GMT
Expires: Wed, 28 Sep 2022 04:18:08 GMT
ETag: "78c9a7bbf69937fd6bae311138da07ab2d71ca11"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
192.216.61.78200 OK 64 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://business4alltech.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Wed, 21 Sep 2022 01:07:37 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-439902359", dtTao;desc="1"
Date: Tue, 27 Sep 2022 10:47:20 GMT
Content-Length: 64318
Set-Cookie: dtCookie=v_4_srv_4_sn_EBA347648189E8C6A940867D4F2F4AEE_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd67a8f370e706458df9be8f87dc64e6c0bcd526be861d0acb7fa23543ebcb2be0552f353c9b11e56e1aa0758fee64db09; Path=/
TS0128739d=019f8203fddd99f7f7fc9c4425fa49a174a598d5c8bcd526be861d0acb7fa23543ebcb2be0cfd1e3db6befddf96c4bd54387f0c48f59cf4d801d1cce13be3916519a3c5df5; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000fb61803fe1fecc43a63c22ffabbe504408e4369507bdb4c0591b8f6985ee3f22083ae82f0f113000f33ee50a599ac2480e14dd63111838f6473d255c46e85fea1af371006984f97255408d5249a72cc34d16f854babb6cfa; Path=/
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
52.141.217.134200 OK 899 B URL HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (899), with no line terminators
Hash ede772a1c2ca23ffd3b5f4cbc654faee
82a191c22fc7b94a668a7c4f4edc2552f879d9bd
69da80161fcad2ce6314cb9820aab9da32cd815e1131568adb389079dffeb45d
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 899
date: Tue, 27 Sep 2022 10:47:20 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 47648a96-8a46-4b56-a528-4596f955b317
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
192.216.61.78200 OK 68 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://business4alltech.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Wed, 21 Sep 2022 01:07:37 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1328878535", dtTao;desc="1"
Date: Tue, 27 Sep 2022 10:47:20 GMT
Content-Length: 67671
Set-Cookie: dtCookie=v_4_srv_11_sn_2F3E2D7A8557BC4CB81C8BBD52149520_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fde79d3f79f2f24d913082af102f20c18856538e294b995a0ca5176b5066516f3772f38c08597756226102bbfee614e841; Path=/
TS0128739d=019f8203fd332dd441bc0ef5f5e00120d239cfc00356538e294b995a0ca5176b5066516f371577aa8becdbe05ed7e2aff73c36322405f1abba28d6595ab2323aac82110bf0; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab20006dd19d6b664e68b2c21b9e5050661e9903963ebcd5d8b049900291962063150b084c70c97b113000be179f413bae56010e14dd63111838f692ae56b5720ed8110bfba2e1fe88e1ce16d6cb39e9d14e8544f300d23c1bb289; Path=/
asset.mtb.com/Documents/html/homepage/favicon.ico
54.230.111.59200 OK 15 kB URL HTTP/2 asset.mtb.com/Documents/html/homepage/favicon.ico
IP 54.230.111.59:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash e82f458a5c1c5353a97401eccc925613
949d6c8d06ca14b52f496c20f63fae269b6708c2
cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 14862
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 27 Sep 2022 09:51:58 GMT
last-modified: Wed, 04 May 2022 18:18:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "3dce-5de33a8b9cac0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y_VKrNizpw4k232M1gcP4RkVUVy2_MopygZcKdGUuDEHafja81Dh2g==
age: 3323
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s91573406196234?AQB=1&ndh=1&pf=1&t=27%2F8%2F2022%2010%3A47%3A18%202%200&fid=065EDC79FEA28EF5-35B75E15A72E23A6&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Tuesday%3A6%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664275638524&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
13.36.218.177302 Found 0 B URL HTTP/1.1 mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s91573406196234?AQB=1&ndh=1&pf=1&t=27%2F8%2F2022%2010%3A47%3A18%202%200&fid=065EDC79FEA28EF5-35B75E15A72E23A6&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Tuesday%3A6%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664275638524&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 13.36.218.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/mtb/1/JS-2.9.0/s91573406196234?AQB=1&ndh=1&pf=1&t=27%2F8%2F2022%2010%3A47%3A18%202%200&fid=065EDC79FEA28EF5-35B75E15A72E23A6&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Tuesday%3A6%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664275638524&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://business4alltech.com/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Tue, 27 Sep 2022 10:47:21 GMT
content-type: text/plain;charset=utf-8
expires: Mon, 26 Sep 2022 10:47:21 GMT
last-modified: Wed, 28 Sep 2022 10:47:21 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_nwa=[CS]v4|0-0|6332D4B9[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Thu, 26 Sep 2024 10:47:47 GMT; SameSite=None;
location: http://mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s91573406196234?AQB=1&pccr=true&ndh=1&pf=1&t=27%2F8%2F2022%2010%3A47%3A18%202%200&fid=065EDC79FEA28EF5-35B75E15A72E23A6&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Tuesday%3A6%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664275638524&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 27 Sep 2022 10:47:21 GMT
expires: Tue, 27 Sep 2022 10:47:21 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1659620062241&cv=9&fst=1659620062241&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1659620062241&cv=9&fst=1659620062241&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2408), with no line terminators
Hash d7fcc3025dd21f6191020bf3a5f86547
6e9a10bb09a9413e6b11c07c197d1a2a36c54e29
ba1843144c987e1f11be59118309e368727bc21e1a3e3eb460b8fc9dc3449de8
GET /pagead/viewthroughconversion/990489911/?random=1659620062241&cv=9&fst=1659620062241&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 10:47:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1076
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 11:02:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=589771048&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=589771048&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=589771048&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 10:47:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s91573406196234?AQB=1&pccr=true&ndh=1&pf=1&t=27%2F8%2F2022%2010%3A47%3A18%202%200&fid=065EDC79FEA28EF5-35B75E15A72E23A6&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Tuesday%3A6%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664275638524&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
13.36.218.177200 OK 43 B URL HTTP/1.1 mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s91573406196234?AQB=1&pccr=true&ndh=1&pf=1&t=27%2F8%2F2022%2010%3A47%3A18%202%200&fid=065EDC79FEA28EF5-35B75E15A72E23A6&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Tuesday%3A6%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664275638524&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/mtb/1/JS-2.9.0/s91573406196234?AQB=1&pccr=true&ndh=1&pf=1&t=27%2F8%2F2022%2010%3A47%3A18%202%200&fid=065EDC79FEA28EF5-35B75E15A72E23A6&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Tuesday%3A6%3A30AM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664275638524&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://business4alltech.com/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Tue, 27 Sep 2022 10:47:21 GMT
expires: Mon, 26 Sep 2022 10:47:21 GMT
last-modified: Wed, 28 Sep 2022 10:47:21 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_nwa=[CS]v4|65EDC79FEA28EF5-35B75E15A72E23A6|0[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Thu, 26 Sep 2024 10:47:47 GMT; SameSite=None;
etag: 3574004726243557376-4619793368466114671
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=589771048&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=589771048&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=589771048&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 10:47:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:47:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
54.230.111.64200 OK 221 B URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
IP 54.230.111.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 21:32:00 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6exZHnDtC07JmYExky1g-W7m9fX47doBUCNGuwDH3YIeQKcPouym9A==
age: 47722
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7bcaac4393afff7dddc7255ff78d5850
a29b4b75545fb24e3e8df8fb02a109b18fd98b15
78ab8c4fe3696ab46713ded6bba2b2d51e41057c79795891814cb6234e31e7a3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 10:47:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 00:17:20 GMT
Expires: Sun, 02 Oct 2022 00:17:19 GMT
Etag: "a29b4b75545fb24e3e8df8fb02a109b18fd98b15"
Cache-Control: max-age=393597,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7513a927f9c90b59-OSL
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
52.141.217.134200 OK 666 B URL HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (666), with no line terminators
Hash d3e66b4c08d0fda446403b941c321593
1656204d07833f511e9514af28d525fa40529e2a
37792a4e0888857b540ab16fa5f4a73bba201871131eb5688471cb7c565449cd
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 960
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 666
date: Tue, 27 Sep 2022 10:47:20 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: c7458d4d-a3ff-4a6b-a6b1-50115ca84e19
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
54.230.111.22200 OK 221 B URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
IP 54.230.111.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Mon, 26 Sep 2022 14:22:55 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GjYPfwxyLs2_a_G9dJeXo7o8coRXt9mcIONBR5bvVRL1KlsHnDr5xQ==
age: 73467
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f78c4377fed813c5041f31b116714539
3eca094f337b484fa34d4bbb6e57bbbb2dfd7149
bf2208a8578ac007a94903dc31a9e576b1bb73c3c7a5fdc3e36200d64bec48d7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 10:47:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:15:46 GMT
Expires: Mon, 03 Oct 2022 11:15:45 GMT
Etag: "3eca094f337b484fa34d4bbb6e57bbbb2dfd7149"
Cache-Control: max-age=519503,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7513a927f9030b3d-OSL
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
54.230.111.103200 OK 221 B URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
IP 54.230.111.103:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Tue, 27 Sep 2022 07:50:10 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t4H_UmLVY6mUw87XPYoCxwgzIc74dGBnIjhqt0dUgvSZl4gvs_32jQ==
age: 10632
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.64200 OK 3.2 kB URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.64:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Tue, 27 Sep 2022 00:31:17 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AiT-sMAdWNTcrl5R4608c2cwtoT48p1LJsRGDyDkZ51UkHoCQwInrw==
age: 36965
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.22200 OK 3.2 kB URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.22:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 11:15:39 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6O8WimTpLQ_byddF1wd2hcTWb-HDy2WrsFmhLut8FDkUOHPW7SaS2Q==
age: 84704
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.103200 OK 3.2 kB URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.103:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 18:24:38 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Oc8nKU3v8YNKpJW_wI7R_PdhMycDXONAGGffLxLaXYxsHzA2IGrjJw==
age: 58965
X-Firefox-Spdy: h2
log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1664275641112-sjn0000666-b8891224-54ce-48c8-91c7-995a1d85495f&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51
52.238.253.184204 No Content 0 B URL HTTP/2 log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1664275641112-sjn0000666-b8891224-54ce-48c8-91c7-995a1d85495f&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51
IP 52.238.253.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=mufasa&cdsnum=1664275641112-sjn0000666-b8891224-54ce-48c8-91c7-995a1d85495f&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51 HTTP/1.1
Host: log-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1344
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 10:47:24 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
business4alltech.com/rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D52_sn_EFURR1QJ88QT0622NEMH9SK351E8G66B&svrid=-52&flavor=post&vi=HTHLWQPEVHSUVIWHUHFAWVSUCRATCJGG-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&bp=3&app=893c324bd7e5ac65&crc=3005994486&en=zgefxirc&end=1
207.244.251.248404 Not Found 66 kB URL HTTP/1.1 business4alltech.com/rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D52_sn_EFURR1QJ88QT0622NEMH9SK351E8G66B&svrid=-52&flavor=post&vi=HTHLWQPEVHSUVIWHUHFAWVSUCRATCJGG-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&bp=3&app=893c324bd7e5ac65&crc=3005994486&en=zgefxirc&end=1
IP 207.244.251.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8124), with CRLF, LF line terminators
Hash b720bc76af98198cdf5c04a71f724181
6c7ce366114ca54bad8c8563bd941e4211a9e75b
f3956d270610d996c94de8129b518ea598ccc8dda670973bfd60faa8d7720861
POST /rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D52_sn_EFURR1QJ88QT0622NEMH9SK351E8G66B&svrid=-52&flavor=post&vi=HTHLWQPEVHSUVIWHUHFAWVSUCRATCJGG-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&bp=3&app=893c324bd7e5ac65&crc=3005994486&en=zgefxirc&end=1 HTTP/1.1
Host: business4alltech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 1509
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/wp-content/uploads/2022/08/mtbank/auth.php
Cookie: utag_main=v_id:01837e8edb800009e99898be3b9e00044004600900918$_sn:1$_se:1$_ss:1$_st:1664277435073$ses_id:1664275635073%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:business4alltech.com; dtCookie=v_4_srv_-2D52_sn_EFURR1QJ88QT0622NEMH9SK351E8G66B; rxVisitor=16642756384027Q5OPJH1C55N08L7B7OJAOG6B09GIRD4; dtPC=-52$475638399_792h-vHTHLWQPEVHSUVIWHUHFAWVSUCRATCJGG-0e0; rxvt=1664277439361|1664275638403; dtLatC=58; dtSa=-; cdContextId=2; bmuid=1664275638457-54DB882C-5ADC-4D93-8795-FAE3F5914C50; sc_visit_start=1; s_visitStart=no%20value; s_pv=no%20value; s_vnum=2096275638521%26vn%3D1; s_invisit=true; s_nr=1664275638526-New; s_dslv=1664275638526; s_dslv_s=First%20Visit; s_fid=065EDC79FEA28EF5-35B75E15A72E23A6; s_ppvl=http%253A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php%2C93%2C93%2C939%2C1280%2C939%2C1280%2C1024%2C1%2CP; s_ppv=http%253A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php%2C96%2C96%2C939%2C1280%2C939%2C1280%2C1024%2C1%2CP; s_cc=true; cdSNum=1664275641112-sjn0000666-b8891224-54ce-48c8-91c7-995a1d85495f
HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 10:47:23 GMT
Server: Apache
Access-Control-Allow-Origin: http://business4alltech.com
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://business4alltech.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
resources.mtb.com/r/simple-layout-responsive/js.mtb?v=03142022100000
192.216.61.78200 OK 0 B URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/js.mtb?v=03142022100000
IP 192.216.61.78:0
GET /r/simple-layout-responsive/js.mtb?v=03142022100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Expires: Wed, 27 Sep 2023 10:47:17 GMT
Last-Modified: Tue, 27 Sep 2022 10:47:16 GMT
ETag: "1664275637:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1903950052"
Date: Tue, 27 Sep 2022 10:47:16 GMT
ntCoent-Length: 322405
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_1_sn_2F0E440F22599C3FD6D32EB79FC53D0D_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fdb12fd6bcfacfddebf47039a060ecc1ff155b1b202928751c4b4828db8832bcd904eabaf8ac2554931d56297edaf36198; Path=/
TS0128739d=019f8203fda248292a860e15b74a778f1685a7e04d155b1b202928751c4b4828db8832bcd971ab299a5e169320c1252476e5a799c7fe928610d3982213ef652d7e39e343c5; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200036d31b064ddae14f8ccbc81645490ea371913e6679b5ac02eec4b19105ce6ac8081efa15cc113000a9fab54346c44484424944ea4b2391aa0e77293c5483aeddaf90ab793160f04b8b23958da55a2b37469f5bf36c1b5ca3; Path=/
Transfer-Encoding: chunked
cdn.quantummetric.com/qscripts/quantum-mtb.js
104.22.53.252200 OK 0 B URL HTTP/2 cdn.quantummetric.com/qscripts/quantum-mtb.js
IP 104.22.53.252:0
GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 10:47:17 GMT
content-type: text/javascript
vary: Accept-Encoding
etag: W/"166378973649816613605351101664265602945"
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 11
server: cloudflare
cf-ray: 7513a90cad06b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2