302 Found 0 B URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjectvizhunz.com
Fingerprint17:F8:33:8B:0D:1A:50:01:95:36:CF:D6:5E:77:C2:19:E2:C0:56:4A
ValiditySat, 25 Nov 2023 05:00:14 GMT - Fri, 23 Feb 2024 05:00:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: vizhunz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 18:25:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://www3.mtb.com/
ocsp.entrust.net/
1.6 kB IP
Hash 5ba001fff9ecb3e35802164f3766b1a9
ba54e644b2852c80d94fb00f472250c5115c9232
1b9bbe9b276dcaabe14b3078ede540df3b40f478dbd9adf34cd72adef6eb2205
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "1B9BBE9B276DCAABE14B3078EDE540DF3B40F478DBD9ADF34CD72ADEF6EB2205"
Last-Modified: Tue, 28 Nov 2023 12:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3580
Expires: Tue, 28 Nov 2023 19:25:28 GMT
Date: Tue, 28 Nov 2023 18:25:48 GMT
Connection: keep-alive
200 OK 39 kB URL User Request GET HTTP/2 IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (625), with CRLF, LF line terminators
Hash 8d395498c4e1db199a42fc6edaf2fbb5
fad47458b114a91f4870fd51ccebec139c5d9951
1f05b1154c87dfb68111fe7e8d828593a5c97834cfd8a94bb2ab14fcff34beeb
GET / HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html;charset=utf-8
content-length: 39248
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 17:42:19 GMT
last-modified: Mon, 27 Nov 2023 22:28:06 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "23e01-60b29d0e0a688-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cV9yvA2OOUgfCVs7eWJMOq4S2in2NEdrm3xak5anekiADZJmr5J0ng==
age: 2609
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/clientlib-header.js
200 OK 856 B URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/clientlib-header.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
Hash f08a2dcdee6b33b1b77c2d085e427d96
57ce9110cdc8ff99533fd59d5df0e46fa9d23e62
873c8d09b7dc8da369132e741cbe7e5843aa228f191165fe4b5b24babda94c19
GET /etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/clientlib-header.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 856
accept-ranges: bytes
cache-control: max-age=3600, public, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 18:25:47 GMT
last-modified: Thu, 21 Apr 2022 20:37:43 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "94b-5dd3014f013c0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Fcb5UfSQ414-GurRQmnc4cpH928E5Ij1PjIkNVTu0bvDfvDiQu4cDw==
age: 1
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
200 OK 58 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type ASCII text, with very long lines (1334)
Hash 7475228b6f7589022e5b32e35e6ab1c1
0b42a9681bf83a3fc5cc2a4679f1610fc22a5a0e
8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.css HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css;charset=utf-8
content-length: 57814
accept-ranges: bytes
cache-control: max-age=3600, public, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 18:25:47 GMT
etag: "6a323-5f7e773365580-gzip"
last-modified: Mon, 27 Mar 2023 20:18:46 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4gUP7zxlGjxTRDX8jG5Ggfy8o-W8yFuqXckwDHypmRXQkuVvF6eXjA==
age: 1
X-Firefox-Spdy: h2
www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.png/1682695513883/greenwich-bestbrand-logo-2022.png
200 OK 88 kB URL GET HTTP/2 www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.png/1682695513883/greenwich-bestbrand-logo-2022.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 1280 x 936, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e3e25b8cdb668da7c113a4d2dc29245
6e88af943648241223340349d69ca2cbc248e604
e54fb701404dbfdf89c833056445ffd3cd1a635770755ecf58d6633171ead3d2
GET /content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.png/1682695513883/greenwich-bestbrand-logo-2022.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 87544
accept-ranges: bytes
content-disposition: inline
last-modified: Fri, 28 Apr 2023 15:25:13 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "155f8-5fa6714514840"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BlJwECryoA_aa27iWDHZfHk6JzX_UpON4dRh9ZAM3R2Yhtbe_6MjfQ==
age: 3145
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/alert_new_design.css
200 OK 764 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/alert_new_design.css
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type ASCII text, with CRLF line terminators
Hash 2bd96525445ea9dcfd2b12e750081920
e0fb1636779662e08e17a16b040b5cc25a4fb08d
b5c4f84863e8dae702e1fe95afde0694076e896b6dca5b895749bfcf2736ba68
GET /content/dam/mtb-web/scripts/alert_scripts/alert_new_design.css HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 764
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 13:54:52 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:47 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "8c9-5cf2db47b2300-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PLLB1f2IHwZc9t-G__-EsNfDMUtZXWuVrT36tKwIu870VFJXxy5_KQ==
age: 1468
X-Firefox-Spdy: h2
www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/top10bb.png
200 OK 1.7 kB URL GET HTTP/2 www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/top10bb.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash f9cf99b0792b7c4b4b0e77a55a0bc57a
3a3677a774c33e6050d14727ec88af58270038df
d3031f393f481e7ff2b1c3b5687898027c555769b16bf8022d665f35b38e53ac
GET /content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/top10bb.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1663
accept-ranges: bytes
content-disposition: inline
last-modified: Wed, 13 Oct 2021 14:22:46 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "67f-5ce3cb229d980"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: adY8AG1nFuAFfJvsIkViA_A6dS22GZoVHpoGDyT6hzrfahOoCcXdOQ==
age: 3145
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
200 OK 64 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 64211
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=86400, public, no-cache="set-cookie"
etag: "fb3e-59d634f851c40-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JvcWzblk1Mn6GK0hxTM8MIhyC2lZ7x0Ed3oezFC9PSj2DrH9PugcLg==
age: 2159
X-Firefox-Spdy: h2
www3.mtb.com/content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/green-logo.png
200 OK 22 kB URL GET HTTP/2 www3.mtb.com/content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/green-logo.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 600 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e1d02e141e89a4c45d9c0aa5530bc3a
970e63270ce5fd36c51c3b25724b7b37f014f760
4ab56bfc693e75fbc52de80072dcbcd412efe057dcc099c9b718fb6f85ee129b
GET /content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/green-logo.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 21842
accept-ranges: bytes
content-disposition: inline
last-modified: Tue, 29 Sep 2020 01:18:52 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "5552-5b06990dcd700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: s7_z5SM_bb4NdL1ABtMmKZjxF_xcOd92UjcFR4jqnEI9TwC7vHL4qg==
age: 3392
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/icons/mtb-icon-mortgage-2c-cmyk.png
200 OK 2.0 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icons/mtb-icon-mortgage-2c-cmyk.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 250 x 219, 8-bit colormap, non-interlaced\012- data
Hash 8eb8405ec6e9e761ea45321b2a180ab5
e220ff9fa0d83c5416fd7860621c39b71b756b23
d37a24ba2d508b82283588651c66d6412271fd8a358a4e00fdd97028a3be79b3
GET /content/dam/mtb-web/images/icons/mtb-icon-mortgage-2c-cmyk.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1959
accept-ranges: bytes
content-disposition: inline
last-modified: Mon, 21 Jun 2021 19:11:47 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "7a7-5c54b71dbc2c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6zerqIM1xKvNgTzetCXrfD70pYpxGb_brHj-fFm_0F_jLPGd0gH19Q==
age: 3143
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js
200 OK 2.6 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (348), with CRLF line terminators
Hash a785ae3de97a97fc6ba11041c9dba58f
c17d0e86cd838e9e548b65b6fe4df02a27fa56da
e607f1bf6289a92939620798cea2c6df4696d6b8d374b9bc5e11c7fd114643e5
GET /content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2594
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 18:25:47 GMT
last-modified: Thu, 16 Nov 2023 15:54:02 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "5646-60a4707517a80-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rSe03xclvuuKLB1AbzCtHrmfJaj12EsrToofbJF_4tG5sBpjYBWtvA==
age: 1
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/charReplace.js
200 OK 510 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/charReplace.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 69343d9dcce5b1ebe56595355bfc8203
f65412156c2a2dbbe4f5bd861b4ca77552d7552c
349fcbc04454df744fd82c5e90f76cc8d7d406daad8a3ce2733228ea97362b7a
GET /content/dam/mtb-web/scripts/charReplace.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 510
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 13:21:26 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:47 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "677-5d046deb14180-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oic-mf-AbmKddijnztfpFb9mammJu_HFp8_ahdEOJlZYvhj0fTBhGw==
age: 1468
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/status.js
200 OK 4.4 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/status.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Unicode text, UTF-8 text, with very long lines (457), with CRLF line terminators
Hash 80965724d8ffd17a06b69c110717291a
17a63fa278636a052476817549554f1e88e517eb
4b01cc862c3b0bbd0aa2c42f7f4dcfd9e0136b26d1028b93466b3bbde6fbc8b8
GET /content/dam/mtb-web/scripts/status.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4428
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 18:25:47 GMT
last-modified: Thu, 09 Nov 2023 15:25:14 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "38c8-609b9cf6eaa80-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UQh2jsFyXw58O-OhfITEnwdY61TNMPMsjJgrSkqlHQkVW42MVTOn3w==
age: 1
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
200 OK 28 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (6007)
Hash 2f0066863c3bd710b7c377fa0120740b
ed5fc0b95ec4b3372eea3584cfb7da276135580a
cfb01d57a614c957786e548c6e0f0e45ad764e5f7527b2be97d9653bc13530a3
GET /utag/mtbank/main/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:49 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: PZuUK.nGSoyLZnNSGfnhLHybf5SsM.04
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:47 GMT
etag: W/"2f0066863c3bd710b7c377fa0120740b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8sNQvgNi5HK9Na1kDVULnAm4ffOy37UCFBy0dzZMgvaBwKMAWJVahg==
age: 210
cache-control: max-age=300
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
200 OK 68 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 67671
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 15 Oct 2020 22:08:15 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 17:30:15 GMT
etag: "10857-5b1bce27771c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J7sH_vObhCx5ylYfCnyl9X3qCqGHc-ywyUd3pHdE42s7nIwXuun_2w==
age: 3334
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
200 OK 66 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type gzip compressed data, from Unix\012- data
Hash 5b8017fbf928c1fc2eac2404b58edc69
197fa88b370fd9bd1ad1fa93836b829739904926
4ec76872334ba46cf650551c8aae17b8a03286fdfc97f4492f232ebd9d5cba95
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=86400, public, no-cache="set-cookie"
etag: "1027a-59d634f851c40-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RBKrnaEOenPQyHOUb-OSJjDUB0mFs2vNr8xKY0hHYfmy3PYH7tuCJw==
age: 3476
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/logos/favicon.ico.transform/16x16/image.png
200 OK 401 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/logos/favicon.ico.transform/16x16/image.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f32eaa315f438c20f938353fe16010d8
35763994c45d8bd91ada5da2b9800dae0aa696e5
e8f7f28606aa73ac8d557037ea2733637ce665a2cce96355cc4fbe1a3faade00
GET /content/dam/mtb-web/logos/favicon.ico.transform/16x16/image.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 401
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 09 Nov 2023 21:29:49 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:48 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "191-609bee755ed4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3R3RhRvF4X8yCLMm6rIStr1OGv1hN1ShSfxB_-2JlkTHdeN3khEQ8g==
age: 2603
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/logos/favicon.ico.transform/96x96/image.png
200 OK 2.6 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/logos/favicon.ico.transform/96x96/image.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 4fd768d2f655e21bee5bac3c6b38bd6c
fa02239152ca15fa297333f184883dd23e0a43f0
52f3dce4eae9bf172e485e0c33ad0dc31fd3582f6a3f69354fa4baf932397cd1
GET /content/dam/mtb-web/logos/favicon.ico.transform/96x96/image.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2634
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
date: Tue, 28 Nov 2023 17:42:25 GMT
etag: "a4a-609bf483dee4d"
last-modified: Thu, 09 Nov 2023 21:56:55 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f1nObNfbu3CvckDaUM4h5KQtk8a6HjD5SBMUz7e4oyerI0OJhcq9Mw==
age: 2603
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 263423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.42.js?utv=ut4.51.202106282113
200 OK 69 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.42.js?utv=ut4.51.202106282113
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (855)
Hash 5f85233eee038f754ba6a18b664cc7a4
c0278531916624472adc8ec4a09c1d55ad1081f9
f78552d39980dd2805443ae1e462e254828302d7ad49b3b99e5ed16a033342ef
GET /utag/mtbank/main/prod/utag.42.js?utv=ut4.51.202106282113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:35 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: WiraxjljFhTG49GlHjiqidFB6Ot7qVYl
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"5f85233eee038f754ba6a18b664cc7a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uKySKIDPTGyRjjrCwMXD4eG4yC9IvDb4ZhM5jYuYx8hveVCC9jyUCg==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
200 OK 64 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 64318
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 17:42:12 GMT
etag: "fb3e-59d634f851c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aGsVDcI5b5Df_HgXWxo1Z8Ymo5C7JC6xcZ_ySdTRg4T7SgFLi54wvw==
age: 2617
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf
200 OK 130 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type gzip compressed data, from Unix\012- data
Size 130 kB (129478 bytes)
Hash f03975a4b847a8dae585db29b42806fa
629c174c6975a695331a12d164ee8130e2e0dd3d
074aecd8ed39affc1aea19c1a411dd418a7bb8405508610c8f731f0d29c5c2f5
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-otf
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=86400, public, no-cache="set-cookie"
etag: "22470-59d634f851c40-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P4TD2FNN2x1zBz3qtDnkeLtFJ_Sr56-crnpkbKTryMAfSamMUj7d1A==
age: 3392
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
200 OK 66 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Hash 2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 66170
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 17:30:15 GMT
etag: "1027a-59d634f851c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sHKuRmOrFyWF46FqnCRAK6yNN6Hp_VujSetPxTs-A8zJ8-Hpy7GCSQ==
age: 3334
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.51.202006232100
200 OK 66 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.51.202006232100
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1117)
Hash 2f0f67f4d7267d8569ee7b51d527f5d3
9488053fdd394ebdea97caf7d43805b954312c55
c732ad1fcf2b28288bbbaa82fd08966455952b963e004d6369dd5a86e293ed5f
GET /utag/mtbank/main/prod/utag.43.js?utv=ut4.51.202006232100 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:47 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Gc30cLD0QVQgwn9rZ__OCClFW.C6_LEZ
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"2f0f67f4d7267d8569ee7b51d527f5d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WePL9_gI02sVHYw-2xQfWPEUFiG9Bc9g-snFwfUmD-Y3Ew51qfsatw==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
200 OK 66 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Hash 2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 66170
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 15 Oct 2020 22:08:15 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 17:51:44 GMT
etag: "1027a-5b1bce27771c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Lxc1-akivJGKwnH4WLC_G4d9ug0p3W2Kwj1tfbVmlsSZz8L1NKbI3w==
age: 2045
X-Firefox-Spdy: h2
ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js
200 OK 37 kB URL GET HTTP/2 ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js
IP
Certificate IssuerAmazon
Subject*.segreencolumn.com
FingerprintAC:2F:0B:8B:11:5D:70:82:2B:2D:B6:76:B7:AF:79:45:9F:20:E1:AD
ValidityTue, 18 Jul 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 10458c8d29a0bbf087affa9e21951a55
215f17d606ff12272fd20fb77fa0f6c0af01c3ee
2c603d1edfac89808ddaefca1d7f925e5c03ac7d9a254e20bcb8bf900e6257ed
GET /i/8032d93d154e4517e5e5e20fa9c27d7b.js HTTP/1.1
Host: ob.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 37259
content-encoding: gzip
server: Caddy
date: Tue, 28 Nov 2023 08:19:02 GMT
cache-control: max-age=43200
expires: Tue, 28 Nov 2023 20:14:53 GMT
etag: "18e53-IV8X1gb/Eicv0g+3f6D2wK8Bw+4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Dlnv2yALR2cuW16k4IOuPzaHkf2OSM09CDiYT96RShdfzFVk9vqWYg==
age: 36656
X-Firefox-Spdy: h2
up.pixel.ad/assets/up.js
200 OK 1.6 kB IP
Certificate IssuerDigiCert, Inc.
Subject*.pixel.ad
Fingerprint90:49:0B:53:0F:49:12:53:9F:86:B5:F7:18:5B:E6:4B:FC:E3:D5:1F
ValidityTue, 24 Jan 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3275)
Hash 711eb341d28bbab8a78ad2fd0f559e8d
eefb20f53cc561fa0807dc2a405ac7a5e02dbad4
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
GET /assets/up.js HTTP/1.1
Host: up.pixel.ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
server: AC1.1
x-llid: 9f11de49c6826962db642cd91be206a2
age: 250151
date: Tue, 28 Nov 2023 18:25:49 GMT
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
content-length: 1550
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/main/202311161601&cb=1701195953483
200 OK 2 B URL GET HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/main/202311161601&cb=1701195953483
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=mtbank/main/202311161601&cb=1701195953483 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Nov 2023 18:16:15 GMT
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sUFQdKZeNlVqoBWIHsO-EedkZvPwZrhD0cY4UlQJTkrOOFarEsTH7g==
age: 575
cache-control: max-age=300
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/spanish/es-language-icon.svg
200 OK 676 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/spanish/es-language-icon.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text
Hash bb158bf94b527f234951614b5d7f56ae
e8e29459bac715694e65b37454719a72964236a3
7499aeabeaec2141eb24969619174e22263c858d46b42daeed97a6a27c35035d
GET /content/dam/mtb-web/images/spanish/es-language-icon.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 676
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 13:15:46 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "75c-5cc1c9cd66480-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: emtTpLox7sduG2fkk9aUIUQhSYU1BmVdatAHjc9XO0WJ30bxmdDu1g==
age: 1827
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-948713993
200 OK 75 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-948713993
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash 584c3513a3be0d3d23508cb03507995c
081307900e70a79916ff81b31609623337546957
30f9576c605422566b8e5a316ca319c9df3a5c323a9b5d48a10dad446813419c
GET /gtag/js?id=AW-948713993 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 18:25:49 GMT
expires: Tue, 28 Nov 2023 18:25:49 GMT
cache-control: private, max-age=900
last-modified: Tue, 28 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BAD31FDD829649F2896BB97E23D0942D Ref B: OSL30EDGE0520 Ref C: 2023-11-28T18:25:50Z
date: Tue, 28 Nov 2023 18:25:49 GMT
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=26533687452650324
200 OK 6.1 kB URL GET HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=26533687452650324
IP
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (2516)
Hash b456102a63ff2496c84ba1bce811e433
cd02d2c43b0b17f764b71a8b0fabc47668c1d517
a9381568206e96a4c42111cb8ce439b41dd0265e03b041a42dafd52c865dc3c7
GET /spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=26533687452650324 HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Tue, 28 Nov 2023 18:25:50 GMT
x-envoy-upstream-service-time: 3
be: spx-prod
server: istio-envoy
transfer-encoding: chunked
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/mom-daughter-couch-desktop.jpg
200 OK 99 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/mom-daughter-couch-desktop.jpg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1440x650, components 3\012- data
Hash 1b04d2b352a06662954f38522f2596af
f33145bd443f5dea9975e2aa5245c48db6b5889a
bf1c3d3c93edb5011e8f8b9002275c4ba13f028b733c089d7528cd51dff4c63a
GET /content/dam/mtb-web/images/personal-home-page/mom-daughter-couch-desktop.jpg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 99062
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 11 Mar 2021 18:06:24 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:48 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "182f6-5bd46a4374800"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MfPX5Iv0PYi9d-oK_VhP3ecTm-B1_Aap1SI4f2R7vl7eJ92gAx9Y9Q==
age: 2634
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/convenience-section-image1.png
200 OK 230 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/convenience-section-image1.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 348 x 441, 8-bit/color RGBA, non-interlaced\012- data
Size 230 kB (229468 bytes)
Hash 70ad94b75dfd85edf2838ff874064ee0
cb039ee7e3891762ff9a18a39f876eaf84049dc2
6d22eac589d45bcc1b34ce347a26ad1b1b9b30ae2c395744e0beacea2d083d5f
GET /content/dam/mtb-web/images/personal-home-page/convenience-section-image1.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 229468
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:06:22 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "3805c-5a36fa49cf380"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pMC209sMcA213isPPB4yUdY0HmbqZV66_JYKlQKgoSJbEJ9C-F5jZw==
age: 2719
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/diversity-inclusion/50-50-volunteer.jpg
200 OK 106 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/diversity-inclusion/50-50-volunteer.jpg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], progressive, precision 8, 640x475, components 3\012- data
Size 106 kB (106522 bytes)
Hash fff7810a494fe47b9a449a8438340a4f
b7cc552c6dccfb101b6d2946218c24291650fe9e
6fedf35ac46726adad6f74f4a766269bff2b6c352f85e4f44166d922a6088bab
GET /content/dam/mtb-web/images/diversity-inclusion/50-50-volunteer.jpg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 106522
accept-ranges: bytes
content-disposition: inline
last-modified: Mon, 19 Jul 2021 17:10:22 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "1a01a-5c77d0331fb80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EZPC0NJhrvRb47rkOZ7l7Vzf0N45ZW51gHpYiErIAlpk0_5eEaLooQ==
age: 2719
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
200 OK 31 kB IP
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 17d55d462a7ac104276d15cd68e97625
85fcf9d6c690fcf57061935efcfea164e1f0534c
67bffa703863bdc53510811a189d168601ed7151497ea34e840578828a9c5e43
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: gjFIKYp5PLE7G9yf3dnFdWTIYz/UfAURAM2mRRL2Zy+N2a8DR4nTeClVZDkY99Bfs+pBE8E9sAI=
x-amz-request-id: GWW3RT7DT5YMGZKR
date: Tue, 28 Nov 2023 18:01:31 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1460
content-encoding: gzip
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
obs.segreencolumn.com/ct?id=40173&url=https%3A%2F%2Fwww3.mtb.com%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1701195953953&hl=4&op=0&ag=1317291471&rand=732110866952692518620270270506256900888852902729662256028259029188002817127000351099&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDU5MTddLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDEsMCw1LDY1LDAsMiwwLDAsNSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMTUsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwIl0sWy0xLCJMaW51eCB4ODZfNjQiXSxbLTIsIjgsSXNOOW5HbldiQVlBSXhOZlFhT3FHRTBDRkFRc2NHMDBJbmhPYllCQUtZVU96UU82RVgwMjBJbUdMY3U2MnVyZFAvYzJkMnBObVZaQXdmMy8vOHo3OUdySGExV3UzT21YUFB2ZSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIkhUTUw1XCIsXCJnZW9Mb2NhdG9yXCIsXCJjb29raWVzVXRpbHNcIixcIkRFVlwiLFwiVU5ERUZJTkVEXCIsXCJ0ZWFsaXVtVXRpbHNcIixcIkdFT19MT0NBVElPTl9ERUZBVUxUX1NUUlVDVFwiLFwiVUlFdmVudENvbGxlY3RvclwiLFwiUHJveHlDb2xsZWN0b3JcIixcIlNFUFwiLFwiVXRpbHNcIixcIm1vZGFsT2JqZWN0XCIsXCJQQUlSXCIsXCJCTEFDS0JFUlJZXCIsXCJjdXN0b21FdmVudHNPYmplY3RcIixcImdlb0xvY2F0b3JTdGF0dXNcIixcIkJyb3dzZXJEZXRlY3RcIixcIkhhc2h0YWJsZVwiLFwic3RhcnRzV2l0aFwiLFwiRG9tRGF0YUNvbGxlY3Rpb25cIixcIklFX0ZpbmdlclByaW50XCIsXCJNb3ppbGxhX0ZpbmdlclByaW50XCIsXCJPcGVyYV9GaW5nZXJQcmludFwiLFwiVGltZXJcIixcImdldFJhbmRvbVBvcnRcIixcIkJsYWNrYmVycnlMb2NhdGlvbkNvbGxlY3RvclwiLFwiZGV0ZWN0RmllbGRzXCIsXCJGaW5nZXJQcmludFwiLFwidXJsRW5jb2RlXCIsXCJlbmNvZGVfZGV2aWNlcHJpbnRcIixcImRlY29kZV9kZXZpY2VwcmludFwiLFwicG9zdF9kZXZpY2VwcmludFwiLFwicG9zdF9maW5nZXJwcmludHNcIixcImFkZF9kZXZpY2VwcmludFwiLFwiZm9ybV9hZGRfZGF0YVwiLFwiZm9ybV9hZGRfZGV2aWNlcHJpbnRcIixcImRldGVjdERldmljZUNvbGxlY3Rpb25BUElNb2RlXCIsXCJpbml0XCIsXCJzdGFydENvbGxlY3Rpb25cIixcInN0b3BDb2xsZWN0aW9uXCIsXCJnZXRHZW9sb2NhdGlvblN0cnVjdFwiLFwiSFRNTDVMb2NhdGlvbkNvbGxlY3RvclwiLFwiSW50ZXJhY3Rpb25FbGVtZW50XCIsXCJVSUVsZW1lbnRMaXN0XCIsXCJhY3RpdmVYRGV0ZWN0XCIsXCJzdHJpcElsbGVnYWxDaGFyc1wiLFwic3RyaXBGdWxsUGF0aFwiLFwiY29udmVydFRpbWVzdGFtcFRvR01UXCIsXCJnZXRUaW1lc3RhbXBJbk1pbGxpc1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCIxXCIiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwMTE5NTk1Mzg3NSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsODY3LDAsMywwLDEzLDI3MCwxNywtMSwwLCwsMjUzMCwyNTI5Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDAxMDAwMDAxMDAwMDAwMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDAxIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIxMTM3ODI1MDI4XCIsXCIzODU1MjMxMTkzXCIsXCIyOTU2MjkzMjk3XCJdLFwic1wiOjF9Il0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiVFJkY1FVbFdTMDFLZVZGTlRVbEtBeFlXVmxzWFNseGVTMXhjVjFwV1ZVeFVWeGRhVmxRV1VCWUJDUW9MWFFBS1hRZ01EVndOREFnT1hBeGNERndMQ1Y5WUFGb0xEbDBPV3hkVFNnTUlBdzhCQUE0TUZYVjVVVTFOU1VvREZoWldXeGRLWEY1TFhGeFhXbFpWVEZSWEYxcFdWQlpRRmdFSkNndGRBQXBkQ0F3TlhBME1DQTVjREZ3TVhBc0pYMWdBV2dzT1hRNWJGMU5LQXdnRENna01EUUFWYzNsUlRVMUpTZ01XRmxaYkYwcGNYa3RjWEZkYVZsVk1WRmNYV2xaVUZsQVdBUWtLQzEwQUNsMElEQTFjRFF3SURsd01YQXhjQ3dsZldBQmFDdzVkRGxzWFUwb0RDQU1LQ0FFTkRoVjVVVTFOU1VvREZoWldXeGRLWEY1TFhBPT0iXSxbLTU4LCItIl0sWy01OSwiLSJdLFstNjAsIi0iXSxbLTYxLCItIl0sWy02MiwiNTgiXSxbLTYzLCItIl0sWy02NCwiLSJdLFstNjUsIi0iXSxbLTY2LCItIl0sWy02NywiLSJdLFsiZGRiIiwiMCw4LDAsMSwxLDMsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDMsMCwxLDAsMCwwLDEsMCw0LDM5LDAsMjMsMCwxLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwIl0sWyJibmNoIiwxOTddLFsiYWJuY2giLDE5N11d&dep=0&pre=0&sdd=%7B%7D&cri=yROPo9uLf3&pto=2607&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1701195953.IGDanZ3lLnyV4XQA&suid=1.1701195953.y0ceiwlNlMIOc7Ts&tuid=1.1701195953.b0mxe9GuBlLO7fHi&fbc=->m=WyJwYWdlX3ZpZXciXQ%3D%3D&it=52%2C2046%2C197&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=jx.4.0%3B
200 OK 1.1 kB URL GET HTTP/2 obs.segreencolumn.com/ct?id=40173&url=https%3A%2F%2Fwww3.mtb.com%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1701195953953&hl=4&op=0&ag=1317291471&rand=732110866952692518620270270506256900888852902729662256028259029188002817127000351099&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDU5MTddLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDEsMCw1LDY1LDAsMiwwLDAsNSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMTUsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwIl0sWy0xLCJMaW51eCB4ODZfNjQiXSxbLTIsIjgsSXNOOW5HbldiQVlBSXhOZlFhT3FHRTBDRkFRc2NHMDBJbmhPYllCQUtZVU96UU82RVgwMjBJbUdMY3U2MnVyZFAvYzJkMnBObVZaQXdmMy8vOHo3OUdySGExV3UzT21YUFB2ZSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIkhUTUw1XCIsXCJnZW9Mb2NhdG9yXCIsXCJjb29raWVzVXRpbHNcIixcIkRFVlwiLFwiVU5ERUZJTkVEXCIsXCJ0ZWFsaXVtVXRpbHNcIixcIkdFT19MT0NBVElPTl9ERUZBVUxUX1NUUlVDVFwiLFwiVUlFdmVudENvbGxlY3RvclwiLFwiUHJveHlDb2xsZWN0b3JcIixcIlNFUFwiLFwiVXRpbHNcIixcIm1vZGFsT2JqZWN0XCIsXCJQQUlSXCIsXCJCTEFDS0JFUlJZXCIsXCJjdXN0b21FdmVudHNPYmplY3RcIixcImdlb0xvY2F0b3JTdGF0dXNcIixcIkJyb3dzZXJEZXRlY3RcIixcIkhhc2h0YWJsZVwiLFwic3RhcnRzV2l0aFwiLFwiRG9tRGF0YUNvbGxlY3Rpb25cIixcIklFX0ZpbmdlclByaW50XCIsXCJNb3ppbGxhX0ZpbmdlclByaW50XCIsXCJPcGVyYV9GaW5nZXJQcmludFwiLFwiVGltZXJcIixcImdldFJhbmRvbVBvcnRcIixcIkJsYWNrYmVycnlMb2NhdGlvbkNvbGxlY3RvclwiLFwiZGV0ZWN0RmllbGRzXCIsXCJGaW5nZXJQcmludFwiLFwidXJsRW5jb2RlXCIsXCJlbmNvZGVfZGV2aWNlcHJpbnRcIixcImRlY29kZV9kZXZpY2VwcmludFwiLFwicG9zdF9kZXZpY2VwcmludFwiLFwicG9zdF9maW5nZXJwcmludHNcIixcImFkZF9kZXZpY2VwcmludFwiLFwiZm9ybV9hZGRfZGF0YVwiLFwiZm9ybV9hZGRfZGV2aWNlcHJpbnRcIixcImRldGVjdERldmljZUNvbGxlY3Rpb25BUElNb2RlXCIsXCJpbml0XCIsXCJzdGFydENvbGxlY3Rpb25cIixcInN0b3BDb2xsZWN0aW9uXCIsXCJnZXRHZW9sb2NhdGlvblN0cnVjdFwiLFwiSFRNTDVMb2NhdGlvbkNvbGxlY3RvclwiLFwiSW50ZXJhY3Rpb25FbGVtZW50XCIsXCJVSUVsZW1lbnRMaXN0XCIsXCJhY3RpdmVYRGV0ZWN0XCIsXCJzdHJpcElsbGVnYWxDaGFyc1wiLFwic3RyaXBGdWxsUGF0aFwiLFwiY29udmVydFRpbWVzdGFtcFRvR01UXCIsXCJnZXRUaW1lc3RhbXBJbk1pbGxpc1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCIxXCIiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwMTE5NTk1Mzg3NSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsODY3LDAsMywwLDEzLDI3MCwxNywtMSwwLCwsMjUzMCwyNTI5Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDAxMDAwMDAxMDAwMDAwMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDAxIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIxMTM3ODI1MDI4XCIsXCIzODU1MjMxMTkzXCIsXCIyOTU2MjkzMjk3XCJdLFwic1wiOjF9Il0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiVFJkY1FVbFdTMDFLZVZGTlRVbEtBeFlXVmxzWFNseGVTMXhjVjFwV1ZVeFVWeGRhVmxRV1VCWUJDUW9MWFFBS1hRZ01EVndOREFnT1hBeGNERndMQ1Y5WUFGb0xEbDBPV3hkVFNnTUlBdzhCQUE0TUZYVjVVVTFOU1VvREZoWldXeGRLWEY1TFhGeFhXbFpWVEZSWEYxcFdWQlpRRmdFSkNndGRBQXBkQ0F3TlhBME1DQTVjREZ3TVhBc0pYMWdBV2dzT1hRNWJGMU5LQXdnRENna01EUUFWYzNsUlRVMUpTZ01XRmxaYkYwcGNYa3RjWEZkYVZsVk1WRmNYV2xaVUZsQVdBUWtLQzEwQUNsMElEQTFjRFF3SURsd01YQXhjQ3dsZldBQmFDdzVkRGxzWFUwb0RDQU1LQ0FFTkRoVjVVVTFOU1VvREZoWldXeGRLWEY1TFhBPT0iXSxbLTU4LCItIl0sWy01OSwiLSJdLFstNjAsIi0iXSxbLTYxLCItIl0sWy02MiwiNTgiXSxbLTYzLCItIl0sWy02NCwiLSJdLFstNjUsIi0iXSxbLTY2LCItIl0sWy02NywiLSJdLFsiZGRiIiwiMCw4LDAsMSwxLDMsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDMsMCwxLDAsMCwwLDEsMCw0LDM5LDAsMjMsMCwxLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwIl0sWyJibmNoIiwxOTddLFsiYWJuY2giLDE5N11d&dep=0&pre=0&sdd=%7B%7D&cri=yROPo9uLf3&pto=2607&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1701195953.IGDanZ3lLnyV4XQA&suid=1.1701195953.y0ceiwlNlMIOc7Ts&tuid=1.1701195953.b0mxe9GuBlLO7fHi&fbc=->m=WyJwYWdlX3ZpZXciXQ%3D%3D&it=52%2C2046%2C197&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=jx.4.0%3B
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3189), with no line terminators
Hash e1fbc0df8452d67dc30d1c9ae01f79dd
610d4af821bbdc4c07a2c027194d9ea452bd8fa4
f778bbc1513650b54048b6c3e9f4bc2ef9de07d64b39382fb452caf9f28c87f3
GET /ct?id=40173&url=https%3A%2F%2Fwww3.mtb.com%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1701195953953&hl=4&op=0&ag=1317291471&rand=732110866952692518620270270506256900888852902729662256028259029188002817127000351099&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDU5MTddLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDEsMCw1LDY1LDAsMiwwLDAsNSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMTUsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwIl0sWy0xLCJMaW51eCB4ODZfNjQiXSxbLTIsIjgsSXNOOW5HbldiQVlBSXhOZlFhT3FHRTBDRkFRc2NHMDBJbmhPYllCQUtZVU96UU82RVgwMjBJbUdMY3U2MnVyZFAvYzJkMnBObVZaQXdmMy8vOHo3OUdySGExV3UzT21YUFB2ZSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIkhUTUw1XCIsXCJnZW9Mb2NhdG9yXCIsXCJjb29raWVzVXRpbHNcIixcIkRFVlwiLFwiVU5ERUZJTkVEXCIsXCJ0ZWFsaXVtVXRpbHNcIixcIkdFT19MT0NBVElPTl9ERUZBVUxUX1NUUlVDVFwiLFwiVUlFdmVudENvbGxlY3RvclwiLFwiUHJveHlDb2xsZWN0b3JcIixcIlNFUFwiLFwiVXRpbHNcIixcIm1vZGFsT2JqZWN0XCIsXCJQQUlSXCIsXCJCTEFDS0JFUlJZXCIsXCJjdXN0b21FdmVudHNPYmplY3RcIixcImdlb0xvY2F0b3JTdGF0dXNcIixcIkJyb3dzZXJEZXRlY3RcIixcIkhhc2h0YWJsZVwiLFwic3RhcnRzV2l0aFwiLFwiRG9tRGF0YUNvbGxlY3Rpb25cIixcIklFX0ZpbmdlclByaW50XCIsXCJNb3ppbGxhX0ZpbmdlclByaW50XCIsXCJPcGVyYV9GaW5nZXJQcmludFwiLFwiVGltZXJcIixcImdldFJhbmRvbVBvcnRcIixcIkJsYWNrYmVycnlMb2NhdGlvbkNvbGxlY3RvclwiLFwiZGV0ZWN0RmllbGRzXCIsXCJGaW5nZXJQcmludFwiLFwidXJsRW5jb2RlXCIsXCJlbmNvZGVfZGV2aWNlcHJpbnRcIixcImRlY29kZV9kZXZpY2VwcmludFwiLFwicG9zdF9kZXZpY2VwcmludFwiLFwicG9zdF9maW5nZXJwcmludHNcIixcImFkZF9kZXZpY2VwcmludFwiLFwiZm9ybV9hZGRfZGF0YVwiLFwiZm9ybV9hZGRfZGV2aWNlcHJpbnRcIixcImRldGVjdERldmljZUNvbGxlY3Rpb25BUElNb2RlXCIsXCJpbml0XCIsXCJzdGFydENvbGxlY3Rpb25cIixcInN0b3BDb2xsZWN0aW9uXCIsXCJnZXRHZW9sb2NhdGlvblN0cnVjdFwiLFwiSFRNTDVMb2NhdGlvbkNvbGxlY3RvclwiLFwiSW50ZXJhY3Rpb25FbGVtZW50XCIsXCJVSUVsZW1lbnRMaXN0XCIsXCJhY3RpdmVYRGV0ZWN0XCIsXCJzdHJpcElsbGVnYWxDaGFyc1wiLFwic3RyaXBGdWxsUGF0aFwiLFwiY29udmVydFRpbWVzdGFtcFRvR01UXCIsXCJnZXRUaW1lc3RhbXBJbk1pbGxpc1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCIxXCIiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwMTE5NTk1Mzg3NSwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsODY3LDAsMywwLDEzLDI3MCwxNywtMSwwLCwsMjUzMCwyNTI5Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDAxMDAwMDAxMDAwMDAwMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDAxIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIxMTM3ODI1MDI4XCIsXCIzODU1MjMxMTkzXCIsXCIyOTU2MjkzMjk3XCJdLFwic1wiOjF9Il0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiVFJkY1FVbFdTMDFLZVZGTlRVbEtBeFlXVmxzWFNseGVTMXhjVjFwV1ZVeFVWeGRhVmxRV1VCWUJDUW9MWFFBS1hRZ01EVndOREFnT1hBeGNERndMQ1Y5WUFGb0xEbDBPV3hkVFNnTUlBdzhCQUE0TUZYVjVVVTFOU1VvREZoWldXeGRLWEY1TFhGeFhXbFpWVEZSWEYxcFdWQlpRRmdFSkNndGRBQXBkQ0F3TlhBME1DQTVjREZ3TVhBc0pYMWdBV2dzT1hRNWJGMU5LQXdnRENna01EUUFWYzNsUlRVMUpTZ01XRmxaYkYwcGNYa3RjWEZkYVZsVk1WRmNYV2xaVUZsQVdBUWtLQzEwQUNsMElEQTFjRFF3SURsd01YQXhjQ3dsZldBQmFDdzVkRGxzWFUwb0RDQU1LQ0FFTkRoVjVVVTFOU1VvREZoWldXeGRLWEY1TFhBPT0iXSxbLTU4LCItIl0sWy01OSwiLSJdLFstNjAsIi0iXSxbLTYxLCItIl0sWy02MiwiNTgiXSxbLTYzLCItIl0sWy02NCwiLSJdLFstNjUsIi0iXSxbLTY2LCItIl0sWy02NywiLSJdLFsiZGRiIiwiMCw4LDAsMSwxLDMsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDMsMCwxLDAsMCwwLDEsMCw0LDM5LDAsMjMsMCwxLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwIl0sWyJibmNoIiwxOTddLFsiYWJuY2giLDE5N11d&dep=0&pre=0&sdd=%7B%7D&cri=yROPo9uLf3&pto=2607&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1701195953.IGDanZ3lLnyV4XQA&suid=1.1701195953.y0ceiwlNlMIOc7Ts&tuid=1.1701195953.b0mxe9GuBlLO7fHi&fbc=->m=WyJwYWdlX3ZpZXciXQ%3D%3D&it=52%2C2046%2C197&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=jx.4.0%3B HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Tue, 28 Nov 2023 18:25:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=767793c568381db1f0642862bef72e26; Max-Age=29030400; Path=/; Expires=Tue, 29 Oct 2024 18:25:50 GMT; HttpOnly; Secure; SameSite=None
content-length: 1137
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/destination?id=AW-875517505&l=dataLayer&cx=c
200 OK 74 kB URL GET HTTP/3 www.googletagmanager.com/gtag/destination?id=AW-875517505&l=dataLayer&cx=c
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash 49c728a37bbebd38e5df1f796ad1c850
f28e1d2bd8673736142ad515fcf8b1efc40eb853
8ebe5422a404056842bf98bb639c7b8b409742b925c95f3dc067e309b172c06c
GET /gtag/destination?id=AW-875517505&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 18:25:50 GMT
expires: Tue, 28 Nov 2023 18:25:50 GMT
cache-control: private, max-age=900
last-modified: Tue, 28 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74402
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 263424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/gtag/js?id=AW-875517505
200 OK 74 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=AW-875517505
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash e08f1f07dfebc388d5bc41ba110e878b
14da5cb0edf6b166b585298b41d8e92b6d9c744f
488d2f6cf4812966245d976d88b84d6cc67f2c4aae61e91db9772d823a07ae82
GET /gtag/js?id=AW-875517505 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 18:25:50 GMT
expires: Tue, 28 Nov 2023 18:25:50 GMT
cache-control: private, max-age=900
last-modified: Tue, 28 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/gtag/js?id=AW-875517505&l=dataLayer&cx=c
200 OK 74 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=AW-875517505&l=dataLayer&cx=c
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash 29f831ead5acd9eb89a7d8970e65fadb
613972432fb027339cf286abdb6f188534ca943f
12da06d379bd45573cd0a958e68643b73b666bc8b5a8b5d7ed8dc2e811c42f9c
GET /gtag/js?id=AW-875517505&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 18:25:50 GMT
expires: Tue, 28 Nov 2023 18:25:50 GMT
cache-control: private, max-age=900
last-modified: Tue, 28 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74351
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aefc63cef4e8f9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f674e84848e0e2f6c1ef870740c866f8d6391043601219b54020d605258c4eb694977be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7817720f0ba6882c362f02f2f31c7b8ca8f52dc6e15c201d7aa2a5ac9d9c75b7cfc248b5038e523865ceec86a7b376cccee879cf774a91bac3330751b0266cb6cd5036f08ba4299014e354e6d10ac84ed7dd3d916976c9c735d26691d1f4e1dcfde90b54893daaa9a83b5b36a0c126c1a648b7595443820b0fc79284d881a4c570866ad194f5d038ef767c27d26a3995d4df0e2bd3fc78ae02f198409a37f73d4e0b1a8c33bc2cd2cca973aeac3e8744a7c09c95278a596563f6591845554f3e9fec2cf40b94dc8964fda72aa6c27e89ccbfb032dce0bd11372dd9a7111089e5471556a6bfac7ba23a9ef641ece62aae61a1319553d408caa93cc7182ff8b393663f3c621f370a5c17a9e9e170c056f21c1a5123eab551de9f180dffb1dab3b96fdc949388d7a6c5f2173362b22182de381f915f7758923a096366e47ab1771ec2eac06a8f69d22695e22c9eed54de27717d5d7b03409ba4a7c9206911df411187d9cbbaaecb54059fb1b4789fca70658ad24f743cf0e69c247dcb588209e743f12389509b9e01f2d15ffe89ca96c15568effc2937d332f7f1eff847d8356b4867c13f1a0fefb1558ef0069eccd9da5ece86842f1c771aef2fa104b647f2dc2b84381d641d66616dbe19ddd0215fb873d2f8b6669bdd47d2312ff30d6e75dc91917806b122aed74e8d153b561be07879cf&cri=yROPo9uLf3&ts=684&cb=1701195954637
200 OK 43 B URL GET HTTP/2 obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aefc63cef4e8f9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f674e84848e0e2f6c1ef870740c866f8d6391043601219b54020d605258c4eb694977be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7817720f0ba6882c362f02f2f31c7b8ca8f52dc6e15c201d7aa2a5ac9d9c75b7cfc248b5038e523865ceec86a7b376cccee879cf774a91bac3330751b0266cb6cd5036f08ba4299014e354e6d10ac84ed7dd3d916976c9c735d26691d1f4e1dcfde90b54893daaa9a83b5b36a0c126c1a648b7595443820b0fc79284d881a4c570866ad194f5d038ef767c27d26a3995d4df0e2bd3fc78ae02f198409a37f73d4e0b1a8c33bc2cd2cca973aeac3e8744a7c09c95278a596563f6591845554f3e9fec2cf40b94dc8964fda72aa6c27e89ccbfb032dce0bd11372dd9a7111089e5471556a6bfac7ba23a9ef641ece62aae61a1319553d408caa93cc7182ff8b393663f3c621f370a5c17a9e9e170c056f21c1a5123eab551de9f180dffb1dab3b96fdc949388d7a6c5f2173362b22182de381f915f7758923a096366e47ab1771ec2eac06a8f69d22695e22c9eed54de27717d5d7b03409ba4a7c9206911df411187d9cbbaaecb54059fb1b4789fca70658ad24f743cf0e69c247dcb588209e743f12389509b9e01f2d15ffe89ca96c15568effc2937d332f7f1eff847d8356b4867c13f1a0fefb1558ef0069eccd9da5ece86842f1c771aef2fa104b647f2dc2b84381d641d66616dbe19ddd0215fb873d2f8b6669bdd47d2312ff30d6e75dc91917806b122aed74e8d153b561be07879cf&cri=yROPo9uLf3&ts=684&cb=1701195954637
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126aefc63cef4e8f9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f674e84848e0e2f6c1ef870740c866f8d6391043601219b54020d605258c4eb694977be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7817720f0ba6882c362f02f2f31c7b8ca8f52dc6e15c201d7aa2a5ac9d9c75b7cfc248b5038e523865ceec86a7b376cccee879cf774a91bac3330751b0266cb6cd5036f08ba4299014e354e6d10ac84ed7dd3d916976c9c735d26691d1f4e1dcfde90b54893daaa9a83b5b36a0c126c1a648b7595443820b0fc79284d881a4c570866ad194f5d038ef767c27d26a3995d4df0e2bd3fc78ae02f198409a37f73d4e0b1a8c33bc2cd2cca973aeac3e8744a7c09c95278a596563f6591845554f3e9fec2cf40b94dc8964fda72aa6c27e89ccbfb032dce0bd11372dd9a7111089e5471556a6bfac7ba23a9ef641ece62aae61a1319553d408caa93cc7182ff8b393663f3c621f370a5c17a9e9e170c056f21c1a5123eab551de9f180dffb1dab3b96fdc949388d7a6c5f2173362b22182de381f915f7758923a096366e47ab1771ec2eac06a8f69d22695e22c9eed54de27717d5d7b03409ba4a7c9206911df411187d9cbbaaecb54059fb1b4789fca70658ad24f743cf0e69c247dcb588209e743f12389509b9e01f2d15ffe89ca96c15568effc2937d332f7f1eff847d8356b4867c13f1a0fefb1558ef0069eccd9da5ece86842f1c771aef2fa104b647f2dc2b84381d641d66616dbe19ddd0215fb873d2f8b6669bdd47d2312ff30d6e75dc91917806b122aed74e8d153b561be07879cf&cri=yROPo9uLf3&ts=684&cb=1701195954637 HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=767793c568381db1f0642862bef72e26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Tue, 28 Nov 2023 18:25:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1600
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=767793c568381db1f0642862bef72e26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:50 GMT
content-length: 0
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=oj9l6jd5znki
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:26:09 GMT
expires: Fri, 22 Nov 2024 23:26:09 GMT
cache-control: public, max-age=31536000
age: 413981
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=oj9l6jd5znki
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:23:18 GMT
expires: Fri, 22 Nov 2024 23:23:18 GMT
cache-control: public, max-age=31536000
age: 414152
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
200 OK 191 kB URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=oj9l6jd5znki
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190794 bytes)
Hash 46561da768f0a7b8369ccdc80964ea91
8f43d31955a2a643314958c2f62cf79b6aef7771
51c6f5d8a9d51815464fbf6f3010c767bc7cd3421ef4607f93a2dce22470b659
GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=oj9l6jd5znki
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Nov 2023 18:25:50 GMT
date: Tue, 28 Nov 2023 18:25:50 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
44.212.189.233/is
200 OK 32 B IP
Certificate IssuerSectigo Limited
Subject44.212.189.233
Fingerprint22:CB:0C:58:DC:72:D7:0A:ED:D2:00:94:C4:93:F9:1A:08:49:49:CB
ValidityWed, 15 Feb 2023 00:00:00 GMT - Thu, 15 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 1b482d807f11425bb04a9de0754a41b4
f1a7e44edafe8dba317fb4d9e0e6af04029779eb
56a42e54be4140cef22364554022f9ee1acefbf1c282d44b383f308e8a89caea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /is HTTP/1.1
Host: 44.212.189.233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 28 Nov 2023 18:25:50 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=oj9l6jd5znki
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:37:43 GMT
expires: Wed, 29 Nov 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 506887
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/pagead/1p-conversion/875517505/?random=1701195954696&cv=11&fst=1701195954696&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1085806092.1701195954&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL GET HTTP/3 www.google.com/pagead/1p-conversion/875517505/?random=1701195954696&cv=11&fst=1701195954696&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1085806092.1701195954&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
GET /pagead/1p-conversion/875517505/?random=1701195954696&cv=11&fst=1701195954696&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1085806092.1701195954&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 18:25:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/875517505/?random=1701195954696&cv=11&fst=1701195954696&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1085806092.1701195954&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bat.bing.com/bat.js
200 OK 13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1F8DDBFD99F645B0BFA67EE83AC6C478 Ref B: OSL30EDGE0520 Ref C: 2023-11-28T18:25:51Z
date: Tue, 28 Nov 2023 18:25:50 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5564484&Ver=2&mid=a8892b7f-f309-48e6-acb3-d3f1d66865d2&sid=90ff71d08e1b11eeb94905b65a2f6926&vid=90ff8f308e1b11eebc400b1d8a5d23a9&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fwww3.mtb.com%2F&sw=1280&sh=1024&sc=24&evt=custom&rn=289018
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=5564484&Ver=2&mid=a8892b7f-f309-48e6-acb3-d3f1d66865d2&sid=90ff71d08e1b11eeb94905b65a2f6926&vid=90ff8f308e1b11eebc400b1d8a5d23a9&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fwww3.mtb.com%2F&sw=1280&sh=1024&sc=24&evt=custom&rn=289018
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5564484&Ver=2&mid=a8892b7f-f309-48e6-acb3-d3f1d66865d2&sid=90ff71d08e1b11eeb94905b65a2f6926&vid=90ff8f308e1b11eebc400b1d8a5d23a9&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fwww3.mtb.com%2F&sw=1280&sh=1024&sc=24&evt=custom&rn=289018 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1557751B82E769611A6566CC83126830; domain=.bing.com; expires=Sun, 22-Dec-2024 18:25:51 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6EA62F0186414D51AE80923CFDB4FE17 Ref B: OSL30EDGE0520 Ref C: 2023-11-28T18:25:51Z
date: Tue, 28 Nov 2023 18:25:50 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/5564484.js
204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/5564484.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5564484.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 35C113FE6A40450F8164B13B1347B73C Ref B: OSL30EDGE0520 Ref C: 2023-11-28T18:25:51Z
date: Tue, 28 Nov 2023 18:25:50 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5564484&Ver=2&mid=a8892b7f-f309-48e6-acb3-d3f1d66865d2&sid=90ff71d08e1b11eeb94905b65a2f6926&vid=90ff8f308e1b11eebc400b1d8a5d23a9&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=2007&evt=pageLoad&sv=1&rn=578769
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=5564484&Ver=2&mid=a8892b7f-f309-48e6-acb3-d3f1d66865d2&sid=90ff71d08e1b11eeb94905b65a2f6926&vid=90ff8f308e1b11eebc400b1d8a5d23a9&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=2007&evt=pageLoad&sv=1&rn=578769
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5564484&Ver=2&mid=a8892b7f-f309-48e6-acb3-d3f1d66865d2&sid=90ff71d08e1b11eeb94905b65a2f6926&vid=90ff8f308e1b11eebc400b1d8a5d23a9&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=2007&evt=pageLoad&sv=1&rn=578769 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=075AD69435F46D8B177EC54334016C8A; domain=.bing.com; expires=Sun, 22-Dec-2024 18:25:51 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA1C70746EC24F6BA811032AEAFE5404 Ref B: OSL30EDGE0520 Ref C: 2023-11-28T18:25:51Z
date: Tue, 28 Nov 2023 18:25:50 GMT
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10108773.json
200 OK 2 B URL GET HTTP/2 s.yimg.com/wi/config/10108773.json
IP
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10108773.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: ADEYM2MQSMS70MTN
x-amz-id-2: vNKHJlEsGiXKUk+/e+pSimoUXR3h16GevAdLYGYs2TvNhtwXKoXhpVAaLYwgS2CMNI/CE/hei9s=
content-type: application/json
date: Tue, 28 Nov 2023 17:46:26 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 2365
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10087193.json
200 OK 2 B URL GET HTTP/2 s.yimg.com/wi/config/10087193.json
IP
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10087193.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: ZGH336KGKHDWBN9C
x-amz-id-2: qwADSEvzDWVmJ28TMetagonUylToDgXABdP5RddnhBCpPr4UYN38JdNfmi8jV6xs42D5vbDx+cM=
content-type: application/json
date: Tue, 28 Nov 2023 17:46:26 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 2366
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=1285830770.1701195955>m=45je3b81v890340193&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=893463209
200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=1285830770.1701195955>m=45je3b81v890340193&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=893463209
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=1285830770.1701195955>m=45je3b81v890340193&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=893463209 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 18:25:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/p/action/331000312.js
204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/331000312.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/331000312.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC626C6BA14C42F892380C9E5B25F06B Ref B: OSL30EDGE0520 Ref C: 2023-11-28T18:25:51Z
date: Tue, 28 Nov 2023 18:25:50 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=331000312&Ver=2&mid=b92b679f-155f-4efe-9747-8cf571dfcb80&sid=90ff71d08e1b11eeb94905b65a2f6926&vid=90ff8f308e1b11eebc400b1d8a5d23a9&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=2007&evt=pageLoad&sv=1&rn=986344
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=331000312&Ver=2&mid=b92b679f-155f-4efe-9747-8cf571dfcb80&sid=90ff71d08e1b11eeb94905b65a2f6926&vid=90ff8f308e1b11eebc400b1d8a5d23a9&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=2007&evt=pageLoad&sv=1&rn=986344
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=331000312&Ver=2&mid=b92b679f-155f-4efe-9747-8cf571dfcb80&sid=90ff71d08e1b11eeb94905b65a2f6926&vid=90ff8f308e1b11eebc400b1d8a5d23a9&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=2007&evt=pageLoad&sv=1&rn=986344 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2BF86A650E666C27361179B20F936DC7; domain=.bing.com; expires=Sun, 22-Dec-2024 18:25:51 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5C57FA4EE470462A8D599ED028E4A0D9 Ref B: OSL30EDGE0520 Ref C: 2023-11-28T18:25:51Z
date: Tue, 28 Nov 2023 18:25:50 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/875517505/?random=1701195954696&cv=11&fst=1701195954696&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1085806092.1701195954&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
200 OK 63 B URL GET HTTP/2 www.google.no/pagead/1p-conversion/875517505/?random=1701195954696&cv=11&fst=1701195954696&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1085806092.1701195954&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
GET /pagead/1p-conversion/875517505/?random=1701195954696&cv=11&fst=1701195954696&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1085806092.1701195954&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 18:25:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-help.svg
200 OK 931 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-help.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1143)
Hash 401f2aa30daca46465a48f007e42d17a
8a6a9a765897914c6889ed16d4370de277ed5745
82134ea271ca7ba724d3b891a4a71c6f610fe9f2bcd6f02c08a2eff0d6e71c69
GET /content/dam/mtb-web/images/icon-global-nav-help.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _ga_ZTNQ6ZK8T0=GS1.1.1701195954.1.0.1701195954.60.0.0; _ga=GA1.1.1285830770.1701195955; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 931
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 13:50:53 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:51 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "8bc-5f8fba9cfc940-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: l9Gay2raOrtN5EcEF8Te8B7OiBgimopFOPKw3D7hBNTDdD3yMo4vkA==
age: 998
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-locations.svg
200 OK 1.7 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-locations.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2805)
Hash 2d5e99addbd1e6dc95f20a44f98061f6
e29dd23e310eaddb731466e0f7a6431cd1bfdce8
b2493339703121b6a52253a56137030327c8b5925609f1c2226cf938be8894d3
GET /content/dam/mtb-web/images/icon-global-nav-locations.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _ga_ZTNQ6ZK8T0=GS1.1.1701195954.1.0.1701195954.60.0.0; _ga=GA1.1.1285830770.1701195955; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1674
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 13:50:53 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:51 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "fe6-5f8fba9cfc940-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EI2O08fOSu0Rl0qIt5nMbwbqI_FS5qtlz2aPKpEBAPmRsyjq1KF-Lw==
age: 998
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-hamburger-menu.svg
200 OK 636 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-hamburger-menu.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1198)
Hash baa94a4a3579b083238e95bb192e964b
448e73b3e57dfc5d9ee2fe2c5f6ea67fbd7f647c
93408940d1f3117f4684536d8efb0c77c24cd7806eb01b2127ce3925554f09cc
GET /content/dam/mtb-web/images/icon-global-nav-hamburger-menu.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _ga_ZTNQ6ZK8T0=GS1.1.1701195954.1.0.1701195954.60.0.0; _ga=GA1.1.1285830770.1701195955; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 636
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 13:50:53 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:51 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "5c1-5f8fba9cfc940-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5W0FmzDkN0DxbKarbcXitG08SQ-stjFXR8iSE2So3VrshietM34OBg==
age: 1194
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/deposit-checks.png
200 OK 5.2 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/deposit-checks.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 128 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 1314c26c1db30595deabc7e7ce73a143
e0697c410e75838981ec13d1f64d9885c58b95cf
ac2a3fad1df522eaebc212276131cec5eed994c3c8cf129707710430bb5246c0
GET /content/dam/mtb-web/images/personal-home-page/deposit-checks.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _ga_ZTNQ6ZK8T0=GS1.1.1701195954.1.0.1701195954.60.0.0; _ga=GA1.1.1285830770.1701195955; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5235
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:05:54 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=3600, no-cache="set-cookie"
date: Tue, 28 Nov 2023 18:00:24 GMT
etag: "1473-5a36fa2f1b480"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: miZIfLfZt8uBCF5G7iQd9Fz1cv29rr7gjMgkkd3vCKH-AbTeYW0fVw==
age: 1527
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-search.svg
200 OK 1.5 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-search.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2737)
Hash d22e8db2016665cdb32713eb29a3a62b
a37f1d9e9eb6d117b2e9b9c8aa4d2c2f2b217c55
9c49dac4667fa294a2dfcd63d4cd4080c9b33b41d1c818131669dfac46de2d1d
GET /content/dam/mtb-web/images/icon-global-nav-search.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _ga_ZTNQ6ZK8T0=GS1.1.1701195954.1.0.1701195954.60.0.0; _ga=GA1.1.1285830770.1701195955; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1535
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 13:50:53 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:51 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "e62-5f8fba9cfc940-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GpKZqZ_nvgwhSdvvMKGwELAFyx0_NdRLScSOHZ-uECIZmiGww96sWQ==
age: 2649
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/track-your-spending.png
200 OK 9.4 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/track-your-spending.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 128 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ea62e1d82af2e27d7661b0c5f90b53b
104898133a8123f72a011673403815b7b94412c3
cab73fb1f71a5bfae2e952c05850d3092260d62737b8f25ee7519135fd1edbad
GET /content/dam/mtb-web/images/personal-home-page/track-your-spending.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _ga_ZTNQ6ZK8T0=GS1.1.1701195954.1.0.1701195954.60.0.0; _ga=GA1.1.1285830770.1701195955; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 9422
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:06:13 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=3600, no-cache="set-cookie"
date: Tue, 28 Nov 2023 18:00:24 GMT
etag: "24ce-5a36fa4139f40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SKscbgC9pcxjt_KpodDxA38OvOEuc7DzZSCaDK5plY4cgHDTaAs6ug==
age: 1527
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/android-ios.png
200 OK 7.4 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/android-ios.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 128 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash eba33f328e6cecba4e9a123a8ccb6873
38bf3f58d9f61b1f9c903028b7b0b3cd527133f8
6ca07131dbacc8c13bb8995350caa65d0ae83e838e6b115086f8b4bfda1e73ee
GET /content/dam/mtb-web/images/personal-home-page/android-ios.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195953.IGDanZ3lLnyV4XQA; _cq_suid=1.1701195953.y0ceiwlNlMIOc7Ts; _gcl_au=1.1.1085806092.1701195954; _ga_ZTNQ6ZK8T0=GS1.1.1701195954.1.0.1701195954.60.0.0; _ga=GA1.1.1285830770.1701195955; _uetsid=90ff71d08e1b11eeb94905b65a2f6926; _uetvid=90ff8f308e1b11eebc400b1d8a5d23a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7379
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:05:56 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=3600, no-cache="set-cookie"
date: Tue, 28 Nov 2023 18:00:24 GMT
etag: "1cd3-5a36fa3103900"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1sXh91Oh4y9gGH82Qi82R2Ov_ICiSCLCDiSDEqETbO0Wtzzx0DhF-A==
age: 1527
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195953469&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1285830770.1701195955&ul=en-us&sr=1280x1024&_s=1&sid=1701195954&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=4GigK3ZGfRVFw8yx&ep.channelmix_event_id=4GigK3ZGfRVFw8yx&ep.channelmix_conv_id=4GigK3ZGfRVFw8yx-4GigK3ZGfRVFw8yx&epn.channelmix_timestamp=1701195953477&tfd=3624
204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195953469&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1285830770.1701195955&ul=en-us&sr=1280x1024&_s=1&sid=1701195954&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=4GigK3ZGfRVFw8yx&ep.channelmix_event_id=4GigK3ZGfRVFw8yx&ep.channelmix_conv_id=4GigK3ZGfRVFw8yx-4GigK3ZGfRVFw8yx&epn.channelmix_timestamp=1701195953477&tfd=3624
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195953469&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1285830770.1701195955&ul=en-us&sr=1280x1024&_s=1&sid=1701195954&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=4GigK3ZGfRVFw8yx&ep.channelmix_event_id=4GigK3ZGfRVFw8yx&ep.channelmix_conv_id=4GigK3ZGfRVFw8yx-4GigK3ZGfRVFw8yx&epn.channelmix_timestamp=1701195953477&tfd=3624 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www3.mtb.com
date: Tue, 28 Nov 2023 18:25:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2121
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=767793c568381db1f0642862bef72e26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:51 GMT
content-length: 0
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2116
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=767793c568381db1f0642862bef72e26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:51 GMT
content-length: 0
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1285830770.1701195955&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221285830770.1701195955%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221285830770.1701195955%22%2C%22mntnis%22%3A%22xxhnExhzyzanRsg%2FBm3Z0crI8n3irFqo%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1285830770.1701195955&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195954%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=26533687452650324&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
200 OK 1.2 kB URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1285830770.1701195955&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221285830770.1701195955%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221285830770.1701195955%22%2C%22mntnis%22%3A%22xxhnExhzyzanRsg%2FBm3Z0crI8n3irFqo%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1285830770.1701195955&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195954%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=26533687452650324&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
IP
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (2312)
Hash c1d50ebcce530e700107ec2e79f294de
7f4e71b9ad119be4ac12ca894985a843bbbeaae4
97de2cdde5d44da7ba78fc0633def1d74867ad4f9f4f48add144569ca5051862
GET /st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1285830770.1701195955&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221285830770.1701195955%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221285830770.1701195955%22%2C%22mntnis%22%3A%22xxhnExhzyzanRsg%2FBm3Z0crI8n3irFqo%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1285830770.1701195955&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195954%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=26533687452650324&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 28 Nov 2023 18:25:52 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=8fac788f-8e1b-11ee-b1a6-653cf6889022;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
gs.mountain.com/gs
200 OK 144 B IP
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with no line terminators
Hash 7528fedf98deeab3d0f4519cf19d5215
f8491d3e19f6081b6ad86c635349d44b4a23b785
8e8a15524ea90e1c972181eee16ea39d65e8c41a24c51cb1df87f292340e32c0
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: guid=8fac788f-8e1b-11ee-b1a6-653cf6889022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 28 Nov 2023 18:25:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195956713&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&Q=1&Y=1&X=5b69ac59337c4f52147c34917f360e22
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195956713&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&Q=1&Y=1&X=5b69ac59337c4f52147c34917f360e22
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195956713&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&Q=1&Y=1&X=5b69ac59337c4f52147c34917f360e22 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 42438
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:53 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195956847&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&U=39bb809d133a93f6777ad2fc1ac345db&z=1&Q=2&S=0&N=0
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195956847&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&U=39bb809d133a93f6777ad2fc1ac345db&z=1&Q=2&S=0&N=0
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195956847&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&U=39bb809d133a93f6777ad2fc1ac345db&z=1&Q=2&S=0&N=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 626
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:53 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195957096&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&S=1483&N=9&P=1
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195957096&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&S=1483&N=9&P=1
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195957096&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&S=1483&N=9&P=1 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 219
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:53 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1285830770.1701195955&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221285830770.1701195955%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221285830770.1701195955%22%2C%22mntnis%22%3A%22xxhnExhzyzanRsg%2FBm3Z0crI8n3irFqo%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1285830770.1701195955&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195954%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1701195952077972&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1701195952828
200 OK 450 B URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1285830770.1701195955&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221285830770.1701195955%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221285830770.1701195955%22%2C%22mntnis%22%3A%22xxhnExhzyzanRsg%2FBm3Z0crI8n3irFqo%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1285830770.1701195955&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195954%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1701195952077972&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1701195952828
IP
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (1555), with no line terminators
Hash 29f2f007e70c723c5b62258cff989e33
1100616d25afae5c50685e8e9cef0e6742f5563d
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
GET /st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1285830770.1701195955&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221285830770.1701195955%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221285830770.1701195955%22%2C%22mntnis%22%3A%22xxhnExhzyzanRsg%2FBm3Z0crI8n3irFqo%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1285830770.1701195955&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195954%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1701195952077972&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1701195952828 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: guid=8fac788f-8e1b-11ee-b1a6-653cf6889022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 28 Nov 2023 18:25:53 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=8fac788f-8e1b-11ee-b1a6-653cf6889022;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 18
server: istio-envoy
connection: close
transfer-encoding: chunked
mtb-app.quantummetric.com/?s=29e1740efa5592aeac49b1d310d9faa2&H=7523738cfdac421be589bf27&Q=3
200 OK 50 B URL GET HTTP/2 mtb-app.quantummetric.com/?s=29e1740efa5592aeac49b1d310d9faa2&H=7523738cfdac421be589bf27&Q=3
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash fa187c75ef32c05e9bf58b4c16ecd58f
307ec2580f33ee9d227ab965f034a2192213147f
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
GET /?s=29e1740efa5592aeac49b1d310d9faa2&H=7523738cfdac421be589bf27&Q=3 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:52 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
content-encoding: gzip
X-Firefox-Spdy: h2
rl.quantummetric.com/mtb/hash-check
200 OK 0 B URL OPTIONS HTTP/2 rl.quantummetric.com/mtb/hash-check
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /mtb/hash-check HTTP/1.1
Host: rl.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www3.mtb.com/
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 18:25:53 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: https://www3.mtb.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
rl.quantummetric.com/mtb/hash-check
200 OK 2 B URL OPTIONS HTTP/2 rl.quantummetric.com/mtb/hash-check
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /mtb/hash-check HTTP/1.1
Host: rl.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 226
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 18:25:54 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www3.mtb.com
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: *
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2116
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=767793c568381db1f0642862bef72e26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:55 GMT
content-length: 0
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195953469&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1285830770.1701195955&ul=en-us&sr=1280x1024&_s=2&sid=1701195954&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=CQ&_ee=1&up.cq_category=malicious&tfd=8676
204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195953469&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1285830770.1701195955&ul=en-us&sr=1280x1024&_s=2&sid=1701195954&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=CQ&_ee=1&up.cq_category=malicious&tfd=8676
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195953469&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1285830770.1701195955&ul=en-us&sr=1280x1024&_s=2&sid=1701195954&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=CQ&_ee=1&up.cq_category=malicious&tfd=8676 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://www3.mtb.com
date: Tue, 28 Nov 2023 18:25:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195961135&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&S=1839&N=14&P=2
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195961135&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&S=1839&N=14&P=2
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195961135&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&S=1839&N=14&P=2 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 267
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:57 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195961270&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&Q=2&S=1397&N=1
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195961270&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&Q=2&S=1397&N=1
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195961270&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&Q=2&S=1397&N=1 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 180
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:57 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2119
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=767793c568381db1f0642862bef72e26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:26:00 GMT
content-length: 0
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195966135&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&S=2480&N=21&P=3
0 B URL mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195966135&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&S=2480&N=21&P=3
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195966135&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&S=2480&N=21&P=3 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 121
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:26:02 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195966273&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&Q=2&S=1753&N=2
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195966273&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&Q=2&S=1753&N=2
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195966273&H=7523738cfdac421be589bf27&s=29e1740efa5592aeac49b1d310d9faa2&z=1&Q=2&S=1753&N=2 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 126
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:26:02 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
200 OK 56 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=oj9l6jd5znki
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 23:14:50 GMT
expires: Sun, 24 Nov 2024 23:14:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 241860
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195956135&z=1&S=0&N=0&P=0
200 OK 90 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195956135&z=1&S=0&N=0&P=0
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 3755eaf6bb52b898e3164b69092ded32
33d1d1ec3b0e9a81050e79dd9fa964453c2adb3e
107936dd3cf4ec1b21074f78fc42629597c76a900c36eebaa733c5791645d1d9
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195955350&v=1701195956135&z=1&S=0&N=0&P=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 867
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:52 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
content-encoding: gzip
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.76.js?utv=ut4.51.202309082106
200 OK 12 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.76.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1502)
Hash 116437dbfe2383c9f0cf62cad204af21
745a7e9d6ac335d60d21f853b11ff3c00f98082f
261d059a35cc207797574845f5ab6108985221618e7a3a2fb2ae959876aa1c6f
GET /utag/mtbank/main/prod/utag.76.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: TDkqzZwAqhrRhvbVciQ1HzbNX5W6oHLG
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"116437dbfe2383c9f0cf62cad204af21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: b4spbUHVqpyaDP3e5cDnMPA95QZOvsMmqOcnd6mdQ7tcHlNum1hhJQ==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
200 OK 64 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 64318
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 15 Oct 2020 22:08:15 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: "fb3e-5b1bce27771c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nvsE-t6954cqnZQFQJh-N2ToZCPl1bTV3kMVTX65uGgLKr6H8fxq6Q==
age: 1
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
200 OK 68 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-font-woff
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=86400, public, no-cache="set-cookie"
etag: "10857-59d634f851c40-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9NQAdZdibA9PSKPK0i82kL01C0e2YYtFs07Qt1p_ozw11Pm5lu7l3g==
age: 2159
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.41.js?utv=ut4.51.202309082106
200 OK 26 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.41.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (9524)
Hash b181e169dcc14ae08a0cc3712d909661
e0b8c520c2cef056482ae45b5f3b78743a409e85
30427c6100181f0b280c743b43991f39692b204418fb3f9591b2d6b94a4a4a1e
GET /utag/mtbank/main/prod/utag.41.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:48 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: i3jOAutcZEWYBud91BzatvV1RKYIxBkX
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"b181e169dcc14ae08a0cc3712d909661"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _G4jLaTsZBQxoJ_7Uexasehoxw26raMEY26CZrJYQ1oOh8FsPHi_sw==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
200 OK 67 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (26365)
Hash 3f878b933f4898d62bae656524f29d6d
8f52466629788b1a7d3c3ce4313ac815db87a036
ff59042a787de1cac5fc06165134b4192aec60a6deb477bead309f0c0334653f
GET /utag/mtbank/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:49 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: l6N_ToYiAXSZLIyImzr..qW9gq2POa01
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:47 GMT
etag: W/"3f878b933f4898d62bae656524f29d6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RUuGv1Cn5Qeu_GU8Jm5UX3eudbX8ywta5g-prhWkV2TzKvoNELj3yQ==
age: 211
cache-control: max-age=300
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c
200 OK 310 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (18108)
Size 310 kB (309796 bytes)
Hash afef44db400dd50a8a52e48cfed770f0
7d913cb60343d5bc3cf390c0ed7dbc78283360d1
ca828ffb6ef2d13de6cc14439e59b2b20abe1dd32949fcee850ab96251e0279e
GET /gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 18:25:50 GMT
expires: Tue, 28 Nov 2023 18:25:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tags.tiqcdn.com/utag/mtbank/main/prod/utag.199.js?utv=ut4.51.202209122156
200 OK 1.8 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.199.js?utv=ut4.51.202209122156
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1861), with no line terminators
Hash ca258e25c943bcef3dfd41645822d4ad
e54e2ac4f7a57bbef6ff9edb7e407fef59ce77d2
5fd992c797f3409de143f4e684faf01e21bfb70f3320bfcc5ea273e1de39f802
GET /utag/mtbank/main/prod/utag.199.js?utv=ut4.51.202209122156 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:38 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 39ee5QVEo8WXmjVJ8sKmTOfp_xfmNwjF
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"ccd5e6b310aaffc4c01db119fd655d49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j-e-apQGzcX-02Qnq5TAp0_E6TeQy5qAm-rqb1Mv51iQS6Ub_dyzvg==
age: 75
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.44.js?utv=ut4.51.202309082106
200 OK 12 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.44.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (2654)
Hash ead3e7e93f2a00859e53e8af518a769c
05f4b12fcb30ee7a9c91912991dd7fdab50b4ad9
a815f07309f546ec2efbfda07db85255a033a85fc3405aabb2b89198b24f3261
GET /utag/mtbank/main/prod/utag.44.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:31 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: rDyVnqJ2rimcpCPPzyp6QK6_NpTTAwBU
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"ead3e7e93f2a00859e53e8af518a769c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cRFZdta5RV8wBV0K9lzf4X_lfFZ4G5v1FqWZM4pCr6HTFYxHfpD1Xw==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.46.js?utv=ut4.51.202309082106
200 OK 23 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.46.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (2654)
Hash 6935e9649d85a3bc2d1b048f4bbcadad
651c243e405c4a3a0f68ae88f7c9acbe8508742e
fb85ebd26bea989b34bd3e933bebb11d303d2651ba1e165f00d8b54184b1794e
GET /utag/mtbank/main/prod/utag.46.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:44 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: yDptu2GaCDYWBiaRwrBolFZqExxEFvFv
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"6935e9649d85a3bc2d1b048f4bbcadad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3G5Y_Xy7jml6BIEJK15j_Vmm8NZ30ynZDyuHefEyc2u0ggq8L4L8gQ==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.190.js?utv=ut4.51.202309150258
200 OK 12 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.190.js?utv=ut4.51.202309150258
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1502)
Hash 3fa84955656e038fa0b29a7071e11b9e
48552b5d7a15756e32ed2622cfa8d9a20e8b9020
0aa52826692f5659c775d5a7a1ee4a8fccc272326d3cae7f820509811db5de05
GET /utag/mtbank/main/prod/utag.190.js?utv=ut4.51.202309150258 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:48 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: dTP5TtuQtzCD2AD7pP8rNLaWik0JHZgL
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"3fa84955656e038fa0b29a7071e11b9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tWuQWFOrgR9TRzJZgQcxiUMZgtUONHJ8tOQC6X3sGYWNumbJz3kccA==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/vendor.js
200 OK 242 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/vendor.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
Size 242 kB (242353 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etc.clientlibs/axp-common/clientlibs/vendor.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
cache-control: max-age=3600, public, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 17:33:22 GMT
etag: "3b2b1-5f7e77317d100-gzip"
last-modified: Mon, 27 Mar 2023 20:18:44 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M5p0rZVblz4zrte6oeepOmKzBqao7mK3WYqrj8v2Y25yuVXRdcoNEQ==
age: 3146
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.40.js?utv=ut4.51.202309082106
200 OK 23 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.40.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (2654)
Hash abdad7929e53cd427b404739bb6c008a
f24c50678845cf9dd2deb490b4ff60dc0091a436
ebeae3232d874a98ff3fd8a80a2f2daa1fef4753f6ad12ff6c38340f5defc195
GET /utag/mtbank/main/prod/utag.40.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:42 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _6F8FUKDRtIryAvM8HqwXjyMb9Ii.wRb
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"abdad7929e53cd427b404739bb6c008a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RKgmvDCklDeSNiK4TXejMffcjFTVFnqcmEppqRua34ED1OLMObFcew==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3
200 OK 884 B URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with very long lines (884), with no line terminators
Hash 4a1e46ea57cca735b88001af4c5627c4
c86be5b1e08ed276d56000dde23bd5ddfd0de4dc
155fadeb1caf31fbecabc353006b90adc8731d18612919898f675d59b0a946ad
GET /recaptcha/api.js?render=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 28 Nov 2023 18:25:49 GMT
date: Tue, 28 Nov 2023 18:25:49 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.210.js?utv=ut4.51.202308231951
200 OK 4.7 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.210.js?utv=ut4.51.202308231951
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4953), with no line terminators
Hash 233c4e53246b29b19005f3207f5b2bca
90fa3a1108eb881985eecaf9f614e17f66efebe2
fcd881080f534c9bf1e7db9804d916b29b7dcf80603f57c2ae7ffcfeaf76cc5e
GET /utag/mtbank/main/prod/utag.210.js?utv=ut4.51.202308231951 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:45 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: VImDRX.P39UMgeHdx6ognuc_OknWoUZ2
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"fc8dd498b52d8d3cf99c905c4c449ab5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: voCEXURmkW7wRAGI56BYFfXj1VXTSW3mj6AffcmtJeLXDjkNodYk5w==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
200 OK 401 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
Size 401 kB (400917 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 20:48:52 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=3600, public, no-cache="set-cookie"
etag: "61e15-5e29c47dd1500-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mOf9qhZdFmksMb1Vz2UX3Uk2pmjDQ3XmMBzuf6sVsvnz7qXYMK3Fyg==
age: 2159
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.224.js?utv=ut4.51.202311152118
200 OK 11 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.224.js?utv=ut4.51.202311152118
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4277)
Hash 96fc5663c665ce5ac49b91da259ad6e2
40cd16916e6fd892fb163e65f541dd31ce6bef87
378802513d17c0ad7feba3c108bcc69656b021e0496697eb00f01150785902d9
GET /utag/mtbank/main/prod/utag.224.js?utv=ut4.51.202311152118 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:47 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: tl4wyRki75pZwKiOPr1xqbUx_7qFHOwH
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"96fc5663c665ce5ac49b91da259ad6e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nQYU-oniZNewz1mnu4ZS9TvQMwTAJT9Zh39OXRu3-qUKYnpLCslkew==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.214.js?utv=ut4.51.202311032118
200 OK 19 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.214.js?utv=ut4.51.202311032118
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3546)
Hash 44f250918a311d630ea570f556d2ad93
a8d849a101842f8a8a193a6c773cee716627dfb6
51d55bf1a4edbb8a3c1b4ac53501414c4f13b75b17390b997df4158c705a2bc3
GET /utag/mtbank/main/prod/utag.214.js?utv=ut4.51.202311032118 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:41 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: HAzDvZm40wLeQCnYirC8bSPhhHx5v75P
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"44f250918a311d630ea570f556d2ad93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dXddppxrf52urV_X7-cTU9xM7RCt4UA9VhZkzzRa0QMinJ8JmnW0PA==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.215.js?utv=ut4.51.202304242124
200 OK 3.8 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.215.js?utv=ut4.51.202304242124
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3990), with no line terminators
Hash 11fd4f9c90ab9f30a578942551c9b1a8
8e8783bd18714ddd391a04189c6b5188660ae50b
ce6cd62b048f7ebba755c96b72b3ef06fa013ebebb108c7dd94d2fac984f0b87
GET /utag/mtbank/main/prod/utag.215.js?utv=ut4.51.202304242124 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ipH536GzoWmjvH35gdflz4_i49EYShJ.
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"6036d70643e670da4933ca0ef7ab8430"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YCWKtAyy7kSPX3qYkYsBvNPFZ7AzNpLya1IZYjwYCuxFjEGfDKFPWw==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.70.js?utv=ut4.51.202302282213
200 OK 6.0 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.70.js?utv=ut4.51.202302282213
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (6214), with no line terminators
Hash d3dc955c2f3e37d4acfa9c538ef8677a
9b44f042fc069a87a2e74b05d077f7c6979fc040
d4584ae50e5702c22d8118cb917574689ab6cad39f5ff8d28260fc8fe34948a5
GET /utag/mtbank/main/prod/utag.70.js?utv=ut4.51.202302282213 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: eMPj3gHdAkavqOj4BpyYxorQneegUOSr
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"f929de1f2a09babd711094e1f9c5796a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wInTwre-2uZmfFuuG1YP1zvs9gEomHsHhLNu0KjisABxOAADQlNzMg==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
cdn.quantummetric.com/qscripts/quantum-mtb.js
200 OK 404 kB URL GET HTTP/2 cdn.quantummetric.com/qscripts/quantum-mtb.js
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:54:0B:41:47:C2:B6:ED:76:B2:16:87:F5:14:21:47:F1:E0:64:E3
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3803)
Size 404 kB (404344 bytes)
Hash dfb7be420c62b9970d01395f96b3d9fd
cf8256b64c9e2d88d509ade7f6dcec0fb81bc873
b7e44dcb6cf3157060913c8d41b6648d30c87d41dc122a4c51ecc45eda8adf5a
GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 18:25:49 GMT
content-type: text/javascript
vary: Accept-Encoding
etag: W/"170104804954216986872405791691740804464"
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: no-sniff
strict-transport-security: max-age=31536000
x-robots-tag: noindex
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82d4a7dddf381c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=oj9l6jd5znki
200 OK 61 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=oj9l6jd5znki
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52117)
Hash 5eef0538653b67b30f156b98e778ad33
0c2b0dec7e943f1b632dcb0931ace37fe23ff014
ab63791ed79dbba17c392fe5f464490abf5b612408ef372ae1dbe9554abb6a66
GET /recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=oj9l6jd5znki HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Nov 2023 18:25:49 GMT
content-security-policy: script-src 'nonce-gnEvyxQAJSW8u0HZm6bBTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
200 OK 68 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#1be3ad97cd7b423ea6001ee342dc4d1e#1701197814; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197753230%3Bexp-session; utag_main_ses_id=1701195953230%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 67671
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 17:42:12 GMT
etag: "10857-59d634f851c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CvId1Q5X2G_isXSBvunYQubZJA1WElMR6-SEy_oeLAQ41V5EiVgqDA==
age: 2617
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.47.js?utv=ut4.51.202106282113
200 OK 4.0 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.47.js?utv=ut4.51.202106282113
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4158), with no line terminators
Hash d7bd8440d774ee5496281ddd6fed96a8
a8deba43434065d26114f9eedc2a551036c6ab04
c0eff4095cd1fc9f00ffdae12244f9485afbcc526ae5e865de9b4e61b9075b0b
GET /utag/mtbank/main/prod/utag.47.js?utv=ut4.51.202106282113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _WiZ8H3xjRwaJ0aIi23JsMDWqZ3fi_K7
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"b73a711ac493f9b5876470d80db7b924"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mT-TFyiOlX96lBmyReLo-9hzF0k7YJ7gPn5cZ8Qs18-Xkk-sK4btFw==
age: 211
cache-control: max-age=1296000
X-Firefox-Spdy: h2
193.109.85.238
143.204.55.68
184.24.45.171
188.125.94.204