r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7be8442ec1e518ccc80739495f6d047
7a9d24b9d4046262c7753c49afaf9c19f4840626
b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5829
Expires: Fri, 04 Nov 2022 02:57:20 GMT
Date: Fri, 04 Nov 2022 01:20:11 GMT
Connection: keep-alive
dakotainversiones.com/m&tbank/login.php?online_id=cd71504c76604698c510e92fd&country=&iso=
162.241.181.215200 OK 4.8 kB URL HTTP/1.1 dakotainversiones.com/m&tbank/login.php?online_id=cd71504c76604698c510e92fd&country=&iso=
IP 162.241.181.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (960), with CRLF line terminators
Hash d6fd7732ae946ac127d0ef1a4859e600
6e736f02b745af71b5314995d67c388d9ac66fdd
2b280140d97587bcba3a40aa85310de4700aac41fe3132637a16ba1378b6377a
Analyzer Verdict Alert openphish M & T Bank Coporation
GET /m&tbank/login.php?online_id=cd71504c76604698c510e92fd&country=&iso= HTTP/1.1
Host: dakotainversiones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 01:20:11 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4763
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2842f538168981f07b56e2c69379841a
0cc4ad0a78c1407bc9b7850eb0fb1a02130e3b22
3f9e8fb02409a19ceb54fee3f0f7f73eeed9e0ad63fa778eac7b3e4633d7d682
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5262
Cache-Control: max-age=121118
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 01:20:12 GMT
Etag: "63638a5c-1d7"
Expires: Sat, 05 Nov 2022 10:58:50 GMT
Last-Modified: Thu, 03 Nov 2022 09:31:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2842f538168981f07b56e2c69379841a
0cc4ad0a78c1407bc9b7850eb0fb1a02130e3b22
3f9e8fb02409a19ceb54fee3f0f7f73eeed9e0ad63fa778eac7b3e4633d7d682
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5262
Cache-Control: max-age=121118
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 01:20:12 GMT
Etag: "63638a5c-1d7"
Expires: Sat, 05 Nov 2022 10:58:50 GMT
Last-Modified: Thu, 03 Nov 2022 09:31:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7571
Expires: Fri, 04 Nov 2022 03:26:23 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Pap+vIiNvQ4iTp4vQi20tijJ1sdsG6rkfapys007oKJ+VxT0+DbaZuuWf1qm/d0hZhNPQnH5P3w=
x-amz-request-id: A9F7CEA4GMB8G71S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 00:46:35 GMT
age: 2017
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 01:20:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dakotainversiones.com/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9
162.241.181.215302 Found 123 B URL HTTP/1.1 dakotainversiones.com/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9
IP 162.241.181.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 3b5704ac3f80d0e8752d5b90b4ab6a78
1581e1e2bee62630f980576e28267382a98c082e
367a713fa48eff5693284c5e6e2fb7b70b6daeb58c067d159717274fec1bb676
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9 HTTP/1.1
Host: dakotainversiones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dakotainversiones.com/m&tbank/login.php?online_id=cd71504c76604698c510e92fd&country=&iso=
HTTP/1.1 302 Found
Date: Fri, 04 Nov 2022 01:20:12 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Location: https://ois.is/images/logo.png
Content-Length: 123
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
dakotainversiones.com/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17
162.241.181.215302 Found 123 B URL HTTP/1.1 dakotainversiones.com/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17
IP 162.241.181.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 3b5704ac3f80d0e8752d5b90b4ab6a78
1581e1e2bee62630f980576e28267382a98c082e
367a713fa48eff5693284c5e6e2fb7b70b6daeb58c067d159717274fec1bb676
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17 HTTP/1.1
Host: dakotainversiones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dakotainversiones.com/m&tbank/login.php?online_id=cd71504c76604698c510e92fd&country=&iso=
HTTP/1.1 302 Found
Date: Fri, 04 Nov 2022 01:20:12 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Location: https://ois.is/images/logo.png
Content-Length: 123
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83864b8d6c68ae0e21db0598b7f7cd48
9b9bdcbe5163a29d42c994847b31784e9470de0e
e9fc2e2462727e5467034ff39676ee8059802b9c6fbaba14fb9d489d8fbed109
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E9FC2E2462727E5467034FF39676EE8059802B9C6FBABA14FB9D489D8FBED109"
Last-Modified: Tue, 01 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=121
Expires: Fri, 04 Nov 2022 01:22:13 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83864b8d6c68ae0e21db0598b7f7cd48
9b9bdcbe5163a29d42c994847b31784e9470de0e
e9fc2e2462727e5467034ff39676ee8059802b9c6fbaba14fb9d489d8fbed109
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E9FC2E2462727E5467034FF39676EE8059802B9C6FBABA14FB9D489D8FBED109"
Last-Modified: Tue, 01 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=121
Expires: Fri, 04 Nov 2022 01:22:13 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
dakotainversiones.com/Assets/scripts/Login/Index.js
162.241.181.215302 Found 123 B URL HTTP/1.1 dakotainversiones.com/Assets/scripts/Login/Index.js
IP 162.241.181.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 3b5704ac3f80d0e8752d5b90b4ab6a78
1581e1e2bee62630f980576e28267382a98c082e
367a713fa48eff5693284c5e6e2fb7b70b6daeb58c067d159717274fec1bb676
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: dakotainversiones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dakotainversiones.com/m&tbank/login.php?online_id=cd71504c76604698c510e92fd&country=&iso=
HTTP/1.1 302 Found
Date: Fri, 04 Nov 2022 01:20:12 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Location: https://ois.is/images/logo.png
Content-Length: 123
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
dakotainversiones.com/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
162.241.181.215302 Found 123 B URL HTTP/1.1 dakotainversiones.com/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
IP 162.241.181.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 3b5704ac3f80d0e8752d5b90b4ab6a78
1581e1e2bee62630f980576e28267382a98c082e
367a713fa48eff5693284c5e6e2fb7b70b6daeb58c067d159717274fec1bb676
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1
Host: dakotainversiones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dakotainversiones.com/m&tbank/login.php?online_id=cd71504c76604698c510e92fd&country=&iso=
HTTP/1.1 302 Found
Date: Fri, 04 Nov 2022 01:20:12 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Location: https://ois.is/images/logo.png
Content-Length: 123
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1da99b0f00fcc060896bdacaa49c64f9
e60db610944a3bcb80ead1475c35f79f2fc872c6
5304fc4e460efe2f3409bea9a9e3edbd74b2ef215f04927ae7bda33965aaf554
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5304FC4E460EFE2F3409BEA9A9E3EDBD74B2EF215F04927AE7BDA33965AAF554"
Last-Modified: Thu, 03 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21529
Expires: Fri, 04 Nov 2022 07:19:01 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 5f0b5eafd8cad50067b6e0f5e391b062
f03ba9a32ac154b52247857fb0be09f735c5527b
bee53eef3420a58eb27aa05ca318d576dd1d11573a9cb79766d30b5590531133
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BEE53EEF3420A58EB27AA05CA318D576DD1D11573A9CB79766D30B5590531133"
Last-Modified: Thu, 03 Nov 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3428
Expires: Fri, 04 Nov 2022 02:17:20 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d5b017924e8c181769c3affe56702bdf
d25ea1ee9d4f4aac6ae71128009947e753643e90
8f39bfbfd517df87ef73dbd11377c2a735fc88afb347a84df62b29276e51fb0e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8F39BFBFD517DF87EF73DBD11377C2A735FC88AFB347A84DF62B29276E51FB0E"
Last-Modified: Thu, 03 Nov 2022 23:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=3370
Expires: Fri, 04 Nov 2022 02:16:22 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d5b017924e8c181769c3affe56702bdf
d25ea1ee9d4f4aac6ae71128009947e753643e90
8f39bfbfd517df87ef73dbd11377c2a735fc88afb347a84df62b29276e51fb0e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8F39BFBFD517DF87EF73DBD11377C2A735FC88AFB347A84DF62B29276E51FB0E"
Last-Modified: Thu, 03 Nov 2022 23:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=3480
Expires: Fri, 04 Nov 2022 02:18:12 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d5b017924e8c181769c3affe56702bdf
d25ea1ee9d4f4aac6ae71128009947e753643e90
8f39bfbfd517df87ef73dbd11377c2a735fc88afb347a84df62b29276e51fb0e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8F39BFBFD517DF87EF73DBD11377C2A735FC88AFB347A84DF62B29276E51FB0E"
Last-Modified: Thu, 03 Nov 2022 23:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Fri, 04 Nov 2022 02:19:35 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 04d2ba9296d384c0a5f9ad51f3f6537c
bdcc68ea3ec0d83eb9273623cd1dc262ea529a4f
b8575719fffdf19a0c658f047a90d7ee2cc974987f11694c3121c4cd7a6f415f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B8575719FFFDF19A0C658F047A90D7EE2CC974987F11694C3121C4CD7A6F415F"
Last-Modified: Thu, 03 Nov 2022 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3551
Expires: Fri, 04 Nov 2022 02:19:23 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 04d2ba9296d384c0a5f9ad51f3f6537c
bdcc68ea3ec0d83eb9273623cd1dc262ea529a4f
b8575719fffdf19a0c658f047a90d7ee2cc974987f11694c3121c4cd7a6f415f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B8575719FFFDF19A0C658F047A90D7EE2CC974987F11694C3121C4CD7A6F415F"
Last-Modified: Thu, 03 Nov 2022 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Fri, 04 Nov 2022 02:20:12 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 04d2ba9296d384c0a5f9ad51f3f6537c
bdcc68ea3ec0d83eb9273623cd1dc262ea529a4f
b8575719fffdf19a0c658f047a90d7ee2cc974987f11694c3121c4cd7a6f415f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B8575719FFFDF19A0C658F047A90D7EE2CC974987F11694C3121C4CD7A6F415F"
Last-Modified: Thu, 03 Nov 2022 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3577
Expires: Fri, 04 Nov 2022 02:19:49 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670d0b2f341e8ff1e4ee9fe4fe21e210
dcd277daebf63623b985a81a96bcdc6a6f67c518
75029ab8db44811ac539aa3e2f1f8e015a45b80cb5a1099cec7d64e55e2a72a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2865
Cache-Control: max-age=113661
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 01:20:12 GMT
Etag: "63637698-1d7"
Expires: Sat, 05 Nov 2022 08:54:33 GMT
Last-Modified: Thu, 03 Nov 2022 08:06:48 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 04d2ba9296d384c0a5f9ad51f3f6537c
bdcc68ea3ec0d83eb9273623cd1dc262ea529a4f
b8575719fffdf19a0c658f047a90d7ee2cc974987f11694c3121c4cd7a6f415f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B8575719FFFDF19A0C658F047A90D7EE2CC974987F11694C3121C4CD7A6F415F"
Last-Modified: Thu, 03 Nov 2022 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Fri, 04 Nov 2022 02:20:12 GMT
Date: Fri, 04 Nov 2022 01:20:12 GMT
Connection: keep-alive
nexus.ensighten.com/mtbank/OE-Prod/Bootstrap.js
13.224.245.122200 OK 15 B URL HTTP/1.1 nexus.ensighten.com/mtbank/OE-Prod/Bootstrap.js
IP 13.224.245.122:0
Hash ffe905f50d9b47e6353b68513c4d48ac
d2c2ee4201cca3be67abf771ed1f1922fa94d083
c0d8671e209f009f9c1ad8153222f942087ec193b7e87f856e60971bd5424633
GET /mtbank/OE-Prod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dakotainversiones.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 15
Connection: keep-alive
Date: Fri, 04 Nov 2022 01:20:13 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Fri, 22 Jul 2022 23:48:01 GMT
ETag: "ffe905f50d9b47e6353b68513c4d48ac"
x-amz-server-side-encryption: AES256
Cache-Control: no-cache, no-store
x-amz-version-id: aoJA4xuOoFemAhjg4lZAdeni.2iMq5FL
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 8583d317c3b0492356857e1a1a67d192.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: hAoztJpACBiv1S1n9UiNo1Rj_feSUn4Tzcpj_EHhTa8l-Pag8Ja-zg==
resources.mtb.com/r/simple-layout-responsive/css.mtb?v=08132020140516
192.216.61.78200 OK 35 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/css.mtb?v=08132020140516
IP 192.216.61.78:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 8bcb2a239bd14a5375f8811151bf3042
3233ae1b5607f15fab9632b052c6cf027dc51c99
594d9ce21b7e406d907598eafcd7de3f37967499cfb84b03785b862579b649d7
GET /r/simple-layout-responsive/css.mtb?v=08132020140516 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dakotainversiones.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Expires: Sat, 04 Nov 2023 01:20:12 GMT
Last-Modified: Fri, 04 Nov 2022 01:20:11 GMT
ETag: "1667524812:dtagent102512209090408188zu6"
Vary: User-Agent
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="67836328"
Date: Fri, 04 Nov 2022 01:20:11 GMT
Cteonnt-Length: 258715
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_9_sn_C3DEF2D4926000405AC0214B1F2EA8C6_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd9ff32a5f8c3c47c888877bd67d8e8fd3830a565b86926b157c2c38217e916b2fd0c6dce93204cbfa0b4fdf9bee84bd35; Path=/
TS0128739d=019f8203fd515f06107eb4f108b7d2517da2627f85830a565b86926b157c2c38217e916b2f9b180064b8901ff12af9a1e01d5a3c0e8ed279dd72b94b1755c572d6bc960d59; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000dc64298ade3c5cfa899cb2dc916313609a07705280e010edbae9bc667d36c2c40899a1e61711300082ff5ecf7413db6c7d5d7d831e19b752c0e754aed4fa0dceb8d568a55f1a1267d23c55b1fde5431ba5d47826b2d6e881; Path=/
Transfer-Encoding: chunked
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VC/K47wOmu0MnnAPjEjxfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lgLedKEri7xgi9qHSHSeaM4yNlM=
resources.mtb.com/Assets/img/mtb-entrust.svg
192.216.61.78200 OK 1.3 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-entrust.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators
Hash 9a569ad20708d7453d89fe6c72e7fcdc
60b6a41620583484642f7c826faf8e3c879a6374
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dakotainversiones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Thu, 03 Nov 2022 04:40:50 GMT
Accept-Ranges: bytes
ETag: "0b5c5723eefd81:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-581181036"
Date: Fri, 04 Nov 2022 01:20:12 GMT
Content-Length: 1349
Set-Cookie: TSf60233d5027=08affc4e07ab2000ef47a9464cfbcfb774f1f89f804acaee0f4bd1c50f1ad4cc432ddb07b904e51c08db29d8961130006d642694bebc363aed1990eecfd71bcf763c13a243e245a6a6afd77a401d1c3de15af718ddb19f096ce6889f3cb5d2df; Path=/
resources.mtb.com/Assets/img/mtb-logo.svg
192.216.61.78200 OK 2.0 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-logo.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators
Hash f2b901cf895852a0866fe4a16c7f1730
c4240af1ec798477b4e65a185ddbb1b038817da4
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dakotainversiones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Thu, 03 Nov 2022 04:40:50 GMT
Accept-Ranges: bytes
ETag: "0b5c5723eefd81:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1017658076"
Date: Fri, 04 Nov 2022 01:20:12 GMT
Content-Length: 2039
Set-Cookie: TSf60233d5027=08affc4e07ab2000ab045b69c294505c3165e12cfc9fb899c87d64a446c5d60c36f8ce3ba14dc1200861202d651130002cd4889e5bcd78c5ed1990eecfd71bcf2ca71ff1c31752f3a85ed7bf2a098c5d96ebde3aab4e8ed22f25de0940c1993d; Path=/
resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
192.216.61.78200 OK 230 B URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 916635d10512ae6a1840614a895dcd38
db175de4c42281bb4d239c57d1b95b8e75c529ec
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dakotainversiones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Thu, 03 Nov 2022 04:40:50 GMT
Accept-Ranges: bytes
ETag: "0b5c5723eefd81:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="487257618"
Date: Fri, 04 Nov 2022 01:20:12 GMT
Content-Length: 230
Set-Cookie: TSf60233d5027=08affc4e07ab2000b793cfc88bfd3b0b528e141447fb716104952979bddcb8835751735ed9f82a9008fc81f7a311300038c13745fd5ec8a6ed1990eecfd71bcf310d4e4395d10849f887be800aa3fb5d85c12431bbbae55268022ca344e720a7; Path=/
resources.mtb.com/r/simple-layout-responsive/js.mtb?v=08132020140516
192.216.61.78200 OK 104 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/js.mtb?v=08132020140516
IP 192.216.61.78:0
File type ASCII text, with CRLF line terminators
Size 104 kB (103531 bytes)
Hash 709ebc99ab68894c16d41797eb08e778
76a47991fe6d37cfff3521535bf366798a97e292
3ac3d1438229e5d19ab15b5a7552eb05497af3ea08ecc93fb3c5d084d73e60b9
GET /r/simple-layout-responsive/js.mtb?v=08132020140516 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dakotainversiones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Expires: Sat, 04 Nov 2023 01:20:12 GMT
Last-Modified: Fri, 04 Nov 2022 01:20:11 GMT
ETag: "1667524812:dtagent102512209090408188zu6"
Vary: User-Agent
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1917155519"
Date: Fri, 04 Nov 2022 01:20:11 GMT
ntCoent-Length: 322405
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_1_sn_F5D53F2487C55F230EA8F6CC39FDFD83_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_1; Path=/; Domain=.mtb.com
TS019299a7=019f8203fda41a3b00073310b854463906780923b3d194af95646644163f5f3148944e615b5aebd3c8aa17253f78c423811b208c94; Path=/
TS0128739d=019f8203fd8dc84d3c33a024e1c84df02bbd4554f8d194af95646644163f5f3148944e615b3992f0cd35f433e32e8f0daa670e8a25399956e7cd1ae1e799ff2df2b0cf906b; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200042d0b79db8de2c33cc65101342a8a0a88a10fa29a409ab6072b90155a7a230f80872337aef1130007568c91e6fb763267d5d7d831e19b752ede2bd710fcdb9136cb6975ee75e7cf6f61c736d0381feea327bb8c850838883; Path=/
Transfer-Encoding: chunked
resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
192.216.61.78200 OK 4.8 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 4776, version 1.0\012- data
Hash ac13691b89191d11d0e5577eb3cf3d53
0126fa82c0ab022e61b5de74f1fe3e204a905a7b
108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://dakotainversiones.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Thu, 03 Nov 2022 04:40:49 GMT
Accept-Ranges: bytes
ETag: "0b5c5723eefd81:0:dtagent102512209090408188zu6"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-526885080", dtTao;desc="1"
Date: Fri, 04 Nov 2022 01:20:12 GMT
Content-Length: 4776
Set-Cookie: dtCookie=v_4_srv_9_sn_28EA11159E48F3BCB367CD476C914E7F_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd39ddb2841f29b04a33653beb8c2b252a2823eaadbacb61a7c60bd07f1ca557c04ee85e7198c0dbf27cae8918e22d2b7a; Path=/
TS0128739d=019f8203fde0a17dbafe94dff2e6ad4a740cdb64e72823eaadbacb61a7c60bd07f1ca557c0ca645db1f54bce543a7fe05cc056fdfaaa278f09ea992466a9f80825b39f257f; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000e0c69ae3535833f97c05b8d8feaee3bbc9f0fd06f158032627dadf9e7e2a149508c0ec36311130001026432af40249efed1990eecfd71bcfce8168ae2a1776b3df98e6def4fdc86d3312746a167cf98b40986d07623e076d; Path=/
asset.mtb.com/Documents/html/homepage/favicon.ico
18.165.201.113200 OK 15 kB URL HTTP/2 asset.mtb.com/Documents/html/homepage/favicon.ico
IP 18.165.201.113:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash e82f458a5c1c5353a97401eccc925613
949d6c8d06ca14b52f496c20f63fae269b6708c2
cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dakotainversiones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 14862
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Fri, 04 Nov 2022 00:52:11 GMT
last-modified: Wed, 04 May 2022 18:18:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "3dce-5de33a8b9cac0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa2f611dc578ba7eecb9a39cb23b1b70.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: JBWFcNs6LhsJLuAS6FANztfUHdMMHj5vW_kehYLSxrQs0Y4NbTIwPw==
age: 1682
X-Firefox-Spdy: h2
resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
192.216.61.78200 OK 64 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://dakotainversiones.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Thu, 03 Nov 2022 04:40:49 GMT
Accept-Ranges: bytes
ETag: "0b5c5723eefd81:0:dtagent102512209090408188zu6"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="762079972", dtTao;desc="1"
Date: Fri, 04 Nov 2022 01:20:12 GMT
Content-Length: 64318
Set-Cookie: dtCookie=v_4_srv_1_sn_03B82C8246AFB28ED5B92619F4C062AE_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd0c5f1a92a1900dacb071d95651d7d4527f74f572efb9585d27760096892aa9646840dbca2b8f474e0893a2954d0ac127; Path=/
TS0128739d=019f8203fd0bd7d9f3b2c657749b333197ac2b41067f74f572efb9585d27760096892aa964dee041bf3f8a968d8d23284864e5c01de1d12bef1a3dadf71424905ca5bfdb4d; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000d0328c41eb679872da289956a1dfc9d83a5094705d17a9ed1a5a87a82bbc1d3108cd377201113000a349999151645faaed1990eecfd71bcf0eeea038d05e3a7dc9a8f907839d8d173d01cd6e7b19a8ee7612519b622c854c; Path=/
resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
192.216.61.78200 OK 68 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://dakotainversiones.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Thu, 03 Nov 2022 04:40:49 GMT
Accept-Ranges: bytes
ETag: "0b5c5723eefd81:0:dtagent102512209090408188zu6"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1623049233", dtTao;desc="1"
Date: Fri, 04 Nov 2022 01:20:12 GMT
Content-Length: 67671
Set-Cookie: dtCookie=v_4_srv_11_sn_4AEA694F817788B3638D84026BFB996D_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fdc0fece4814a0894b44168d7045da0e144b28eaca796e1999d0bb21717a3f88d156af8ab3aef1f4c66a5b7b3bd98d5641; Path=/
TS0128739d=019f8203fd944db8ac5436c7ab3d27f1d9dfe20d034b28eaca796e1999d0bb21717a3f88d1fb0e761d44c58869e1679845566dfdec0f3f36d905d0ed046f83d19ef52612ec; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab20005ab7ff474b27acd0390184dd6c006a173083170e77119cf1411b2a2a11a3f49208c4c4557311300071d80b00062b7e39ed1990eecfd71bcf69e4301caf2adc4d8b1783fa3b63d08a81c777c7688b0c06030043fb35adc4b5; Path=/
ois.is/images/logo.png
172.67.209.233200 OK 776 B IP 172.67.209.233:0
File type HTML document, ASCII text, with very long lines (569), with no line terminators
Hash ce2e6c2b67beb49e65c4328a6b7b8583
2048647e037b182a60d82766cceae70ed322e0ee
62b25ba511caa8cadf50bdc385e44642dd358467433dcf5779b9f292eaeb8c6b
GET /images/logo.png HTTP/1.1
Host: ois.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dakotainversiones.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 01:20:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARW4nYNOgAeUIBkSliK3zg5u2RObPHHGmuy74q%2Btux4enFwYm%2BHqB5RV8grf4JMXF7TluzPn%2FAd2EsgtL0YEZ8alegMqr3HqgriiRzp%2BIfEVUiHG4KtKFlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7649869ddfd9b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4170
Expires: Fri, 04 Nov 2022 02:29:44 GMT
Date: Fri, 04 Nov 2022 01:20:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4170
Expires: Fri, 04 Nov 2022 02:29:44 GMT
Date: Fri, 04 Nov 2022 01:20:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55f392ea73e9746f7edb30e319646c4b
09b052e39f5493c2c2b79d92e81e510aeffbfcb4
9a5b1575ed3a943be74e212f41f122178dcf4c89ef0d78eb8cc761508cd453d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9023
x-amzn-requestid: 599a15c5-bd47-4c30-91e5-b445da7e66f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwvQHCsIAMFWlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e61-1d36740311e6b1e531d44767;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:08:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FdYEabB0P-JcMOvjTK2TdVUCbuCbCEICZXoKHcz2-QdUfpIgey1tWw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 14:25:51 GMT
age: 39263
etag: "09b052e39f5493c2c2b79d92e81e510aeffbfcb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae1ac87f2e6534322ba259d6e06fcaa5
c721a00ae618e6ed997e102fa3d977ef830cac05
2f4cab8b925f6a79ed96b08edc00f04186d33ed9cfd4ba565884a931e83ae408
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7601
x-amzn-requestid: bec1a71e-c5bd-4332-ac60-18b49304a5a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a275aEHYoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f736f-1b36c60a43415790430fbecf;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 07:04:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MORvkZWLXGvSFYxjnSiYJluJY302y_FTvACRUrEvo7vLYkheyEcE1g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 08:33:19 GMT
age: 60415
etag: "c721a00ae618e6ed997e102fa3d977ef830cac05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d35891-f796-4a25-b3d1-1a1f42800b89.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d35891-f796-4a25-b3d1-1a1f42800b89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9685f5d5e91c119fef70a5f0ac2bb64f
52318fc169c37f8dc2c48ae478f1ad136bd3762d
37487b56f0613c240c6d556f35fe423fe75ba0979a320b9b41bea03b105456a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d35891-f796-4a25-b3d1-1a1f42800b89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5782
x-amzn-requestid: a177e1a1-8c19-410f-ab92-6e36cb11bb5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0RqFRPoAMFy-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364340a-095c72b028d4886618ad570a;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:06 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M-fMqJ6fhWbBipZ9vi2eLfDYewAHsJFMjd2EwGDI7RnplK36MsMG_Q==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:54:24 GMT
age: 12350
etag: "52318fc169c37f8dc2c48ae478f1ad136bd3762d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02641b8c-1dd8-435a-974c-742ebe42dc8e.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02641b8c-1dd8-435a-974c-742ebe42dc8e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6eeadc4cf94026430250d497b18c2106
65d7de9f2853ba1d8241cebe1ebbff20a5bef0ba
437ec5e94b9cefc7ca77c9644e25ce9ead169811d1ca283bbf83bd5231c02366
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02641b8c-1dd8-435a-974c-742ebe42dc8e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: e2f28365-7a43-4007-8d3c-4180a1dae3cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0RpErIIAMFxcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364340a-5fd7e5cc6adf0bcb3c0a46cb;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: o7rLGV6ABdBVF4og7-1Jxn0hYvBv_A7Z0iX_caEpb4MkJxMzAqTaBg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:51:55 GMT
age: 12499
etag: "65d7de9f2853ba1d8241cebe1ebbff20a5bef0ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9377625-12b2-40bf-bed1-8d112e4792ce.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9377625-12b2-40bf-bed1-8d112e4792ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8218e6618cc5dfab99d246689bfd12d
42dcb8936c83390f41e73f1ba51f43945247c4b5
3952f69675693e42771a56afa2d73674e6821c9048c730090090228de25ebd18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9377625-12b2-40bf-bed1-8d112e4792ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4012
x-amzn-requestid: d833febc-9037-416a-9195-bb18d27998b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1ihF9XIAMFSLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364360f-0f8fc3741f3e74da45fb139d;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:43:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JfC1ZHZUpFK0HoqfuBzD01ZM5A4rydYs8nfyjcdFmbf9dsaNgecs2Q==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:31 GMT
age: 12463
etag: "42dcb8936c83390f41e73f1ba51f43945247c4b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c45c5ed-4fd2-4e66-a47f-772395ce0860.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c45c5ed-4fd2-4e66-a47f-772395ce0860.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2de2d97028ee074a101930b1eb702cdd
8755ead9d94462f54cda2899213091587536e5c5
41de8ff5d34fabc0860286540f5c2c8e9b1aa80c1b62ed5de9ea64d99822e28f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c45c5ed-4fd2-4e66-a47f-772395ce0860.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9866
x-amzn-requestid: a0aa9bd7-1d42-409c-b474-92be9fca9957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0RrFzIoAMFTCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364340a-592d43a27b2ee494424770a4;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qNdNbORoi1KNd4r11LTrjUG6cRkz0T7mwTE24VVLQqPpGc9w_fRFUw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:51:51 GMT
age: 12503
etag: "8755ead9d94462f54cda2899213091587536e5c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ois.is/images/logo.png
172.67.209.233200 OK 0 B IP 172.67.209.233:0
GET /images/logo.png HTTP/1.1
Host: ois.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dakotainversiones.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 01:20:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSwr%2FjVjBL3KrQKRR9O6btYhNEQXpGjRRhkoXKbWho3hRN6ZjxvMH5WR1YFzhIFPZoytcwpVSX%2FyDLAT6hoRDdnJWYxFn9njBYSlJMzWqfUE5zIpbORksfo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7649869ea872b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2