dahlkempers.gotrackier.com/t/Ml8x/?gclid=EAIaIQobChMIluWBiJjnggMVJgOtBh2MyAyIEAAYASAAEgJgwPD_BwE
302 Found 0 B URL User Request GET HTTP/2 dahlkempers.gotrackier.com/t/Ml8x/?gclid=EAIaIQobChMIluWBiJjnggMVJgOtBh2MyAyIEAAYASAAEgJgwPD_BwE
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB2:6E:F3:B5:C6:E8:2C:85:0C:48:BC:30:5C:3A:1B:B4:67:76:FA:E3
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/Ml8x/?gclid=EAIaIQobChMIluWBiJjnggMVJgOtBh2MyAyIEAAYASAAEgJgwPD_BwE HTTP/1.1
Host: dahlkempers.gotrackier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 28 Nov 2023 18:25:46 GMT
content-length: 0
location: https://vizhunz.com/
x-rt: 7
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: sess_6565e8d8ef73f96d07349175=65607ba20ffdad11410034f0; expires=Tue, 05 Dec 2023 18:25:46 GMT; path=/; HttpOnly
__cf_bm=tRYLI8Rmkg6r9vrjfl5LkUInwCO9VtuXqeZ.XmQxa6o-1701195946-0-AVuGJSmyVMgOZ1uu/oL4Y9qU2ZD5DKr6va5f9fclZZ3QhRiUPQaRPsM3mJ3W6cTKVX6doRk/zJW4KN9H1ih6Jbg=; path=/; expires=Tue, 28-Nov-23 18:55:46 GMT; domain=.gotrackier.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82d4a7c7dcdf0b45-OSL
X-Firefox-Spdy: h2
302 Found 0 B URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjectvizhunz.com
Fingerprint17:F8:33:8B:0D:1A:50:01:95:36:CF:D6:5E:77:C2:19:E2:C0:56:4A
ValiditySat, 25 Nov 2023 05:00:14 GMT - Fri, 23 Feb 2024 05:00:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: vizhunz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 18:25:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://www3.mtb.com/
200 OK 39 kB URL User Request GET HTTP/2 IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (625), with CRLF, LF line terminators
Hash 8d395498c4e1db199a42fc6edaf2fbb5
fad47458b114a91f4870fd51ccebec139c5d9951
1f05b1154c87dfb68111fe7e8d828593a5c97834cfd8a94bb2ab14fcff34beeb
GET / HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html;charset=utf-8
content-length: 39248
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 17:42:19 GMT
last-modified: Mon, 27 Nov 2023 22:28:06 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "23e01-60b29d0e0a688-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BsEIBK17NNt11jRCU5bPwZfnGJNziQw3tvFXhyddPCrpCL_1B5yEmA==
age: 2607
X-Firefox-Spdy: h2
www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/top10bb.png
200 OK 1.7 kB URL GET HTTP/2 www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/top10bb.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash f9cf99b0792b7c4b4b0e77a55a0bc57a
3a3677a774c33e6050d14727ec88af58270038df
d3031f393f481e7ff2b1c3b5687898027c555769b16bf8022d665f35b38e53ac
GET /content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/top10bb.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1663
accept-ranges: bytes
content-disposition: inline
last-modified: Wed, 13 Oct 2021 14:22:46 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "67f-5ce3cb229d980"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OF-RTrbv8JGSZixUR062RgnokGFqYh-EJSSEsALTOGbQ9g_oCAuDNQ==
age: 3144
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/icons/mtb-icon-mortgage-2c-cmyk.png
200 OK 2.0 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icons/mtb-icon-mortgage-2c-cmyk.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 250 x 219, 8-bit colormap, non-interlaced\012- data
Hash 8eb8405ec6e9e761ea45321b2a180ab5
e220ff9fa0d83c5416fd7860621c39b71b756b23
d37a24ba2d508b82283588651c66d6412271fd8a358a4e00fdd97028a3be79b3
GET /content/dam/mtb-web/images/icons/mtb-icon-mortgage-2c-cmyk.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1959
accept-ranges: bytes
content-disposition: inline
last-modified: Mon, 21 Jun 2021 19:11:47 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "7a7-5c54b71dbc2c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kl0B11EICMl1U5XCF4CaI1PCpPCDAdNIkeOt_W9KUNqgAjLcN58ifw==
age: 3142
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
200 OK 64 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 64211
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=86400, public, no-cache="set-cookie"
etag: "fb3e-59d634f851c40-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RDEFaFJhN9bNWgx81Mh8v0kMng-CNru58bPWA6V1Vuu6wlSZfaoM5Q==
age: 2158
X-Firefox-Spdy: h2
www3.mtb.com/content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/green-logo.png
200 OK 22 kB URL GET HTTP/2 www3.mtb.com/content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/green-logo.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 600 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e1d02e141e89a4c45d9c0aa5530bc3a
970e63270ce5fd36c51c3b25724b7b37f014f760
4ab56bfc693e75fbc52de80072dcbcd412efe057dcc099c9b718fb6f85ee129b
GET /content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/green-logo.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 21842
accept-ranges: bytes
content-disposition: inline
last-modified: Tue, 29 Sep 2020 01:18:52 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "5552-5b06990dcd700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cTBV_eno5NecuOYd1tcZjqCLcjqInUDALRfvasYyjidZu2CAjiosfA==
age: 3391
X-Firefox-Spdy: h2
www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.png/1682695513883/greenwich-bestbrand-logo-2022.png
200 OK 88 kB URL GET HTTP/2 www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.png/1682695513883/greenwich-bestbrand-logo-2022.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 1280 x 936, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e3e25b8cdb668da7c113a4d2dc29245
6e88af943648241223340349d69ca2cbc248e604
e54fb701404dbfdf89c833056445ffd3cd1a635770755ecf58d6633171ead3d2
GET /content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.png/1682695513883/greenwich-bestbrand-logo-2022.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 87544
accept-ranges: bytes
content-disposition: inline
last-modified: Fri, 28 Apr 2023 15:25:13 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "155f8-5fa6714514840"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3cE7b5YWTrAFyHeTZrDyjw5__6f3uS5-l1v0NXu-1u2-IavW5YUNWw==
age: 3144
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/charReplace.js
200 OK 510 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/charReplace.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 69343d9dcce5b1ebe56595355bfc8203
f65412156c2a2dbbe4f5bd861b4ca77552d7552c
349fcbc04454df744fd82c5e90f76cc8d7d406daad8a3ce2733228ea97362b7a
GET /content/dam/mtb-web/scripts/charReplace.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 510
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 13:21:26 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:47 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "677-5d046deb14180-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GQ5J6KqbaZ6Vw0hYRBSBG5Rnw7Zr3kzIsWqLCxpEwyvoPsssfXlrkw==
age: 1467
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/alert_new_design.css
200 OK 764 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/alert_new_design.css
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type ASCII text, with CRLF line terminators
Hash 2bd96525445ea9dcfd2b12e750081920
e0fb1636779662e08e17a16b040b5cc25a4fb08d
b5c4f84863e8dae702e1fe95afde0694076e896b6dca5b895749bfcf2736ba68
GET /content/dam/mtb-web/scripts/alert_scripts/alert_new_design.css HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 764
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 13:54:52 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:47 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "8c9-5cf2db47b2300-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rjHSzo55x8H_BvP2wKgN9r0q0SeTgZAB0PnxmlVCbLxTn1jS-meycQ==
age: 1467
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/status.js
200 OK 4.4 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/status.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Unicode text, UTF-8 text, with very long lines (457), with CRLF line terminators
Hash 80965724d8ffd17a06b69c110717291a
17a63fa278636a052476817549554f1e88e517eb
4b01cc862c3b0bbd0aa2c42f7f4dcfd9e0136b26d1028b93466b3bbde6fbc8b8
GET /content/dam/mtb-web/scripts/status.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4428
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 18:25:47 GMT
last-modified: Thu, 09 Nov 2023 15:25:14 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "38c8-609b9cf6eaa80-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: p_oP4Y6ZNwvhXY76VODQRrdEHTBOSeKS_c9Ll2tHvc-lHn2ck1SD1g==
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/clientlib-header.js
200 OK 856 B URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/clientlib-header.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
Hash f08a2dcdee6b33b1b77c2d085e427d96
57ce9110cdc8ff99533fd59d5df0e46fa9d23e62
873c8d09b7dc8da369132e741cbe7e5843aa228f191165fe4b5b24babda94c19
GET /etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/clientlib-header.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 856
accept-ranges: bytes
cache-control: max-age=3600, public, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 18:25:47 GMT
last-modified: Thu, 21 Apr 2022 20:37:43 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "94b-5dd3014f013c0-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HGyZUL6UEl_zdHRSppN1qMmf9Lu_3vmyZqkAT38YalAgC5Z7WGSPmg==
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js
200 OK 2.6 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (348), with CRLF line terminators
Hash a785ae3de97a97fc6ba11041c9dba58f
c17d0e86cd838e9e548b65b6fe4df02a27fa56da
e607f1bf6289a92939620798cea2c6df4696d6b8d374b9bc5e11c7fd114643e5
GET /content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2594
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 18:25:47 GMT
last-modified: Thu, 16 Nov 2023 15:54:02 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "5646-60a4707517a80-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TixCDrDgMPapFI7w7yYEbHyPcPfQUBPI1O4moE0y-H7oDXzk8lYyFw==
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
200 OK 58 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type ASCII text, with very long lines (1334)
Hash 7475228b6f7589022e5b32e35e6ab1c1
0b42a9681bf83a3fc5cc2a4679f1610fc22a5a0e
8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.css HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css;charset=utf-8
content-length: 57814
accept-ranges: bytes
cache-control: max-age=3600, public, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 18:25:47 GMT
etag: "6a323-5f7e773365580-gzip"
last-modified: Mon, 27 Mar 2023 20:18:46 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Qcd3M5UDuxJUNfzYuu9g_kb4S1UZHVI2Wd5cdHLmFZNhl4mgvnOsBA==
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
200 OK 81 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (26365)
Hash 3f878b933f4898d62bae656524f29d6d
8f52466629788b1a7d3c3ce4313ac815db87a036
ff59042a787de1cac5fc06165134b4192aec60a6deb477bead309f0c0334653f
GET /utag/mtbank/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:49 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: l6N_ToYiAXSZLIyImzr..qW9gq2POa01
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:47 GMT
etag: W/"3f878b933f4898d62bae656524f29d6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6MDjl-fNikcC7tqCYYYdJ2Yb2nd7MAHnKgYSQ249bcEN-C0HfUwPkA==
age: 209
cache-control: max-age=300
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/logos/favicon.ico.transform/16x16/image.png
200 OK 401 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/logos/favicon.ico.transform/16x16/image.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f32eaa315f438c20f938353fe16010d8
35763994c45d8bd91ada5da2b9800dae0aa696e5
e8f7f28606aa73ac8d557037ea2733637ce665a2cce96355cc4fbe1a3faade00
GET /content/dam/mtb-web/logos/favicon.ico.transform/16x16/image.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 401
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 09 Nov 2023 21:29:49 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:48 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "191-609bee755ed4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ffX_NndKlhiXDb24hnZZD-jYOflaTbRlxISdB1nodELRpU3myMBPHw==
age: 2602
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/logos/favicon.ico.transform/96x96/image.png
200 OK 2.6 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/logos/favicon.ico.transform/96x96/image.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 4fd768d2f655e21bee5bac3c6b38bd6c
fa02239152ca15fa297333f184883dd23e0a43f0
52f3dce4eae9bf172e485e0c33ad0dc31fd3582f6a3f69354fa4baf932397cd1
GET /content/dam/mtb-web/logos/favicon.ico.transform/96x96/image.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2634
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
date: Tue, 28 Nov 2023 17:42:25 GMT
etag: "a4a-609bf483dee4d"
last-modified: Thu, 09 Nov 2023 21:56:55 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BOfHd-JVmUux_r3gDhYneS4VPkPr8onSeTf-kAxmUbxuKX0jptAbUg==
age: 2602
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 263422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
200 OK 68 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 67671
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 15 Oct 2020 22:08:15 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 17:30:15 GMT
etag: "10857-5b1bce27771c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ECyfB8PEY-xDj7w8UljNp3O2NwyCDSHA-WVz-lza11JpO3o0Nfoz0A==
age: 3333
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
200 OK 92 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (6007)
Hash 2f0066863c3bd710b7c377fa0120740b
ed5fc0b95ec4b3372eea3584cfb7da276135580a
cfb01d57a614c957786e548c6e0f0e45ad764e5f7527b2be97d9653bc13530a3
GET /utag/mtbank/main/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:49 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: PZuUK.nGSoyLZnNSGfnhLHybf5SsM.04
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:47 GMT
etag: W/"2f0066863c3bd710b7c377fa0120740b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5nWn3nNcFAA90HMM8tXQ3batyyb5rb5DDDj0lVgyxz9KsZUvKjVhxw==
age: 209
cache-control: max-age=300
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
200 OK 66 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Hash 2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 66170
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 15 Oct 2020 22:08:15 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 17:51:44 GMT
etag: "1027a-5b1bce27771c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2-GDmCvIMa5IfcHAMk9B7aNVq31Jjep5WZGkjIzkMX9Wf_HEve1Jrg==
age: 2044
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf
200 OK 125 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type gzip compressed data, from Unix\012- data
Size 125 kB (124627 bytes)
Hash 940db4b69e23ef767342cd2cdf1c6c6f
bf53467b646b7460ca298e6c3dce232629004ff1
0433c628063f8482d183bc42145c95b4980f8ada3cfe323aff0f378fa2b309a4
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-otf
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=86400, public, no-cache="set-cookie"
etag: "22470-59d634f851c40-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GHWZRxlP9JxzMb0czEKl7yJID0vkcFeTPCseenrMEfTjD8PXrrrXmg==
age: 3391
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
200 OK 66 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Hash 2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 66170
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 17:30:15 GMT
etag: "1027a-59d634f851c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lya6WybpWz9Q7Qw0Pd6-wUIc-nlUHfRhX8Ak3iCs92f0Bu__qkQafw==
age: 3333
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/main/202311161601&cb=1701195952250
200 OK 2 B URL GET HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/main/202311161601&cb=1701195952250
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=mtbank/main/202311161601&cb=1701195952250 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Nov 2023 18:16:15 GMT
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i69hObyP3rd36E0VnRhGlIdiGzEGj5qrhRvtHdLcBtTuGRStNdGceA==
age: 574
cache-control: max-age=300
X-Firefox-Spdy: h2
up.pixel.ad/assets/up.js
200 OK 1.6 kB IP
Certificate IssuerDigiCert, Inc.
Subject*.pixel.ad
Fingerprint90:49:0B:53:0F:49:12:53:9F:86:B5:F7:18:5B:E6:4B:FC:E3:D5:1F
ValidityTue, 24 Jan 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3275)
Hash 711eb341d28bbab8a78ad2fd0f559e8d
eefb20f53cc561fa0807dc2a405ac7a5e02dbad4
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
GET /assets/up.js HTTP/1.1
Host: up.pixel.ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: accept-encoding
content-encoding: gzip
content-type: application/javascript
server: AC1.1
x-llid: 84b420ca819b93dae5af76a335eac2de
age: 250150
date: Tue, 28 Nov 2023 18:25:48 GMT
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
content-length: 1550
X-Firefox-Spdy: h2
ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js
200 OK 37 kB URL GET HTTP/2 ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js
IP
Certificate IssuerAmazon
Subject*.segreencolumn.com
FingerprintAC:2F:0B:8B:11:5D:70:82:2B:2D:B6:76:B7:AF:79:45:9F:20:E1:AD
ValidityTue, 18 Jul 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 10458c8d29a0bbf087affa9e21951a55
215f17d606ff12272fd20fb77fa0f6c0af01c3ee
2c603d1edfac89808ddaefca1d7f925e5c03ac7d9a254e20bcb8bf900e6257ed
GET /i/8032d93d154e4517e5e5e20fa9c27d7b.js HTTP/1.1
Host: ob.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 37259
content-encoding: gzip
server: Caddy
date: Tue, 28 Nov 2023 08:19:02 GMT
cache-control: max-age=43200
expires: Tue, 28 Nov 2023 20:14:53 GMT
etag: "18e53-IV8X1gb/Eicv0g+3f6D2wK8Bw+4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EMvyokw4Uwux2BoPPzPvKV9MqVqKwN5r-cglE1iNGq9cMxdCJR81AA==
age: 36655
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
200 OK 145 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type gzip compressed data, from Unix\012- data
Size 145 kB (145274 bytes)
Hash 9c5e44beb6044306177a523d9cf2d236
e1bad98d972f03a4f6432c796f63a6a21f12455d
ba33bd5d68ad8c51f198a105ee1b5d6286bb994baa6bedcd7d304011a4b4b970
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=86400, public, no-cache="set-cookie"
etag: "10857-59d634f851c40-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rfgdSpOywzw5V2lBC6Gu8gS3L4Q3lvE37m5GCWDLxt1JBeebya1PXA==
age: 2158
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.40.js?utv=ut4.51.202309082106
200 OK 71 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.40.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (2654)
Hash abdad7929e53cd427b404739bb6c008a
f24c50678845cf9dd2deb490b4ff60dc0091a436
ebeae3232d874a98ff3fd8a80a2f2daa1fef4753f6ad12ff6c38340f5defc195
GET /utag/mtbank/main/prod/utag.40.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:42 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _6F8FUKDRtIryAvM8HqwXjyMb9Ii.wRb
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"abdad7929e53cd427b404739bb6c008a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CW01EkIobALWMXTm1n_SNJ0B64zBcgs5u497pzeFIy3aITQ4s3UqHw==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf
200 OK 57 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type OpenType font data\012- data
Hash d10c6490e9d5be5c0e848b27587e898d
e5b082e39d183c5808ba1b2b11fefc7c0c9b3eb4
4811ee822203f35548bebc7744992f09907deaa219261cb4031bff8919df7187
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-otf
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=86400, public, no-cache="set-cookie"
etag: "22470-59d634f851c40-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: drRG9mFjajNnmU0ow65s4SUWhW-MwMzFvptQyf_xWpPUnd95r7Do4Q==
age: 3392
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gria3ltb567p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 23:14:50 GMT
expires: Sun, 24 Nov 2024 23:14:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 241858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tags.tiqcdn.com/utag/mtbank/main/prod/utag.46.js?utv=ut4.51.202309082106
200 OK 198 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.46.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (2654)
Size 198 kB (197597 bytes)
Hash 6935e9649d85a3bc2d1b048f4bbcadad
651c243e405c4a3a0f68ae88f7c9acbe8508742e
fb85ebd26bea989b34bd3e933bebb11d303d2651ba1e165f00d8b54184b1794e
GET /utag/mtbank/main/prod/utag.46.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:44 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: yDptu2GaCDYWBiaRwrBolFZqExxEFvFv
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"6935e9649d85a3bc2d1b048f4bbcadad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vnWalYSU4IoaXpbG2_glvmD5EsOpm5HOuXESsYI8B2t9hicNgQpGgQ==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.70.js?utv=ut4.51.202302282213
200 OK 8.3 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.70.js?utv=ut4.51.202302282213
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1689)
Hash f929de1f2a09babd711094e1f9c5796a
97aae6d2c3bd2328149be6f6d84ef05ec796e076
39bdd1aa228f6cdb1affa8913eed241f4cb05e311876575864acb09dd8fd3128
GET /utag/mtbank/main/prod/utag.70.js?utv=ut4.51.202302282213 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: eMPj3gHdAkavqOj4BpyYxorQneegUOSr
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"f929de1f2a09babd711094e1f9c5796a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lvP7wH26fOeYHimnyVeLOw0v-L3vtM46RMM3qDgiFirR2TxCX8yZhA==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/diversity-inclusion/50-50-volunteer.jpg
200 OK 106 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/diversity-inclusion/50-50-volunteer.jpg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], progressive, precision 8, 640x475, components 3\012- data
Size 106 kB (106522 bytes)
Hash fff7810a494fe47b9a449a8438340a4f
b7cc552c6dccfb101b6d2946218c24291650fe9e
6fedf35ac46726adad6f74f4a766269bff2b6c352f85e4f44166d922a6088bab
GET /content/dam/mtb-web/images/diversity-inclusion/50-50-volunteer.jpg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 106522
accept-ranges: bytes
content-disposition: inline
last-modified: Mon, 19 Jul 2021 17:10:22 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "1a01a-5c77d0331fb80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: w4ZnRuSrMGVa4sNrlygz8CAm6CWNDalSMLVlCFWdFBNhx46oka79AA==
age: 2717
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/convenience-section-image1.png
200 OK 230 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/convenience-section-image1.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 348 x 441, 8-bit/color RGBA, non-interlaced\012- data
Size 230 kB (229468 bytes)
Hash 70ad94b75dfd85edf2838ff874064ee0
cb039ee7e3891762ff9a18a39f876eaf84049dc2
6d22eac589d45bcc1b34ce347a26ad1b1b9b30ae2c395744e0beacea2d083d5f
GET /content/dam/mtb-web/images/personal-home-page/convenience-section-image1.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 229468
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:06:22 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "3805c-5a36fa49cf380"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 87ZrrhggF6CxmSdic_rbsGRR4Ew9awLOr3gH0JXxTv7p2JBU3oXbQQ==
age: 2717
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/mom-daughter-couch-desktop.jpg
200 OK 99 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/mom-daughter-couch-desktop.jpg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1440x650, components 3\012- data
Hash 1b04d2b352a06662954f38522f2596af
f33145bd443f5dea9975e2aa5245c48db6b5889a
bf1c3d3c93edb5011e8f8b9002275c4ba13f028b733c089d7528cd51dff4c63a
GET /content/dam/mtb-web/images/personal-home-page/mom-daughter-couch-desktop.jpg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 99062
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 11 Mar 2021 18:06:24 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:48 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "182f6-5bd46a4374800"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: H9_JrJtiVKVqcDiBl4nK3Tv5pW2FU8aj16aZkrNx4ADYkqSCR_a19w==
age: 2632
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3
200 OK 16 kB URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type gzip compressed data\012- data
Hash 810ec85ce52118ee14980f322d51553f
04d3e5a98dee3e2b8437146f24b96f9a00116451
aa39305490f7e27773f07633db7910f4c4efc86ffe62729c338a458545b3eac5
GET /recaptcha/api.js?render=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 28 Nov 2023 18:25:47 GMT
date: Tue, 28 Nov 2023 18:25:47 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gria3ltb567p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:23:18 GMT
expires: Fri, 22 Nov 2024 23:23:18 GMT
cache-control: public, max-age=31536000
age: 414150
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 263422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gria3ltb567p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:37:43 GMT
expires: Wed, 29 Nov 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 506885
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c
200 OK 97 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (18108)
Hash ad577145ad5cf1df6469b47e2cf883ca
bebaa8f5f3315b1937ffb279f5ff2dbf26611661
b44119d2e7d0dd93f2791a59ce78ece155f8b2ce4e75e46d85388f235f12e7c3
GET /gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 18:25:49 GMT
expires: Tue, 28 Nov 2023 18:25:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
obs.segreencolumn.com/ct?id=40173&url=https%3A%2F%2Fwww3.mtb.com%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1701195952720&hl=4&op=0&ag=1317291471&rand=136261599502968209607222692911202920192600681662222627200111616222602597850026491159&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDc3MzFdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMSwyLDExMCwwLDIsMCwwLDMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDQsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwIl0sWy0xLCJMaW51eCB4ODZfNjQiXSxbLTIsIjksSXNOOW5HbldiQVlBSXhOZlFhT3FHRTBDRkFRc2NHMDBJbmhPYllCQUtZVU96UU82RVgwMjBJbUdMY3U2MnVyZFAvYzJkMnBObVZaQXdmMy8vOHo3OUdySGExV3UzT21YUFB2ZSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIkhUTUw1XCIsXCJnZW9Mb2NhdG9yXCIsXCJjb29raWVzVXRpbHNcIixcIkRFVlwiLFwiVU5ERUZJTkVEXCIsXCJ0ZWFsaXVtVXRpbHNcIixcIkdFT19MT0NBVElPTl9ERUZBVUxUX1NUUlVDVFwiLFwiVUlFdmVudENvbGxlY3RvclwiLFwiUHJveHlDb2xsZWN0b3JcIixcIlNFUFwiLFwiVXRpbHNcIixcIm1vZGFsT2JqZWN0XCIsXCJQQUlSXCIsXCJCTEFDS0JFUlJZXCIsXCJjdXN0b21FdmVudHNPYmplY3RcIixcImdlb0xvY2F0b3JTdGF0dXNcIixcIkJyb3dzZXJEZXRlY3RcIixcIkhhc2h0YWJsZVwiLFwic3RhcnRzV2l0aFwiLFwiRG9tRGF0YUNvbGxlY3Rpb25cIixcIklFX0ZpbmdlclByaW50XCIsXCJNb3ppbGxhX0ZpbmdlclByaW50XCIsXCJPcGVyYV9GaW5nZXJQcmludFwiLFwiVGltZXJcIixcImdldFJhbmRvbVBvcnRcIixcIkJsYWNrYmVycnlMb2NhdGlvbkNvbGxlY3RvclwiLFwiZGV0ZWN0RmllbGRzXCIsXCJGaW5nZXJQcmludFwiLFwidXJsRW5jb2RlXCIsXCJlbmNvZGVfZGV2aWNlcHJpbnRcIixcImRlY29kZV9kZXZpY2VwcmludFwiLFwicG9zdF9kZXZpY2VwcmludFwiLFwicG9zdF9maW5nZXJwcmludHNcIixcImFkZF9kZXZpY2VwcmludFwiLFwiZm9ybV9hZGRfZGF0YVwiLFwiZm9ybV9hZGRfZGV2aWNlcHJpbnRcIixcImRldGVjdERldmljZUNvbGxlY3Rpb25BUElNb2RlXCIsXCJpbml0XCIsXCJzdGFydENvbGxlY3Rpb25cIixcInN0b3BDb2xsZWN0aW9uXCIsXCJnZXRHZW9sb2NhdGlvblN0cnVjdFwiLFwiSFRNTDVMb2NhdGlvbkNvbGxlY3RvclwiLFwiSW50ZXJhY3Rpb25FbGVtZW50XCIsXCJVSUVsZW1lbnRMaXN0XCIsXCJhY3RpdmVYRGV0ZWN0XCIsXCJzdHJpcElsbGVnYWxDaGFyc1wiLFwic3RyaXBGdWxsUGF0aFwiLFwiY29udmVydFRpbWVzdGFtcFRvR01UXCIsXCJnZXRUaW1lc3RhbXBJbk1pbGxpc1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCIxXCIiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwMTE5NTk1MjYxNiwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsNDQwLDAsMSwwLDEzNiwxMywxOSwtMSwwLCwsMjQ3NiwyNDc2Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDAxMDAwMDAxMDAwMDAwMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDAxIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIxMTM3ODI1MDI4XCIsXCIzODU1MjMxMTkzXCIsXCIyOTU2MjkzMjk3XCJdLFwic1wiOjF9Il0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiVFJkY1FVbFdTMDFLZVZGTlRVbEtBeFlXVmxzWFNseGVTMXhjVjFwV1ZVeFVWeGRhVmxRV1VCWUJDUW9MWFFBS1hRZ01EVndOREFnT1hBeGNERndMQ1Y5WUFGb0xEbDBPV3hkVFNnTUlBdzhCQUE0TUZYVjVVVTFOU1VvREZoWldXeGRLWEY1TFhGeFhXbFpWVEZSWEYxcFdWQlpRRmdFSkNndGRBQXBkQ0F3TlhBME1DQTVjREZ3TVhBc0pYMWdBV2dzT1hRNWJGMU5LQXdnRENna01EUUFWYzNsUlRVMUpTZ01XRmxaYkYwcGNYa3RjWEZkYVZsVk1WRmNYV2xaVUZsQVdBUWtLQzEwQUNsMElEQTFjRFF3SURsd01YQXhjQ3dsZldBQmFDdzVkRGxzWFUwb0RDQU1LQ0FFTkRoVjVVVTFOU1VvREZoWldXeGRLWEY1TFhBPT0iXSxbLTU4LCItIl0sWy01OSwiLSJdLFstNjAsIi0iXSxbLTYxLCItIl0sWy02MiwiNTgiXSxbLTYzLCItIl0sWy02NCwiLSJdLFstNjUsIi0iXSxbLTY2LCItIl0sWy02NywiLSJdLFsiZGRiIiwiMCwxMCwwLDEsMSw0LDAsMCwwLDEsMCwwLDAsMCwzLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMiwwLDAsMSwyLDAsMCwwLDAsMCwxLDEsMiw2MywwLDI1LDAsMSwwLDAsMCwxLDEsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsMjU5XSxbImFibmNoIiwyNjBdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=3cB9crfilc&pto=2580&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1701195952.sPWTegLMg9jXz9PJ&suid=1.1701195952.IFZ2obft9oFgSP8r&tuid=1.1701195952.HoLoTz2neby3XHli&fbc=->m=WyJwYWdlX3ZpZXciXQ%3D%3D&it=53%2C2003%2C236&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
200 OK 1.1 kB URL GET HTTP/2 obs.segreencolumn.com/ct?id=40173&url=https%3A%2F%2Fwww3.mtb.com%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1701195952720&hl=4&op=0&ag=1317291471&rand=136261599502968209607222692911202920192600681662222627200111616222602597850026491159&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDc3MzFdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMSwyLDExMCwwLDIsMCwwLDMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDQsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwIl0sWy0xLCJMaW51eCB4ODZfNjQiXSxbLTIsIjksSXNOOW5HbldiQVlBSXhOZlFhT3FHRTBDRkFRc2NHMDBJbmhPYllCQUtZVU96UU82RVgwMjBJbUdMY3U2MnVyZFAvYzJkMnBObVZaQXdmMy8vOHo3OUdySGExV3UzT21YUFB2ZSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIkhUTUw1XCIsXCJnZW9Mb2NhdG9yXCIsXCJjb29raWVzVXRpbHNcIixcIkRFVlwiLFwiVU5ERUZJTkVEXCIsXCJ0ZWFsaXVtVXRpbHNcIixcIkdFT19MT0NBVElPTl9ERUZBVUxUX1NUUlVDVFwiLFwiVUlFdmVudENvbGxlY3RvclwiLFwiUHJveHlDb2xsZWN0b3JcIixcIlNFUFwiLFwiVXRpbHNcIixcIm1vZGFsT2JqZWN0XCIsXCJQQUlSXCIsXCJCTEFDS0JFUlJZXCIsXCJjdXN0b21FdmVudHNPYmplY3RcIixcImdlb0xvY2F0b3JTdGF0dXNcIixcIkJyb3dzZXJEZXRlY3RcIixcIkhhc2h0YWJsZVwiLFwic3RhcnRzV2l0aFwiLFwiRG9tRGF0YUNvbGxlY3Rpb25cIixcIklFX0ZpbmdlclByaW50XCIsXCJNb3ppbGxhX0ZpbmdlclByaW50XCIsXCJPcGVyYV9GaW5nZXJQcmludFwiLFwiVGltZXJcIixcImdldFJhbmRvbVBvcnRcIixcIkJsYWNrYmVycnlMb2NhdGlvbkNvbGxlY3RvclwiLFwiZGV0ZWN0RmllbGRzXCIsXCJGaW5nZXJQcmludFwiLFwidXJsRW5jb2RlXCIsXCJlbmNvZGVfZGV2aWNlcHJpbnRcIixcImRlY29kZV9kZXZpY2VwcmludFwiLFwicG9zdF9kZXZpY2VwcmludFwiLFwicG9zdF9maW5nZXJwcmludHNcIixcImFkZF9kZXZpY2VwcmludFwiLFwiZm9ybV9hZGRfZGF0YVwiLFwiZm9ybV9hZGRfZGV2aWNlcHJpbnRcIixcImRldGVjdERldmljZUNvbGxlY3Rpb25BUElNb2RlXCIsXCJpbml0XCIsXCJzdGFydENvbGxlY3Rpb25cIixcInN0b3BDb2xsZWN0aW9uXCIsXCJnZXRHZW9sb2NhdGlvblN0cnVjdFwiLFwiSFRNTDVMb2NhdGlvbkNvbGxlY3RvclwiLFwiSW50ZXJhY3Rpb25FbGVtZW50XCIsXCJVSUVsZW1lbnRMaXN0XCIsXCJhY3RpdmVYRGV0ZWN0XCIsXCJzdHJpcElsbGVnYWxDaGFyc1wiLFwic3RyaXBGdWxsUGF0aFwiLFwiY29udmVydFRpbWVzdGFtcFRvR01UXCIsXCJnZXRUaW1lc3RhbXBJbk1pbGxpc1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCIxXCIiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwMTE5NTk1MjYxNiwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsNDQwLDAsMSwwLDEzNiwxMywxOSwtMSwwLCwsMjQ3NiwyNDc2Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDAxMDAwMDAxMDAwMDAwMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDAxIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIxMTM3ODI1MDI4XCIsXCIzODU1MjMxMTkzXCIsXCIyOTU2MjkzMjk3XCJdLFwic1wiOjF9Il0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiVFJkY1FVbFdTMDFLZVZGTlRVbEtBeFlXVmxzWFNseGVTMXhjVjFwV1ZVeFVWeGRhVmxRV1VCWUJDUW9MWFFBS1hRZ01EVndOREFnT1hBeGNERndMQ1Y5WUFGb0xEbDBPV3hkVFNnTUlBdzhCQUE0TUZYVjVVVTFOU1VvREZoWldXeGRLWEY1TFhGeFhXbFpWVEZSWEYxcFdWQlpRRmdFSkNndGRBQXBkQ0F3TlhBME1DQTVjREZ3TVhBc0pYMWdBV2dzT1hRNWJGMU5LQXdnRENna01EUUFWYzNsUlRVMUpTZ01XRmxaYkYwcGNYa3RjWEZkYVZsVk1WRmNYV2xaVUZsQVdBUWtLQzEwQUNsMElEQTFjRFF3SURsd01YQXhjQ3dsZldBQmFDdzVkRGxzWFUwb0RDQU1LQ0FFTkRoVjVVVTFOU1VvREZoWldXeGRLWEY1TFhBPT0iXSxbLTU4LCItIl0sWy01OSwiLSJdLFstNjAsIi0iXSxbLTYxLCItIl0sWy02MiwiNTgiXSxbLTYzLCItIl0sWy02NCwiLSJdLFstNjUsIi0iXSxbLTY2LCItIl0sWy02NywiLSJdLFsiZGRiIiwiMCwxMCwwLDEsMSw0LDAsMCwwLDEsMCwwLDAsMCwzLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMiwwLDAsMSwyLDAsMCwwLDAsMCwxLDEsMiw2MywwLDI1LDAsMSwwLDAsMCwxLDEsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsMjU5XSxbImFibmNoIiwyNjBdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=3cB9crfilc&pto=2580&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1701195952.sPWTegLMg9jXz9PJ&suid=1.1701195952.IFZ2obft9oFgSP8r&tuid=1.1701195952.HoLoTz2neby3XHli&fbc=->m=WyJwYWdlX3ZpZXciXQ%3D%3D&it=53%2C2003%2C236&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3187), with no line terminators
Hash 642ad2f3afacba0cb1c2a5668d62270d
91ec07bcd896c35f37349a02b34ac1c240572074
57af1569f693a2eb90c497f97ff964639a3a737b2cc6211dd9af7bec1259c3f9
GET /ct?id=40173&url=https%3A%2F%2Fwww3.mtb.com%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1701195952720&hl=4&op=0&ag=1317291471&rand=136261599502968209607222692911202920192600681662222627200111616222602597850026491159&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDc3MzFdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMSwyLDExMCwwLDIsMCwwLDMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDQsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwIl0sWy0xLCJMaW51eCB4ODZfNjQiXSxbLTIsIjksSXNOOW5HbldiQVlBSXhOZlFhT3FHRTBDRkFRc2NHMDBJbmhPYllCQUtZVU96UU82RVgwMjBJbUdMY3U2MnVyZFAvYzJkMnBObVZaQXdmMy8vOHo3OUdySGExV3UzT21YUFB2ZSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIkhUTUw1XCIsXCJnZW9Mb2NhdG9yXCIsXCJjb29raWVzVXRpbHNcIixcIkRFVlwiLFwiVU5ERUZJTkVEXCIsXCJ0ZWFsaXVtVXRpbHNcIixcIkdFT19MT0NBVElPTl9ERUZBVUxUX1NUUlVDVFwiLFwiVUlFdmVudENvbGxlY3RvclwiLFwiUHJveHlDb2xsZWN0b3JcIixcIlNFUFwiLFwiVXRpbHNcIixcIm1vZGFsT2JqZWN0XCIsXCJQQUlSXCIsXCJCTEFDS0JFUlJZXCIsXCJjdXN0b21FdmVudHNPYmplY3RcIixcImdlb0xvY2F0b3JTdGF0dXNcIixcIkJyb3dzZXJEZXRlY3RcIixcIkhhc2h0YWJsZVwiLFwic3RhcnRzV2l0aFwiLFwiRG9tRGF0YUNvbGxlY3Rpb25cIixcIklFX0ZpbmdlclByaW50XCIsXCJNb3ppbGxhX0ZpbmdlclByaW50XCIsXCJPcGVyYV9GaW5nZXJQcmludFwiLFwiVGltZXJcIixcImdldFJhbmRvbVBvcnRcIixcIkJsYWNrYmVycnlMb2NhdGlvbkNvbGxlY3RvclwiLFwiZGV0ZWN0RmllbGRzXCIsXCJGaW5nZXJQcmludFwiLFwidXJsRW5jb2RlXCIsXCJlbmNvZGVfZGV2aWNlcHJpbnRcIixcImRlY29kZV9kZXZpY2VwcmludFwiLFwicG9zdF9kZXZpY2VwcmludFwiLFwicG9zdF9maW5nZXJwcmludHNcIixcImFkZF9kZXZpY2VwcmludFwiLFwiZm9ybV9hZGRfZGF0YVwiLFwiZm9ybV9hZGRfZGV2aWNlcHJpbnRcIixcImRldGVjdERldmljZUNvbGxlY3Rpb25BUElNb2RlXCIsXCJpbml0XCIsXCJzdGFydENvbGxlY3Rpb25cIixcInN0b3BDb2xsZWN0aW9uXCIsXCJnZXRHZW9sb2NhdGlvblN0cnVjdFwiLFwiSFRNTDVMb2NhdGlvbkNvbGxlY3RvclwiLFwiSW50ZXJhY3Rpb25FbGVtZW50XCIsXCJVSUVsZW1lbnRMaXN0XCIsXCJhY3RpdmVYRGV0ZWN0XCIsXCJzdHJpcElsbGVnYWxDaGFyc1wiLFwic3RyaXBGdWxsUGF0aFwiLFwiY29udmVydFRpbWVzdGFtcFRvR01UXCIsXCJnZXRUaW1lc3RhbXBJbk1pbGxpc1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCIxXCIiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwMTE5NTk1MjYxNiwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsNDQwLDAsMSwwLDEzNiwxMywxOSwtMSwwLCwsMjQ3NiwyNDc2Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDAxMDAwMDAxMDAwMDAwMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDAxIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIxMTM3ODI1MDI4XCIsXCIzODU1MjMxMTkzXCIsXCIyOTU2MjkzMjk3XCJdLFwic1wiOjF9Il0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiVFJkY1FVbFdTMDFLZVZGTlRVbEtBeFlXVmxzWFNseGVTMXhjVjFwV1ZVeFVWeGRhVmxRV1VCWUJDUW9MWFFBS1hRZ01EVndOREFnT1hBeGNERndMQ1Y5WUFGb0xEbDBPV3hkVFNnTUlBdzhCQUE0TUZYVjVVVTFOU1VvREZoWldXeGRLWEY1TFhGeFhXbFpWVEZSWEYxcFdWQlpRRmdFSkNndGRBQXBkQ0F3TlhBME1DQTVjREZ3TVhBc0pYMWdBV2dzT1hRNWJGMU5LQXdnRENna01EUUFWYzNsUlRVMUpTZ01XRmxaYkYwcGNYa3RjWEZkYVZsVk1WRmNYV2xaVUZsQVdBUWtLQzEwQUNsMElEQTFjRFF3SURsd01YQXhjQ3dsZldBQmFDdzVkRGxzWFUwb0RDQU1LQ0FFTkRoVjVVVTFOU1VvREZoWldXeGRLWEY1TFhBPT0iXSxbLTU4LCItIl0sWy01OSwiLSJdLFstNjAsIi0iXSxbLTYxLCItIl0sWy02MiwiNTgiXSxbLTYzLCItIl0sWy02NCwiLSJdLFstNjUsIi0iXSxbLTY2LCItIl0sWy02NywiLSJdLFsiZGRiIiwiMCwxMCwwLDEsMSw0LDAsMCwwLDEsMCwwLDAsMCwzLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMiwwLDAsMSwyLDAsMCwwLDAsMCwxLDEsMiw2MywwLDI1LDAsMSwwLDAsMCwxLDEsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsMjU5XSxbImFibmNoIiwyNjBdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=3cB9crfilc&pto=2580&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1701195952.sPWTegLMg9jXz9PJ&suid=1.1701195952.IFZ2obft9oFgSP8r&tuid=1.1701195952.HoLoTz2neby3XHli&fbc=->m=WyJwYWdlX3ZpZXciXQ%3D%3D&it=53%2C2003%2C236&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab= HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Tue, 28 Nov 2023 18:25:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=3c3ab8ea00baf5b235b316eee32183be; Max-Age=29030400; Path=/; Expires=Tue, 29 Oct 2024 18:25:49 GMT; HttpOnly; Secure; SameSite=None
content-length: 1134
X-Firefox-Spdy: h2
44.212.189.233/is
200 OK 32 B IP
Certificate IssuerSectigo Limited
Subject44.212.189.233
Fingerprint22:CB:0C:58:DC:72:D7:0A:ED:D2:00:94:C4:93:F9:1A:08:49:49:CB
ValidityWed, 15 Feb 2023 00:00:00 GMT - Thu, 15 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f33f2b3ce3f94c2bf2b1e2b2b379311f
0dd5370122878bd8891f207f934b86cf9a50c6ae
7bf019a3e837945790019a1cc458df061438a4a2ea73ca8ca5b67442032a2ecc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /is HTTP/1.1
Host: 44.212.189.233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 28 Nov 2023 18:25:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1569
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=3c3ab8ea00baf5b235b316eee32183be
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:49 GMT
content-length: 0
X-Firefox-Spdy: h2
obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aefc63cef4e8e949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f674ad180d855246a4afe782555d13e8d60c4016206229507550a36065ecebd391a77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c284475540ca38c2f357e07a0fe1d7f8fa8f77c90b20d744b24aff5a0c09d72b6cfc248b5038e523865ceec86a7b376cccee879cf774a91bac3330751b0266cb6cd5036f08ba4299014e354e6d10ac84ed7dd3d916976c9c735d26691d1f4e1dcfde90b54893daaa9a83b5b36a0c126c1a648b7595443820b0fc79284d881a4c570866ad194f5d038ef767c27d26a3995d4df0e2bd3fc78ae02f198409a37f73d4e0b1a8c33bc2cd2cca973aeac3e8744a7c09c95278a596563f6591845554f3e9fec2cf40b94dc8964fda72aa6c27e89ccbfb032dce0bd11372dd9a7111089e5471556a6bfac7ba23a9ef641ece62aae61a1319553d408caa93cc7182ff8b393663f3c621f370a5c17a9e9e170c056f21c1a5123eab551de9f180dffb1dab3b96edcae849be2adf88d361835a12fccbf3914915f7758923a096366e47ab1771ec2eac06a8f69d22795d25aa7ba52cb2d4b287f742b70fcc8a6c9206911df411187d9cbbaaecb54059fb1b4789fca7165a08d6e630db393870373fe24ed27c343f12389509b9e01f2d15ffe89ca96c15568effc2937d332f7f1eff847d8356b4867c13f1a0fefb1558ef0069eccd9da5ece86842f1c771aef2fa104b647f2dc2b84381d641d66616dbe19ddd0215fb873d2f8b6669bdd47d2312ff30d6e75dc91917806b122aed74e8d153b561be07879cf&cri=3cB9crfilc&ts=518&cb=1701195953239
200 OK 43 B URL GET HTTP/2 obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aefc63cef4e8e949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f674ad180d855246a4afe782555d13e8d60c4016206229507550a36065ecebd391a77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c284475540ca38c2f357e07a0fe1d7f8fa8f77c90b20d744b24aff5a0c09d72b6cfc248b5038e523865ceec86a7b376cccee879cf774a91bac3330751b0266cb6cd5036f08ba4299014e354e6d10ac84ed7dd3d916976c9c735d26691d1f4e1dcfde90b54893daaa9a83b5b36a0c126c1a648b7595443820b0fc79284d881a4c570866ad194f5d038ef767c27d26a3995d4df0e2bd3fc78ae02f198409a37f73d4e0b1a8c33bc2cd2cca973aeac3e8744a7c09c95278a596563f6591845554f3e9fec2cf40b94dc8964fda72aa6c27e89ccbfb032dce0bd11372dd9a7111089e5471556a6bfac7ba23a9ef641ece62aae61a1319553d408caa93cc7182ff8b393663f3c621f370a5c17a9e9e170c056f21c1a5123eab551de9f180dffb1dab3b96edcae849be2adf88d361835a12fccbf3914915f7758923a096366e47ab1771ec2eac06a8f69d22795d25aa7ba52cb2d4b287f742b70fcc8a6c9206911df411187d9cbbaaecb54059fb1b4789fca7165a08d6e630db393870373fe24ed27c343f12389509b9e01f2d15ffe89ca96c15568effc2937d332f7f1eff847d8356b4867c13f1a0fefb1558ef0069eccd9da5ece86842f1c771aef2fa104b647f2dc2b84381d641d66616dbe19ddd0215fb873d2f8b6669bdd47d2312ff30d6e75dc91917806b122aed74e8d153b561be07879cf&cri=3cB9crfilc&ts=518&cb=1701195953239
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126aefc63cef4e8e949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f674ad180d855246a4afe782555d13e8d60c4016206229507550a36065ecebd391a77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c284475540ca38c2f357e07a0fe1d7f8fa8f77c90b20d744b24aff5a0c09d72b6cfc248b5038e523865ceec86a7b376cccee879cf774a91bac3330751b0266cb6cd5036f08ba4299014e354e6d10ac84ed7dd3d916976c9c735d26691d1f4e1dcfde90b54893daaa9a83b5b36a0c126c1a648b7595443820b0fc79284d881a4c570866ad194f5d038ef767c27d26a3995d4df0e2bd3fc78ae02f198409a37f73d4e0b1a8c33bc2cd2cca973aeac3e8744a7c09c95278a596563f6591845554f3e9fec2cf40b94dc8964fda72aa6c27e89ccbfb032dce0bd11372dd9a7111089e5471556a6bfac7ba23a9ef641ece62aae61a1319553d408caa93cc7182ff8b393663f3c621f370a5c17a9e9e170c056f21c1a5123eab551de9f180dffb1dab3b96edcae849be2adf88d361835a12fccbf3914915f7758923a096366e47ab1771ec2eac06a8f69d22795d25aa7ba52cb2d4b287f742b70fcc8a6c9206911df411187d9cbbaaecb54059fb1b4789fca7165a08d6e630db393870373fe24ed27c343f12389509b9e01f2d15ffe89ca96c15568effc2937d332f7f1eff847d8356b4867c13f1a0fefb1558ef0069eccd9da5ece86842f1c771aef2fa104b647f2dc2b84381d641d66616dbe19ddd0215fb873d2f8b6669bdd47d2312ff30d6e75dc91917806b122aed74e8d153b561be07879cf&cri=3cB9crfilc&ts=518&cb=1701195953239 HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=3c3ab8ea00baf5b235b316eee32183be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Tue, 28 Nov 2023 18:25:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/875517505/?random=1701195953220&cv=11&fst=1701195953220&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1683978660.1701195953&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL GET HTTP/3 www.google.com/pagead/1p-conversion/875517505/?random=1701195953220&cv=11&fst=1701195953220&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1683978660.1701195953&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
GET /pagead/1p-conversion/875517505/?random=1701195953220&cv=11&fst=1701195953220&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1683978660.1701195953&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 18:25:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/875517505/?random=1701195953220&cv=11&fst=1701195953220&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1683978660.1701195953&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bat.bing.com/bat.js
200 OK 13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F88F28FFA078482BB6C99B2B607B734D Ref B: OSL30EDGE0511 Ref C: 2023-11-28T18:25:49Z
date: Tue, 28 Nov 2023 18:25:49 GMT
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80679D3608F84211BE54DD1EAA18E0F2 Ref B: OSL30EDGE0511 Ref C: 2023-11-28T18:25:49Z
date: Tue, 28 Nov 2023 18:25:49 GMT
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=1368671803.1701195953>m=45je3b81v890340193&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1612811398
200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=1368671803.1701195953>m=45je3b81v890340193&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1612811398
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=1368671803.1701195953>m=45je3b81v890340193&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1612811398 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 18:25:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/875517505/?random=1701195953220&cv=11&fst=1701195953220&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1683978660.1701195953&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
200 OK 63 B URL GET HTTP/2 www.google.no/pagead/1p-conversion/875517505/?random=1701195953220&cv=11&fst=1701195953220&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1683978660.1701195953&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
GET /pagead/1p-conversion/875517505/?random=1701195953220&cv=11&fst=1701195953220&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww3.mtb.com%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1683978660.1701195953&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www3.mtb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 18:25:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195952230&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1368671803.1701195953&ul=en-us&sr=1280x1024&_s=1&sid=1701195953&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=g5wSwbi4kxsXPmjS&ep.channelmix_event_id=g5wSwbi4kxsXPmjS&ep.channelmix_conv_id=g5wSwbi4kxsXPmjS-g5wSwbi4kxsXPmjS&epn.channelmix_timestamp=1701195952246&tfd=3222
204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195952230&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1368671803.1701195953&ul=en-us&sr=1280x1024&_s=1&sid=1701195953&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=g5wSwbi4kxsXPmjS&ep.channelmix_event_id=g5wSwbi4kxsXPmjS&ep.channelmix_conv_id=g5wSwbi4kxsXPmjS-g5wSwbi4kxsXPmjS&epn.channelmix_timestamp=1701195952246&tfd=3222
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195952230&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1368671803.1701195953&ul=en-us&sr=1280x1024&_s=1&sid=1701195953&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=g5wSwbi4kxsXPmjS&ep.channelmix_event_id=g5wSwbi4kxsXPmjS&ep.channelmix_conv_id=g5wSwbi4kxsXPmjS-g5wSwbi4kxsXPmjS&epn.channelmix_timestamp=1701195952246&tfd=3222 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www3.mtb.com
date: Tue, 28 Nov 2023 18:25:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10087193.json
200 OK 2 B URL GET HTTP/2 s.yimg.com/wi/config/10087193.json
IP
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10087193.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: ZGH336KGKHDWBN9C
x-amz-id-2: qwADSEvzDWVmJ28TMetagonUylToDgXABdP5RddnhBCpPr4UYN38JdNfmi8jV6xs42D5vbDx+cM=
content-type: application/json
date: Tue, 28 Nov 2023 17:46:26 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 2365
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10108773.json
200 OK 2 B URL GET HTTP/2 s.yimg.com/wi/config/10108773.json
IP
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10108773.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: ADEYM2MQSMS70MTN
x-amz-id-2: vNKHJlEsGiXKUk+/e+pSimoUXR3h16GevAdLYGYs2TvNhtwXKoXhpVAaLYwgS2CMNI/CE/hei9s=
content-type: application/json
date: Tue, 28 Nov 2023 17:46:26 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 2364
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bat.bing.com/p/action/5564484.js
204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/5564484.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5564484.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4618CC2C9AD44CCAA53EF26C9D5ACFD3 Ref B: OSL30EDGE0511 Ref C: 2023-11-28T18:25:50Z
date: Tue, 28 Nov 2023 18:25:49 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/331000312.js
204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/331000312.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/331000312.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 342F679287DF4AB2A4CB6B21F9DCA9C8 Ref B: OSL30EDGE0511 Ref C: 2023-11-28T18:25:50Z
date: Tue, 28 Nov 2023 18:25:49 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5564484&Ver=2&mid=8f02753f-db35-4f98-987e-ba1edc8cb03b&sid=90b96a208e1b11ee88b943522a26dd8b&vid=90b98ad08e1b11eead05b1ec7b84e654&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fwww3.mtb.com%2F&sw=1280&sh=1024&sc=24&evt=custom&rn=360725
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=5564484&Ver=2&mid=8f02753f-db35-4f98-987e-ba1edc8cb03b&sid=90b96a208e1b11ee88b943522a26dd8b&vid=90b98ad08e1b11eead05b1ec7b84e654&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fwww3.mtb.com%2F&sw=1280&sh=1024&sc=24&evt=custom&rn=360725
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5564484&Ver=2&mid=8f02753f-db35-4f98-987e-ba1edc8cb03b&sid=90b96a208e1b11ee88b943522a26dd8b&vid=90b98ad08e1b11eead05b1ec7b84e654&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fwww3.mtb.com%2F&sw=1280&sh=1024&sc=24&evt=custom&rn=360725 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2B17BB3641FB64AD0BDBA8E1400E65E0; domain=.bing.com; expires=Sun, 22-Dec-2024 18:25:50 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 539C2380631E41378787152146BC619C Ref B: OSL30EDGE0511 Ref C: 2023-11-28T18:25:50Z
date: Tue, 28 Nov 2023 18:25:49 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=331000312&Ver=2&mid=5aedc0e4-aa3a-4463-8904-3154cce479ba&sid=90b96a208e1b11ee88b943522a26dd8b&vid=90b98ad08e1b11eead05b1ec7b84e654&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=1955&evt=pageLoad&sv=1&rn=627497
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=331000312&Ver=2&mid=5aedc0e4-aa3a-4463-8904-3154cce479ba&sid=90b96a208e1b11ee88b943522a26dd8b&vid=90b98ad08e1b11eead05b1ec7b84e654&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=1955&evt=pageLoad&sv=1&rn=627497
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=331000312&Ver=2&mid=5aedc0e4-aa3a-4463-8904-3154cce479ba&sid=90b96a208e1b11ee88b943522a26dd8b&vid=90b98ad08e1b11eead05b1ec7b84e654&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=1955&evt=pageLoad&sv=1&rn=627497 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=08FF493BF5EA64EA10535AECF41F65B7; domain=.bing.com; expires=Sun, 22-Dec-2024 18:25:50 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9AA2201F346748808810A4E90022CB71 Ref B: OSL30EDGE0511 Ref C: 2023-11-28T18:25:50Z
date: Tue, 28 Nov 2023 18:25:49 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5564484&Ver=2&mid=8f02753f-db35-4f98-987e-ba1edc8cb03b&sid=90b96a208e1b11ee88b943522a26dd8b&vid=90b98ad08e1b11eead05b1ec7b84e654&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=1955&evt=pageLoad&sv=1&rn=561280
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=5564484&Ver=2&mid=8f02753f-db35-4f98-987e-ba1edc8cb03b&sid=90b96a208e1b11ee88b943522a26dd8b&vid=90b98ad08e1b11eead05b1ec7b84e654&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=1955&evt=pageLoad&sv=1&rn=561280
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5564484&Ver=2&mid=8f02753f-db35-4f98-987e-ba1edc8cb03b&sid=90b96a208e1b11ee88b943522a26dd8b&vid=90b98ad08e1b11eead05b1ec7b84e654&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=<=1955&evt=pageLoad&sv=1&rn=561280 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=370243AD50246C561959507A51D16D9F; domain=.bing.com; expires=Sun, 22-Dec-2024 18:25:50 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F0D4D07C3C44483998C2D1642039971 Ref B: OSL30EDGE0511 Ref C: 2023-11-28T18:25:50Z
date: Tue, 28 Nov 2023 18:25:49 GMT
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2108
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=3c3ab8ea00baf5b235b316eee32183be
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:50 GMT
content-length: 0
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2113
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=3c3ab8ea00baf5b235b316eee32183be
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:50 GMT
content-length: 0
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1368671803.1701195953&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221368671803.1701195953%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221368671803.1701195953%22%2C%22mntnis%22%3A%22q3USJ5J54h7UhxIsqh5y0lXBd0P05yo7%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1368671803.1701195953&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195953%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=57356376801309380&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
200 OK 1.2 kB URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1368671803.1701195953&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221368671803.1701195953%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221368671803.1701195953%22%2C%22mntnis%22%3A%22q3USJ5J54h7UhxIsqh5y0lXBd0P05yo7%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1368671803.1701195953&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195953%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=57356376801309380&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
IP
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (2309)
Hash f7da6dde5981451784c3ab0cf97353ac
c0ea2e7b5aada371e801d1f93ce190b6ac919054
ac7175ed944689f91ee0d5646a7a9c4b272cef647ae95d16fe4e140ba25d6190
GET /st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1368671803.1701195953&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221368671803.1701195953%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221368671803.1701195953%22%2C%22mntnis%22%3A%22q3USJ5J54h7UhxIsqh5y0lXBd0P05yo7%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1368671803.1701195953&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195953%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=57356376801309380&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 28 Nov 2023 18:25:50 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=8eccedc7-8e1b-11ee-b195-99d3d810fb29;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
gs.mountain.com/gs
200 OK 144 B IP
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with no line terminators
Hash 575d8e5a79d39c5c3bbfed30ef8ff25d
4e8be3c320abb89646ec804ab429944385c5f799
a66381b6c384c11443ebdc8a4120a9d1b16fea2c37f26eb102439270b840160d
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: guid=8eccedc7-8e1b-11ee-b195-99d3d810fb29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 28 Nov 2023 18:25:51 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1368671803.1701195953&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221368671803.1701195953%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221368671803.1701195953%22%2C%22mntnis%22%3A%22q3USJ5J54h7UhxIsqh5y0lXBd0P05yo7%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1368671803.1701195953&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195953%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=170119595061249&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1701195951370
200 OK 450 B URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1368671803.1701195953&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221368671803.1701195953%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221368671803.1701195953%22%2C%22mntnis%22%3A%22q3USJ5J54h7UhxIsqh5y0lXBd0P05yo7%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1368671803.1701195953&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195953%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=170119595061249&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1701195951370
IP
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (1555), with no line terminators
Hash 29f2f007e70c723c5b62258cff989e33
1100616d25afae5c50685e8e9cef0e6742f5563d
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
GET /st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=1368671803.1701195953&shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%221368671803.1701195953%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221368671803.1701195953%22%2C%22mntnis%22%3A%22q3USJ5J54h7UhxIsqh5y0lXBd0P05yo7%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1368671803.1701195953&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221701195953%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fwww3.mtb.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=170119595061249&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1701195951370 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: guid=8eccedc7-8e1b-11ee-b195-99d3d810fb29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 28 Nov 2023 18:25:52 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=8eccedc7-8e1b-11ee-b195-99d3d810fb29;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 18
server: istio-envoy
connection: close
transfer-encoding: chunked
www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-help.svg
200 OK 931 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-help.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1143)
Hash 401f2aa30daca46465a48f007e42d17a
8a6a9a765897914c6889ed16d4370de277ed5745
82134ea271ca7ba724d3b891a4a71c6f610fe9f2bcd6f02c08a2eff0d6e71c69
GET /content/dam/mtb-web/images/icon-global-nav-help.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r; _gcl_au=1.1.1683978660.1701195953; _ga_ZTNQ6ZK8T0=GS1.1.1701195953.1.0.1701195953.60.0.0; _ga=GA1.1.1368671803.1701195953; _uetsid=90b96a208e1b11ee88b943522a26dd8b; _uetvid=90b98ad08e1b11eead05b1ec7b84e654
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 931
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 13:50:53 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:51 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "8bc-5f8fba9cfc940-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PdkBeIDNzMnfcKAYAdZVJXEygXu5n_idDVqmkoQlVyBooIdtqN00fg==
age: 999
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-locations.svg
200 OK 1.7 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-locations.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2805)
Hash 2d5e99addbd1e6dc95f20a44f98061f6
e29dd23e310eaddb731466e0f7a6431cd1bfdce8
b2493339703121b6a52253a56137030327c8b5925609f1c2226cf938be8894d3
GET /content/dam/mtb-web/images/icon-global-nav-locations.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r; _gcl_au=1.1.1683978660.1701195953; _ga_ZTNQ6ZK8T0=GS1.1.1701195953.1.0.1701195953.60.0.0; _ga=GA1.1.1368671803.1701195953; _uetsid=90b96a208e1b11ee88b943522a26dd8b; _uetvid=90b98ad08e1b11eead05b1ec7b84e654
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1674
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 13:50:53 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:51 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "fe6-5f8fba9cfc940-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IgMj93Zlbm3uJr30MQ9MhtXWQQapP1zmFmmbWVdNnuSJOpAtXaiFDw==
age: 999
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-hamburger-menu.svg
200 OK 636 B URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-hamburger-menu.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1198)
Hash baa94a4a3579b083238e95bb192e964b
448e73b3e57dfc5d9ee2fe2c5f6ea67fbd7f647c
93408940d1f3117f4684536d8efb0c77c24cd7806eb01b2127ce3925554f09cc
GET /content/dam/mtb-web/images/icon-global-nav-hamburger-menu.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r; _gcl_au=1.1.1683978660.1701195953; _ga_ZTNQ6ZK8T0=GS1.1.1701195953.1.0.1701195953.60.0.0; _ga=GA1.1.1368671803.1701195953; _uetsid=90b96a208e1b11ee88b943522a26dd8b; _uetvid=90b98ad08e1b11eead05b1ec7b84e654
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 636
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 13:50:53 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:51 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "5c1-5f8fba9cfc940-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TQyrLbnKWyemEPqOO32N62NEyBhvrM9Sj7YEThdiBZbmhdwd7WX8yg==
age: 1195
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-search.svg
200 OK 1.5 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/icon-global-nav-search.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2737)
Hash d22e8db2016665cdb32713eb29a3a62b
a37f1d9e9eb6d117b2e9b9c8aa4d2c2f2b217c55
9c49dac4667fa294a2dfcd63d4cd4080c9b33b41d1c818131669dfac46de2d1d
GET /content/dam/mtb-web/images/icon-global-nav-search.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r; _gcl_au=1.1.1683978660.1701195953; _ga_ZTNQ6ZK8T0=GS1.1.1701195953.1.0.1701195953.60.0.0; _ga=GA1.1.1368671803.1701195953; _uetsid=90b96a208e1b11ee88b943522a26dd8b; _uetvid=90b98ad08e1b11eead05b1ec7b84e654
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1535
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 13:50:53 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 18:25:51 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "e62-5f8fba9cfc940-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qbATWh7uQMyyQ2F2GqKJ-y6g6nEvtHhC6rwBEMlaDzdeFblriEhWcw==
age: 2650
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/deposit-checks.png
200 OK 5.2 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/deposit-checks.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 128 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 1314c26c1db30595deabc7e7ce73a143
e0697c410e75838981ec13d1f64d9885c58b95cf
ac2a3fad1df522eaebc212276131cec5eed994c3c8cf129707710430bb5246c0
GET /content/dam/mtb-web/images/personal-home-page/deposit-checks.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r; _gcl_au=1.1.1683978660.1701195953; _ga_ZTNQ6ZK8T0=GS1.1.1701195953.1.0.1701195953.60.0.0; _ga=GA1.1.1368671803.1701195953; _uetsid=90b96a208e1b11ee88b943522a26dd8b; _uetvid=90b98ad08e1b11eead05b1ec7b84e654
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5235
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:05:54 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=3600, no-cache="set-cookie"
date: Tue, 28 Nov 2023 18:00:24 GMT
etag: "1473-5a36fa2f1b480"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0pCKqzUTVZ6EUyVjhfuKIoBJZ8gutoSaA3I7jT5nZBVVpIuJnAlEtw==
age: 1528
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/track-your-spending.png
200 OK 9.4 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/track-your-spending.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 128 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ea62e1d82af2e27d7661b0c5f90b53b
104898133a8123f72a011673403815b7b94412c3
cab73fb1f71a5bfae2e952c05850d3092260d62737b8f25ee7519135fd1edbad
GET /content/dam/mtb-web/images/personal-home-page/track-your-spending.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r; _gcl_au=1.1.1683978660.1701195953; _ga_ZTNQ6ZK8T0=GS1.1.1701195953.1.0.1701195953.60.0.0; _ga=GA1.1.1368671803.1701195953; _uetsid=90b96a208e1b11ee88b943522a26dd8b; _uetvid=90b98ad08e1b11eead05b1ec7b84e654
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 9422
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:06:13 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=3600, no-cache="set-cookie"
date: Tue, 28 Nov 2023 18:00:24 GMT
etag: "24ce-5a36fa4139f40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z8LSAwD1kUNHEP6iKB_nK-vJoSodcv0mDF-eVxHcGRkuU4Ptr3rDvQ==
age: 1528
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/personal-home-page/android-ios.png
200 OK 7.4 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/personal-home-page/android-ios.png
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 128 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash eba33f328e6cecba4e9a123a8ccb6873
38bf3f58d9f61b1f9c903028b7b0b3cd527133f8
6ca07131dbacc8c13bb8995350caa65d0ae83e838e6b115086f8b4bfda1e73ee
GET /content/dam/mtb-web/images/personal-home-page/android-ios.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session; _cq_duid=1.1701195952.sPWTegLMg9jXz9PJ; _cq_suid=1.1701195952.IFZ2obft9oFgSP8r; _gcl_au=1.1.1683978660.1701195953; _ga_ZTNQ6ZK8T0=GS1.1.1701195953.1.0.1701195953.60.0.0; _ga=GA1.1.1368671803.1701195953; _uetsid=90b96a208e1b11ee88b943522a26dd8b; _uetvid=90b98ad08e1b11eead05b1ec7b84e654
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7379
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:05:56 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=3600, no-cache="set-cookie"
date: Tue, 28 Nov 2023 18:00:24 GMT
etag: "1cd3-5a36fa3103900"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g7fdjibB7rDaI-TCun4YQP9iqzt1jk6uQyZUV3cQ6ljCZwLXq3sDtg==
age: 1528
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2108
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=3c3ab8ea00baf5b235b316eee32183be
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:52 GMT
content-length: 0
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195957064&z=1&S=0&N=0&P=0
200 OK 93 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195957064&z=1&S=0&N=0&P=0
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 1cbec0172b316b61153acf6fb5b12cd2
113d3b3e7260da11469e56cea8f50249259e4c8f
32abae16420c72f9d5b6ca4e74244eed0e319cb95153f6fae79d2b9d5570d4d2
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195957064&z=1&S=0&N=0&P=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 780
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:53 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
content-encoding: gzip
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?s=a63d946b541bb0c3cdc2bff27f489dd5&H=e4c6808c5e428b286747cc85&Q=3
200 OK 50 B URL GET HTTP/2 mtb-app.quantummetric.com/?s=a63d946b541bb0c3cdc2bff27f489dd5&H=e4c6808c5e428b286747cc85&Q=3
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash fa187c75ef32c05e9bf58b4c16ecd58f
307ec2580f33ee9d227ab965f034a2192213147f
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
GET /?s=a63d946b541bb0c3cdc2bff27f489dd5&H=e4c6808c5e428b286747cc85&Q=3 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:53 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
content-encoding: gzip
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195958024&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&S=1229&N=7&P=1
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195958024&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&S=1229&N=7&P=1
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195958024&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&S=1229&N=7&P=1 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6800
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:54 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2108
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=3c3ab8ea00baf5b235b316eee32183be
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:54 GMT
content-length: 0
X-Firefox-Spdy: h2
rl.quantummetric.com/mtb/hash-check
200 OK 0 B URL OPTIONS HTTP/2 rl.quantummetric.com/mtb/hash-check
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /mtb/hash-check HTTP/1.1
Host: rl.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www3.mtb.com/
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 18:25:54 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: https://www3.mtb.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195952230&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1368671803.1701195953&ul=en-us&sr=1280x1024&_s=2&sid=1701195953&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=CQ&_ee=1&up.cq_category=malicious&tfd=8267
204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195952230&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1368671803.1701195953&ul=en-us&sr=1280x1024&_s=2&sid=1701195953&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=CQ&_ee=1&up.cq_category=malicious&tfd=8267
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1701195952230&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1368671803.1701195953&ul=en-us&sr=1280x1024&_s=2&sid=1701195953&sct=1&seg=0&dl=https%3A%2F%2Fwww3.mtb.com%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=CQ&_ee=1&up.cq_category=malicious&tfd=8267 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://www3.mtb.com
date: Tue, 28 Nov 2023 18:25:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rl.quantummetric.com/mtb/hash-check
200 OK 2 B URL OPTIONS HTTP/2 rl.quantummetric.com/mtb/hash-check
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /mtb/hash-check HTTP/1.1
Host: rl.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 226
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Nov 2023 18:25:54 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://www3.mtb.com
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: *
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195962064&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&S=30827&N=11&P=2
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195962064&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&S=30827&N=11&P=2
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195962064&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&S=30827&N=11&P=2 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 283
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:58 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195962198&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&Q=2&S=30181&N=1
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195962198&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&Q=2&S=30181&N=1
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195962198&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&Q=2&S=30181&N=1 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 283
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:58 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2111
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=3c3ab8ea00baf5b235b316eee32183be
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:25:59 GMT
content-length: 0
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195967065&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&S=31355&N=15&P=3
0 B URL mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195967065&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&S=31355&N=15&P=3
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195967065&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&S=31355&N=15&P=3 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 242
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:26:03 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195967201&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&Q=2&S=30696&N=2
0 B URL mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195967201&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&Q=2&S=30696&N=2
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195967201&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&Q=2&S=30696&N=2 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 256
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:26:03 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2111
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: cg_uuid=3c3ab8ea00baf5b235b316eee32183be
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www3.mtb.com
content-type: application/json
date: Tue, 28 Nov 2023 18:26:04 GMT
content-length: 0
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.214.js?utv=ut4.51.202311032118
200 OK 19 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.214.js?utv=ut4.51.202311032118
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3546)
Hash 44f250918a311d630ea570f556d2ad93
a8d849a101842f8a8a193a6c773cee716627dfb6
51d55bf1a4edbb8a3c1b4ac53501414c4f13b75b17390b997df4158c705a2bc3
GET /utag/mtbank/main/prod/utag.214.js?utv=ut4.51.202311032118 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:41 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: HAzDvZm40wLeQCnYirC8bSPhhHx5v75P
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"44f250918a311d630ea570f556d2ad93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: B2rXK-TAC3DOV0TT4kTL3cE8alO5bJE8DFYoGaZgkm8dE-jvIHDCFg==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.224.js?utv=ut4.51.202311152118
200 OK 11 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.224.js?utv=ut4.51.202311152118
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4277)
Hash 96fc5663c665ce5ac49b91da259ad6e2
40cd16916e6fd892fb163e65f541dd31ce6bef87
378802513d17c0ad7feba3c108bcc69656b021e0496697eb00f01150785902d9
GET /utag/mtbank/main/prod/utag.224.js?utv=ut4.51.202311152118 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:47 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: tl4wyRki75pZwKiOPr1xqbUx_7qFHOwH
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"96fc5663c665ce5ac49b91da259ad6e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nys0wqZMT6FFUEz7ooTSpm-ztfYa5SFPF8tTNywu9Ox2Lq8wIrIKxQ==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gria3ltb567p
200 OK 61 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gria3ltb567p
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52570)
Hash 65128322d55adeb6b43fbf606c743b37
24a0e11d3ded70f94c9979e4de212e3d2d382818
f023e036ecda8738110303b1ac651ccd91e5316e471c73edb18bd9445cca23bf
GET /recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gria3ltb567p HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Nov 2023 18:25:48 GMT
content-security-policy: script-src 'nonce-6foth6lpHdgfXZjsykmUdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/vendor.js
200 OK 242 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/vendor.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
Size 242 kB (242353 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etc.clientlibs/axp-common/clientlibs/vendor.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
cache-control: max-age=3600, public, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Tue, 28 Nov 2023 17:33:22 GMT
etag: "3b2b1-5f7e77317d100-gzip"
last-modified: Mon, 27 Mar 2023 20:18:44 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BrYZrCKQ5wCY97PGCjet10kCzdONaEstgOzmgQpaGLgWoZu2ryDHjw==
age: 3145
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195957741&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&U=3bdb2857fb83c494ff715c0ba6248ab9&z=1&Q=2&S=0&N=0
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195957741&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&U=3bdb2857fb83c494ff715c0ba6248ab9&z=1&Q=2&S=0&N=0
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195957741&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&U=3bdb2857fb83c494ff715c0ba6248ab9&z=1&Q=2&S=0&N=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7195
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:53 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.41.js?utv=ut4.51.202309082106
200 OK 26 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.41.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (9524)
Hash b181e169dcc14ae08a0cc3712d909661
e0b8c520c2cef056482ae45b5f3b78743a409e85
30427c6100181f0b280c743b43991f39692b204418fb3f9591b2d6b94a4a4a1e
GET /utag/mtbank/main/prod/utag.41.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:48 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: i3jOAutcZEWYBud91BzatvV1RKYIxBkX
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"b181e169dcc14ae08a0cc3712d909661"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gn9n_XSrr10Z0y3EZ0MTK0iRggoXJNL2Xft9aA7x-5dfms3Q9xhMsg==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
200 OK 18 kB IP
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (18187), with no line terminators
Hash 5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: gjFIKYp5PLE7G9yf3dnFdWTIYz/UfAURAM2mRRL2Zy+N2a8DR4nTeClVZDkY99Bfs+pBE8E9sAI=
x-amz-request-id: GWW3RT7DT5YMGZKR
date: Tue, 28 Nov 2023 18:01:31 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1459
content-encoding: gzip
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.44.js?utv=ut4.51.202309082106
200 OK 12 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.44.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (2654)
Hash ead3e7e93f2a00859e53e8af518a769c
05f4b12fcb30ee7a9c91912991dd7fdab50b4ad9
a815f07309f546ec2efbfda07db85255a033a85fc3405aabb2b89198b24f3261
GET /utag/mtbank/main/prod/utag.44.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:31 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: rDyVnqJ2rimcpCPPzyp6QK6_NpTTAwBU
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"ead3e7e93f2a00859e53e8af518a769c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xKR5dGoUnJCjMcCvzfuh0Yv-5NFmOB0DB-xy2VRPwpwvbmBc97ggvg==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-875517505
200 OK 207 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-875517505
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Size 207 kB (206563 bytes)
Hash 1666d2ffd8a51c57a311c755cec274e5
3fa43a008cc12f3d0746e85f931efac6be5ae46d
6a370f4fc70482140797afe323d873e85978654c7ebc6cd53254e947faf4587f
GET /gtag/js?id=AW-875517505 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 18:25:48 GMT
expires: Tue, 28 Nov 2023 18:25:48 GMT
cache-control: private, max-age=900
last-modified: Tue, 28 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74359
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.199.js?utv=ut4.51.202209122156
200 OK 1.8 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.199.js?utv=ut4.51.202209122156
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1861), with no line terminators
Hash ca258e25c943bcef3dfd41645822d4ad
e54e2ac4f7a57bbef6ff9edb7e407fef59ce77d2
5fd992c797f3409de143f4e684faf01e21bfb70f3320bfcc5ea273e1de39f802
GET /utag/mtbank/main/prod/utag.199.js?utv=ut4.51.202209122156 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:38 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 39ee5QVEo8WXmjVJ8sKmTOfp_xfmNwjF
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"ccd5e6b310aaffc4c01db119fd655d49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ho5R8oYAwHfl9Ta1kZ-5000CYu1QqffOsWYoHS9t0jphCpU3G9pz5g==
age: 74
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
200 OK 401 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
Size 401 kB (400917 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 20:48:52 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:56 GMT
cache-control: max-age=3600, public, no-cache="set-cookie"
etag: "61e15-5e29c47dd1500-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FIVs-2Yiu0FaPNa19BtYmJbEOa9NNUN0imq_iTf8sBEQCMoeRxo2Mg==
age: 2158
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.51.202006232100
200 OK 9.9 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.51.202006232100
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (10217), with no line terminators
Hash 1b0d49e8d1448a4a2c5363189d971145
6409af5ec18d74a1a0a77d7c5a208195cd370329
aacf6b00ccea07b663029bd57560c2e51733fe268a563c6a03c80ce5efa9e023
GET /utag/mtbank/main/prod/utag.43.js?utv=ut4.51.202006232100 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:47 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Gc30cLD0QVQgwn9rZ__OCClFW.C6_LEZ
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"2f0f67f4d7267d8569ee7b51d527f5d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fFVwzcc5inzHFEQ-QWE8TDC1EUuDcvzZ8ud4NZMaMuUv04dcLW5FFA==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
200 OK 102 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gria3ltb567p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with no line terminators
Hash b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gria3ltb567p
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Nov 2023 18:25:48 GMT
date: Tue, 28 Nov 2023 18:25:48 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tags.tiqcdn.com/utag/mtbank/main/prod/utag.210.js?utv=ut4.51.202308231951
200 OK 4.7 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.210.js?utv=ut4.51.202308231951
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4953), with no line terminators
Hash 233c4e53246b29b19005f3207f5b2bca
90fa3a1108eb881985eecaf9f614e17f66efebe2
fcd881080f534c9bf1e7db9804d916b29b7dcf80603f57c2ae7ffcfeaf76cc5e
GET /utag/mtbank/main/prod/utag.210.js?utv=ut4.51.202308231951 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:45 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: VImDRX.P39UMgeHdx6ognuc_OknWoUZ2
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"fc8dd498b52d8d3cf99c905c4c449ab5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o136Sdis6iPXiKNMzIoxeTqOXsTarM0ro28nuPQe_t3g1pfZSkQkBA==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.215.js?utv=ut4.51.202304242124
200 OK 3.8 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.215.js?utv=ut4.51.202304242124
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3990), with no line terminators
Hash 11fd4f9c90ab9f30a578942551c9b1a8
8e8783bd18714ddd391a04189c6b5188660ae50b
ce6cd62b048f7ebba755c96b72b3ef06fa013ebebb108c7dd94d2fac984f0b87
GET /utag/mtbank/main/prod/utag.215.js?utv=ut4.51.202304242124 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ipH536GzoWmjvH35gdflz4_i49EYShJ.
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"6036d70643e670da4933ca0ef7ab8430"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JGHwBhZfRfK2OSSPwg7rQUKB4tpUozR070yHsfBfoYe811I-NTTXvA==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=57356376801309380
200 OK 30 kB URL GET HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=57356376801309380
IP
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (2516)
Hash 86b6e342837c9ecb5e97ec20313c3456
6e899b2c0fd75c2b1502bff98246d6a38ecfa523
114a3e9a4250c50f3e4dcc2604fc10f621b8cf0b98c4d215609caf5830d4c988
GET /spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fwww3.mtb.com%2F&cb=57356376801309380 HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Tue, 28 Nov 2023 18:25:47 GMT
x-envoy-upstream-service-time: 4
be: spx-prod
server: istio-envoy
transfer-encoding: chunked
tags.tiqcdn.com/utag/mtbank/main/prod/utag.76.js?utv=ut4.51.202309082106
200 OK 12 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.76.js?utv=ut4.51.202309082106
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1502)
Hash 116437dbfe2383c9f0cf62cad204af21
745a7e9d6ac335d60d21f853b11ff3c00f98082f
261d059a35cc207797574845f5ab6108985221618e7a3a2fb2ae959876aa1c6f
GET /utag/mtbank/main/prod/utag.76.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: TDkqzZwAqhrRhvbVciQ1HzbNX5W6oHLG
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"116437dbfe2383c9f0cf62cad204af21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CBdn1mYMzJ-yiIv_OXaW7o615Q5I7sBfB3u7zunHTPSiqtHKFAHN3Q==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
200 OK 64 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 64318
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 15 Oct 2020 22:08:15 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: "fb3e-5b1bce27771c0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SSDme20KZaLEg5noxtG3C11PMyBibxWlHSN2zHom8tg3BPx4I-ql_g==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly93d3czLm10Yi5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gria3ltb567p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:26:09 GMT
expires: Fri, 22 Nov 2024 23:26:09 GMT
cache-control: public, max-age=31536000
age: 413979
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.42.js?utv=ut4.51.202106282113
200 OK 4.0 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.42.js?utv=ut4.51.202106282113
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4158), with no line terminators
Hash 02c15fd08cefcb82a3f8890f08a0726b
8697e18a000b237c32db530b3d45790362b8f7a3
98748010fab38114c7f61227b556ab2004afcdfed9226569992654bca791ad63
GET /utag/mtbank/main/prod/utag.42.js?utv=ut4.51.202106282113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:35 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: WiraxjljFhTG49GlHjiqidFB6Ot7qVYl
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"5f85233eee038f754ba6a18b664cc7a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: N0KV3Lx8SpPAO3aig6Ne9vbPt3QBbUj-BIyLeHhXvD-u9NCCXXxweA==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195957604&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&Q=1&Y=1&X=d0fe41d6987844304d7c3584ccf20c21
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195957604&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&Q=1&Y=1&X=d0fe41d6987844304d7c3584ccf20c21
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fwww3.mtb.com%2F&t=1701195956350&v=1701195957604&H=e4c6808c5e428b286747cc85&s=a63d946b541bb0c3cdc2bff27f489dd5&z=1&Q=1&Y=1&X=d0fe41d6987844304d7c3584ccf20c21 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 42429
Origin: https://www3.mtb.com
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 18:25:53 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://www3.mtb.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
200 OK 18 kB IP
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (18187), with no line terminators
Hash 5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: gjFIKYp5PLE7G9yf3dnFdWTIYz/UfAURAM2mRRL2Zy+N2a8DR4nTeClVZDkY99Bfs+pBE8E9sAI=
x-amz-request-id: GWW3RT7DT5YMGZKR
date: Tue, 28 Nov 2023 18:01:31 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1459
content-encoding: gzip
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.47.js?utv=ut4.51.202106282113
200 OK 4.0 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.47.js?utv=ut4.51.202106282113
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4158), with no line terminators
Hash d7bd8440d774ee5496281ddd6fed96a8
a8deba43434065d26114f9eedc2a551036c6ab04
c0eff4095cd1fc9f00ffdae12244f9485afbcc526ae5e865de9b4e61b9075b0b
GET /utag/mtbank/main/prod/utag.47.js?utv=ut4.51.202106282113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _WiZ8H3xjRwaJ0aIi23JsMDWqZ3fi_K7
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"b73a711ac493f9b5876470d80db7b924"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kRxxg2QgD4jJJaC1h1r_50jK2mjDNY_XMCY6JCqGxYnQA6WdF1yjCw==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.190.js?utv=ut4.51.202309150258
200 OK 12 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.190.js?utv=ut4.51.202309150258
IP
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1502)
Hash 3fa84955656e038fa0b29a7071e11b9e
48552b5d7a15756e32ed2622cfa8d9a20e8b9020
0aa52826692f5659c775d5a7a1ee4a8fccc272326d3cae7f820509811db5de05
GET /utag/mtbank/main/prod/utag.190.js?utv=ut4.51.202309150258 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:48 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: dTP5TtuQtzCD2AD7pP8rNLaWik0JHZgL
server: AmazonS3
content-encoding: br
date: Tue, 28 Nov 2023 18:25:48 GMT
etag: W/"3fa84955656e038fa0b29a7071e11b9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7nxTYBRMfSKUsw_jwuxBcGRhR24RTmGU8kVugE_Hw53o8Sl8Pb1ulA==
age: 210
cache-control: max-age=1296000
X-Firefox-Spdy: h2
cdn.quantummetric.com/qscripts/quantum-mtb.js
200 OK 404 kB URL GET HTTP/2 cdn.quantummetric.com/qscripts/quantum-mtb.js
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:54:0B:41:47:C2:B6:ED:76:B2:16:87:F5:14:21:47:F1:E0:64:E3
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3803)
Size 404 kB (404344 bytes)
Hash dfb7be420c62b9970d01395f96b3d9fd
cf8256b64c9e2d88d509ade7f6dcec0fb81bc873
b7e44dcb6cf3157060913c8d41b6648d30c87d41dc122a4c51ecc45eda8adf5a
GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 18:25:49 GMT
content-type: text/javascript
vary: Accept-Encoding
etag: W/"170104804954216986872405791691740804464"
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: no-sniff
strict-transport-security: max-age=31536000
x-robots-tag: noindex
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 82d4a7d51dff56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/images/spanish/es-language-icon.svg
200 OK 1.9 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/images/spanish/es-language-icon.svg
IP
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (2058), with no line terminators
Hash bd522382275bd00b81b9d69e5ece3712
343d5a27e90a8c295b7183be4b330ecf41173d9a
27da06141b3a2bc4373a1f3a11232405885ef733b57b7557cd13b68124d9e469
GET /content/dam/mtb-web/images/spanish/es-language-icon.svg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Cookie: at_check=true; mbox=session#c710424e0b5042348b917f71cca0983a#1701197812; utag_main__sn=1; utag_main__se=1%3Bexp-session; utag_main__ss=1%3Bexp-session; utag_main__st=1701197751941%3Bexp-session; utag_main_ses_id=1701195951941%3Bexp-session; utag_main__pn=1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 676
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 13:15:46 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 28 Nov 2023 17:56:57 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "75c-5cc1c9cd66480-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EndBrjcEcXks7OFC3eB4gJLUNk9WEG6bJ-uaPRRg5UbFsolSRn4q1Q==
age: 1826
X-Firefox-Spdy: h2
104.22.33.86
216.239.32.36
188.125.94.206
193.109.85.238