cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
200 OK 28 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:38:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 27990
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "63091225-6d56"
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1018401
expires: Fri, 08 Nov 2024 07:38:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwNmPJYzF45zIkYaKJmfslsgUVdxFZ5uV0GU45FsVydGUTpKIjdg2wCqxWEoQX%2FV%2BtFRlFOgPNMCMTX9oj8pSXd8labycnK%2BZyrdttG7GlAg50rHs2kzS7sixEpKlmWPhQOVUixy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8286cbf34bed569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@emailjs/browser@3/dist/email.min.js
200 OK 13 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/@emailjs/browser@3/dist/email.min.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type Unicode text, UTF-8 text, with very long lines (34825), with no line terminators
Hash b0d6d9ccfe6dcadab54aa934fd82799f
436bde33885f97c2fe06c0bb3220e326a0834e16
a0ab02baf40775e37b6a44b568430e5a9b75eebf963bdf0f4406f7a19adb9fe5
GET /npm/@emailjs/browser@3/dist/email.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.11.0
x-jsd-version-type: version
etag: W/"880a-Q2veM4hfl8L+BsC7MiDjJqCDThY"
content-encoding: br
accept-ranges: bytes
date: Sun, 19 Nov 2023 07:38:58 GMT
age: 27505
x-served-by: cache-fra-etou8220085-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13337
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js
200 OK 2.6 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (348), with CRLF line terminators
Hash a785ae3de97a97fc6ba11041c9dba58f
c17d0e86cd838e9e548b65b6fe4df02a27fa56da
e607f1bf6289a92939620798cea2c6df4696d6b8d374b9bc5e11c7fd114643e5
GET /content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 2594
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Sun, 19 Nov 2023 07:38:34 GMT
last-modified: Thu, 16 Nov 2023 15:54:02 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "5646-60a4707517a80-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JJg1mj1j84mRuw1cL67MVs7agqkSzHnLepL5vrRSX_-gjdEnC9VDhw==
age: 24
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
200 OK 58 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type ASCII text, with very long lines (1334)
Hash 7475228b6f7589022e5b32e35e6ab1c1
0b42a9681bf83a3fc5cc2a4679f1610fc22a5a0e
8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.css HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css;charset=utf-8
content-length: 57814
accept-ranges: bytes
cache-control: max-age=3600, public, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Sun, 19 Nov 2023 06:47:17 GMT
last-modified: Mon, 27 Mar 2023 20:18:46 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "6a323-5f7e773365580-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qLh2cTy5Mucg8YvwD-mFEzStWSQfHPb8ClXCSIVS1ZA4FertHsZhSg==
age: 3101
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/status.js
200 OK 4.4 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/status.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Unicode text, UTF-8 text, with very long lines (457), with CRLF line terminators
Hash 80965724d8ffd17a06b69c110717291a
17a63fa278636a052476817549554f1e88e517eb
4b01cc862c3b0bbd0aa2c42f7f4dcfd9e0136b26d1028b93466b3bbde6fbc8b8
GET /content/dam/mtb-web/scripts/status.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 4428
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Sun, 19 Nov 2023 07:38:34 GMT
last-modified: Thu, 09 Nov 2023 15:25:14 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "38c8-609b9cf6eaa80-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kzo4epl5dFRzmila-3d-lpnfsuypVdh6crWWcsb8GsyA-Fkh9upVNg==
age: 24
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/coupon/equal-housing-lender-logo.png
200 OK 1.5 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/coupon/equal-housing-lender-logo.png
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 23 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash df5acca843cd10a9f0b683403207812f
40e3af1ed5c19e8caf85eb9d5a11c92e1e7ed624
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3
GET /content/dam/mtb-web/coupon/equal-housing-lender-logo.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1509
accept-ranges: bytes
content-disposition: inline
last-modified: Wed, 31 Mar 2021 12:58:53 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=3600, no-cache="set-cookie"
date: Sun, 19 Nov 2023 07:35:37 GMT
etag: "5e5-5bed4ad46dd40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mALxSt2PLAFx3PsonbykwgVsGu1XhqHScsVehpBI4HUvCBb6oQghHA==
age: 201
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/logos/white%20logo.png
200 OK 4.9 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/logos/white%20logo.png
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type PNG image data, 174 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash c0147602bcf486443b17ad6f3e31b2af
5b1b036726ede6f2186c0e85ad1a201f560ecd64
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
GET /content/dam/mtb-web/logos/white%20logo.png HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4936
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:07:44 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=3600, no-cache="set-cookie"
date: Sun, 19 Nov 2023 07:35:38 GMT
etag: "1348-5a36fa9802c00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NnLpg_DV24X5bDzkzqkdV5I0UiPjEpEVuXmhdCvV0pGtuY8--Ovkhw==
age: 200
X-Firefox-Spdy: h2
ocsp.entrust.net/
1.6 kB IP
Hash 8e1b897d22848a9c786bfa0beccf1294
08cc5b8439792d99c0dca57bd9a1fe8bfcfee6dc
72da7a0060b182b111b3f27eb76cc05a339140b8b5b27cd02a4d7d118b2f481d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "72DA7A0060B182B111B3F27EB76CC05A339140B8B5B27CD02A4D7D118B2F481D"
Last-Modified: Sun, 19 Nov 2023 00:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Sun, 19 Nov 2023 08:38:58 GMT
Date: Sun, 19 Nov 2023 07:38:58 GMT
Connection: keep-alive
ocsp.entrust.net/
1.6 kB IP
Hash 8e1b897d22848a9c786bfa0beccf1294
08cc5b8439792d99c0dca57bd9a1fe8bfcfee6dc
72da7a0060b182b111b3f27eb76cc05a339140b8b5b27cd02a4d7d118b2f481d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "72DA7A0060B182B111B3F27EB76CC05A339140B8B5B27CD02A4D7D118B2F481D"
Last-Modified: Sun, 19 Nov 2023 00:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3565
Expires: Sun, 19 Nov 2023 08:38:23 GMT
Date: Sun, 19 Nov 2023 07:38:58 GMT
Connection: keep-alive
www3.mtb.com/content/dam/mtb-web/scripts/axp.js
200 OK 1.2 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/axp.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type ASCII text, with CRLF line terminators
Hash 9f8789c1d686164ef99ff3a2cda2f581
7a3152623ee2e0348ef74588419df39f2b5afbb3
74b2301f83da81152130c5ada202f02c790977b4fe669ed0b6c0b59ffba63174
GET /content/dam/mtb-web/scripts/axp.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 1195
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Wed, 01 Jun 2022 22:08:06 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Sun, 19 Nov 2023 07:38:58 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "cc5-5e06a1faadd80-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yGsUQltDzRssGCVT-_94jWEuP4yDonoYyVqwIrBQeQ_taIRwyLH9PQ==
age: 2851
X-Firefox-Spdy: h2
ocsp.entrust.net/
1.6 kB IP
Hash b3b4e904da9e9fcbbced0d0301c10f21
1d602a58d9324bee20798c11d08d9f2250f001ed
4ffab5628d10829b457def3f7136290b9f302824813af148045e586963a342ef
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4FFAB5628D10829B457DEF3F7136290B9F302824813AF148045E586963A342EF"
Last-Modified: Sat, 18 Nov 2023 19:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3575
Expires: Sun, 19 Nov 2023 08:38:34 GMT
Date: Sun, 19 Nov 2023 07:38:59 GMT
Connection: keep-alive
onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
200 OK 174 kB URL GET HTTP/1.1 onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectonlinebanking.mtb.com
FingerprintC5:4A:96:19:43:F5:29:76:B1:31:A8:96:16:69:89:CB:0B:5B:3C:35
ValidityTue, 01 Aug 2023 19:28:13 GMT - Thu, 01 Aug 2024 19:28:12 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 174 kB (174189 bytes)
Hash a50c219dc110150cc8a9e09576bbfff6
7f5d02d2c7850254cfc0093fc6fecd5268fb4787
986805453edcd61a44dbcc121e015bf018979be35ec0f5621dd33785a2150ea2
GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 19 Nov 2023 07:38:59 GMT
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
X-Ion-Hop: 1
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Set-Cookie: e9LegkvD=AxC3hOaLAQAAWbJ02SNq0t2s9O1Vjesk0YRiOK9hMf8FhKF3EwtcLPv93hl6AVtaKpqcuNk0wH8AADQwAAAAAA|1|0|f4c6940f5199a1ee0c1aae717e339e55de345171; Path=/; Max-Age=1577847600; Domain=mtb.com
TS01e71088=01fb46a92686ae5d17195aca456c603739a4739527cd1ed21b09e4381d9934e3f9e3d10bd481814b11cea899a76b0e7afb0528012d; Path=/; Domain=.onlinebanking.mtb.com
TS01ea4191=01fb46a92686ae5d17195aca456c603739a4739527cd1ed21b09e4381d9934e3f9e3d10bd481814b11cea899a76b0e7afb0528012d; path=/; domain=mtb.com
TSba0bc889027=0856addebbab2000e4f86c5d5c521aac834b627749fb9d877a657425f39a00555933a06414e19bbe08443712f0113000e0d17d7acd7f480cd451d1c12a85ec1e8f69027aeb2703eda02429a6eb49ef35e0079bc71a154607178151f856b0a59d; Path=/
Transfer-Encoding: chunked
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
200 OK 164 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type gzip compressed data, from Unix\012- data
Size 164 kB (164426 bytes)
Hash 8b82517eb2715bc072f0e6eae1a6cce1
1a6a58b4fcc31149a9d41d20d18d3971dc81ac28
2e76fb58e2d2220368bffcf28dc259ed0e98408643b641d673f9af0778cd898b
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
cache-control: max-age=3600, public, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Sun, 19 Nov 2023 06:59:06 GMT
last-modified: Wed, 29 Jun 2022 20:38:00 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "61e15-5e29c21005a00-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: H_4TCKUZqyb7lcujDBT0TjpmcjyePSTCHoaYEKjMAPSAPfrQYvw9eg==
age: 2392
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
200 OK 66 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Hash 2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 66170
accept-ranges: bytes
cache-control: max-age=86400, public, no-cache="set-cookie"
content-disposition: inline
date: Sun, 19 Nov 2023 07:35:34 GMT
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "1027a-59d634f851c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eENC4pglR29ZEzTJUnXh_1PY0RMbgou09XNJTtlM9jWuK3C68NfotQ==
age: 206
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
200 OK 66 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Hash 2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 66170
accept-ranges: bytes
cache-control: max-age=86400, public, no-cache="set-cookie"
content-disposition: inline
date: Sun, 19 Nov 2023 06:45:47 GMT
etag: "1027a-5b1bce27771c0"
last-modified: Thu, 15 Oct 2020 22:08:15 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G7beDLeT1pJWzZsVUmESl2DIwslNSyT3JOp8viDXpVeRCoX0HxkcfQ==
age: 3193
X-Firefox-Spdy: h2
locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg
200 OK 568 B URL GET HTTP/2 locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerCloudflare, Inc.
Subjectlocations.mtb.com
Fingerprint93:94:05:5F:EA:BD:EB:D9:FE:B6:18:E6:F4:63:6A:75:86:AF:23:58
ValidityTue, 04 Jul 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (564)
Hash 050cee664fbeeeea1650f8360bc400ef
fe070df941112d32054071450ae57a8045c02b55
03cc12570299da2da582ed1f055f77f31f7d77899f1ada7ced1dfeea50068298
GET /permanent-b0b701/assets/images/chevron_down.8adc6731.svg HTTP/1.1
Host: locations.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:39:00 GMT
content-type: image/svg+xml
content-length: 568
cache-control: max-age=31536000
content-encoding: gzip
etag: "050cee664fbeeeea1650f8360bc400ef"-gzip
last-modified: Fri, 27 Aug 2021 20:52:43 GMT
owner: sitescog-19087
strict-transport-security: max-age=31536000; includeSubDomains
surrogate-key: locations.mtb.com locations.mtb.com%2Fpermanent-b0b701%2Fassets%2Fimages%2Fchevron_down.8adc6731.svg
vary: Accept-Encoding
x-amz-id-2: lwFtwS3Io9oQ4ANo+Y+5Ahi8CWT9TC9NVq7tktIkZpM5fRbPLKVmATp/W/+SU+2VvGHoYxc67vI=
x-amz-request-id: G962VVBQNA883E1P
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-yext-site: us2
x-yext-subendpoint: static
cf-cache-status: HIT
age: 46562
accept-ranges: bytes
set-cookie: __cf_bm=KyfyI.WMVCGW2APqJTPoRP_UxomT5NBIFXN89tDc_II-1700379540-0-AW6EpATpdkj4IcZBpGA074GD4JMpVuiJqqyn9W0zqIuj8qZrxgEyk+xq0TovPiSQMfK6FRGKNcmu16NGLJtRCU4=; path=/; expires=Sun, 19-Nov-23 08:09:00 GMT; domain=.locations.mtb.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8286cc00fd9a56c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/logos/Login-Minimal-Modal-Background.jpg
200 OK 28 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/logos/Login-Minimal-Modal-Background.jpg
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=Adobe Photoshop CC 2019 Macintosh\012- GLS_BINARY_LSB_FIRST DIY-Thermocam raw data\012- (Lepton 2.x), scale -10784--4818, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 2011659602231296.000000], baseline, precision 8, 721x900, components 3\012- data
Hash abb950c3fbe4bd1d1b08ce5f223f368c
d20f2fa4c966000c6b19c59a17352a1abb41075c
60f064cd48214cb73f54404a2eda28d731f49bf853509d47da070174784e11b9
GET /content/dam/mtb-web/logos/Login-Minimal-Modal-Background.jpg HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 27608
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 16 Apr 2020 22:07:43 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=3600, no-cache="set-cookie"
date: Sun, 19 Nov 2023 07:39:00 GMT
etag: "6bd8-5a36fa970e9c0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f81qHwgAcpcSDGYPnfZ4DKzMfZ4SnYHbUzEb4QbFZlAAug8hdb6s6A==
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
200 OK 64 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 64318
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Sun, 19 Nov 2023 07:39:00 GMT
etag: "fb3e-59d634f851c40"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6zxYBdy-2TYcYpwc-7eu0PAPohPgMAHw76BQe7LIxkHlALtAA70TMg==
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
200 OK 64 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 64318
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 15 Oct 2020 22:08:15 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
cache-control: max-age=86400, public, no-cache="set-cookie"
date: Sun, 19 Nov 2023 06:45:47 GMT
etag: "fb3e-5b1bce27771c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tGlMkazeAqGrrhjxyraeXaU-xTF5a7r64x6psofHy55hjolRZOkTCg==
age: 3193
X-Firefox-Spdy: h2
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
200 OK 926 B URL POST HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.us.v2.we-stats.com
Fingerprint92:3F:49:C7:68:63:84:E4:9C:88:00:7F:F5:BD:A6:40:37:54:9C:9A
ValidityThu, 29 Jun 2023 18:52:04 GMT - Tue, 30 Jul 2024 18:52:04 GMT
File type JSON data\012- , ASCII text, with very long lines (926), with no line terminators
Hash af7d3f311bf8a3c0e202d2d9ab15c04d
89e642252866959524a2904c734976a4a89a8f55
950ce19c1b1243242eb976cbb084939f4b81a03e5a19efd211ea8a92129b3a28
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 926
date: Sun, 19 Nov 2023 07:39:00 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: cb3e0964-c026-4af2-a24e-eb26e7a8dc3e
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js
200 OK 37 kB URL GET HTTP/2 ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subject*.segreencolumn.com
FingerprintAC:2F:0B:8B:11:5D:70:82:2B:2D:B6:76:B7:AF:79:45:9F:20:E1:AD
ValidityTue, 18 Jul 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 10458c8d29a0bbf087affa9e21951a55
215f17d606ff12272fd20fb77fa0f6c0af01c3ee
2c603d1edfac89808ddaefca1d7f925e5c03ac7d9a254e20bcb8bf900e6257ed
GET /i/8032d93d154e4517e5e5e20fa9c27d7b.js HTTP/1.1
Host: ob.segreencolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 37259
content-encoding: gzip
server: Caddy
date: Sat, 18 Nov 2023 20:17:55 GMT
cache-control: max-age=43200
expires: Sun, 19 Nov 2023 08:14:37 GMT
etag: "18e53-IV8X1gb/Eicv0g+3f6D2wK8Bw+4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9qPdzTy2zJ_ngGLZn5fCSSM0uFyR3PSqZaBHZrbNRrHUVsqWlomCEg==
age: 41064
X-Firefox-Spdy: h2
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
200 OK 730 B URL POST HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.us.v2.we-stats.com
Fingerprint92:3F:49:C7:68:63:84:E4:9C:88:00:7F:F5:BD:A6:40:37:54:9C:9A
ValidityThu, 29 Jun 2023 18:52:04 GMT - Tue, 30 Jul 2024 18:52:04 GMT
File type JSON data\012- , ASCII text, with very long lines (730), with no line terminators
Hash c68b253a95b2c529f3d503197ec5fb8b
50541edc11819b6f7fae56e3f18fa39b338c18ca
bd120647fbd2e5fac8b68c9abbb071913c821ada9fb4c54e87005721fa7e8bea
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: text/plain;charset=UTF-8
Content-Length: 937
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 730
date: Sun, 19 Nov 2023 07:39:00 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 540af658-bce0-425c-ad05-50f21c90379c
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-875517505
200 OK 74 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-875517505
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash b63c283af5cf79aeb981446941a0fe71
910f9b53c79e6efc25560121b18d7ba21935d24a
d3b8a3fe66e2187de32ff0efe97d02a9053ba34e238e3c36d7d3eb7ee7b5c044
GET /gtag/js?id=AW-875517505 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 19 Nov 2023 07:39:01 GMT
expires: Sun, 19 Nov 2023 07:39:01 GMT
cache-control: private, max-age=900
last-modified: Sun, 19 Nov 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/main/202311161601&cb=1700379542733
200 OK 2 B URL GET HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/main/202311161601&cb=1700379542733
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=mtbank/main/202311161601&cb=1700379542733 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
accept-ranges: bytes
server: AmazonS3
date: Sun, 19 Nov 2023 07:38:51 GMT
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kVtuG2l2mTGXOvadJPDOdkvWY4wg3v_0n9YeWwChhpXMrMBhT1ig3Q==
age: 11
cache-control: max-age=300
X-Firefox-Spdy: h2
myonlineaccess.pages.dev/favicon.ico
200 OK 20 kB URL GET HTTP/3 myonlineaccess.pages.dev/favicon.ico
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectmyonlineaccess.pages.dev
Fingerprint96:ED:2B:C7:A0:CB:6E:29:CC:BC:40:63:3E:7F:3A:A4:00:B9:05:34
ValiditySat, 18 Nov 2023 13:46:31 GMT - Fri, 16 Feb 2024 13:46:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1260), with CRLF line terminators
Hash 887fa9e1f6e71855b59511131ccf1493
d5fb3745039ac8abdd2cf21dd0c0600218db8b89
d98f74b1db0ee660fd1a2389d5501c17b9b1af20f078aa259ed89ff21febbba9
Analyzer Verdict Alert OpenPhish phishing M & T Bank Coporation
GET /favicon.ico HTTP/1.1
Host: myonlineaccess.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: cdContextId=1; bmuid=1700379541570-E57BCDCE-0436-4FB5-A509-4C41AE381DBE; cdSessionId=a6a38969-8b2e-4023-b37e-c0fce01a57dc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:39:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"975bee3149ad0e870b808f4d2439b148"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQ7tPw3PbWLnEoVOIWh3nl91reneFO5nfBZMyJ4qKax0eRRkz%2FBW8ZIFMkCx8Qd2NIPEmALLtNca6mTQh%2FfXKGRg3dGH%2FGitoTCLB7G5b34rhP5HFGXdCVMz%2FATxtSMcpxTVi03U5%2FhdIMk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8286cc023bf156ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tags.tiqcdn.com/utag/mtbank/main/prod/utag.190.js?utv=ut4.51.202309150258
200 OK 5.1 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.190.js?utv=ut4.51.202309150258
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1502)
Hash 3fa84955656e038fa0b29a7071e11b9e
48552b5d7a15756e32ed2622cfa8d9a20e8b9020
0aa52826692f5659c775d5a7a1ee4a8fccc272326d3cae7f820509811db5de05
GET /utag/mtbank/main/prod/utag.190.js?utv=ut4.51.202309150258 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:48 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: dTP5TtuQtzCD2AD7pP8rNLaWik0JHZgL
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"3fa84955656e038fa0b29a7071e11b9e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VKi94Ou9vc6T2KeYtueWsmv55TM16JPhINxjzPdcuf6jpxLZypZiYA==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&cb=73536047698151760
200 OK 6.1 kB URL GET HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&cb=73536047698151760
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (2528)
Hash a1d9d0864c6542895092cb836118a672
9465e8008d39e3cfe673e19563193dd889795243
df3d6aaddec1a66a1a558e3651b3ac658acb7e3e50a742f705e86ad0c3303a71
GET /spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&cb=73536047698151760 HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Sun, 19 Nov 2023 07:39:01 GMT
x-envoy-upstream-service-time: 4
be: spx-prod
server: istio-envoy
transfer-encoding: chunked
www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c
200 OK 97 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (18108)
Hash abb9f4c8fc522cb72d50d7b829aa1aff
824c4b461910bdc7c62145af3c3aa765a7b14c6b
1bd3c4e780ba941f6458a379b61a78edc2215be8f1822be7a2c874ef8a987701
GET /gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 19 Nov 2023 07:39:01 GMT
expires: Sun, 19 Nov 2023 07:39:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
obs.segreencolumn.com/ct?id=40173&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1700379542679&hl=4&op=0&ag=585317903&rand=832870122082717092217127278226268100086505270269529208190212960186110280692017379021&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDExMjNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMSwzLDE1LDAsMCwxLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiNixJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiY2R3cGJcIixcImNkQXBpXCIsXCJIVE1MNVwiLFwiZ2VvTG9jYXRvclwiLFwiY29va2llc1V0aWxzXCIsXCJERVZcIixcIlVOREVGSU5FRFwiLFwidGVhbGl1bVV0aWxzXCIsXCJHRU9fTE9DQVRJT05fREVGQVVMVF9TVFJVQ1RcIixcIlVJRXZlbnRDb2xsZWN0b3JcIixcIlByb3h5Q29sbGVjdG9yXCIsXCJTRVBcIixcIlV0aWxzXCIsXCJtb2RhbE9iamVjdFwiLFwiUEFJUlwiLFwiQkxBQ0tCRVJSWVwiLFwiY3VzdG9tRXZlbnRzT2JqZWN0XCIsXCJnZW9Mb2NhdG9yU3RhdHVzXCIsXCJCcm93c2VyRGV0ZWN0XCIsXCJIYXNodGFibGVcIixcInN0YXJ0c1dpdGhcIixcIkRvbURhdGFDb2xsZWN0aW9uXCIsXCJJRV9GaW5nZXJQcmludFwiLFwiTW96aWxsYV9GaW5nZXJQcmludFwiLFwiT3BlcmFfRmluZ2VyUHJpbnRcIixcIlRpbWVyXCIsXCJnZXRSYW5kb21Qb3J0XCIsXCJCbGFja2JlcnJ5TG9jYXRpb25Db2xsZWN0b3JcIixcImRldGVjdEZpZWxkc1wiLFwiRmluZ2VyUHJpbnRcIixcInVybEVuY29kZVwiLFwiZW5jb2RlX2RldmljZXByaW50XCIsXCJkZWNvZGVfZGV2aWNlcHJpbnRcIixcInBvc3RfZGV2aWNlcHJpbnRcIixcInBvc3RfZmluZ2VycHJpbnRzXCIsXCJhZGRfZGV2aWNlcHJpbnRcIixcImZvcm1fYWRkX2RhdGFcIixcImZvcm1fYWRkX2RldmljZXByaW50XCIsXCJkZXRlY3REZXZpY2VDb2xsZWN0aW9uQVBJTW9kZVwiLFwiaW5pdFwiLFwic3RhcnRDb2xsZWN0aW9uXCIsXCJzdG9wQ29sbGVjdGlvblwiLFwiZ2V0R2VvbG9jYXRpb25TdHJ1Y3RcIixcIkhUTUw1TG9jYXRpb25Db2xsZWN0b3JcIixcIkludGVyYWN0aW9uRWxlbWVudFwiLFwiVUlFbGVtZW50TGlzdFwiLFwiYWN0aXZlWERldGVjdFwiLFwic3RyaXBJbGxlZ2FsQ2hhcnNcIixcInN0cmlwRnVsbFBhdGhcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwiMVwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQ4Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCwxMDI0LDAsMCwwLDAsXCItXCIsXCItXCIsMTI4MCwxMDI0XSJdLFstMjAsIi0iXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE3MDAzNzk1NDI2MzQsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0xLC0xLDg4LDAsNCwwLDAsMTYsMjksLTEsMCwsMjQwNywzMjUzLDMyNTMiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsNSx0cnVlLGZhbHNlLG51bGwsMCxmYWxzZSxmYWxzZV0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMDEwMDAwMDEwMDAwMDAwMCJdLFstNDQsIjAsNSwwLDUiXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzBcIixcIjExMzc4MjUwMjhcIixcIjM4NTUyMzExOTNcIixcIjI5NTYyOTMyOTdcIl0sXCJzXCI6MX0iXSxbLTU1LCIyIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJUUmRjUVVsV1MwMUtlVkZOVFVsS0F4WVdWbHNYU2x4ZVMxeGNWMXBXVlV4VVZ4ZGFWbFFXVUJZQkNRb0xYUUFLWFFnTURWd05EQWdPWEF4Y0RGd0xDVjlZQUZvTERsME9XeGRUU2dNSUF3OEJBQTRNRlhWNVVVMU5TVW9ERmhaV1d4ZEtYRjVMWEZ4WFdsWlZURlJYRjFwV1ZCWlFGZ0VKQ2d0ZEFBcGRDQXdOWEEwTUNBNWNERndNWEFzSlgxZ0FXZ3NPWFE1YkYxTktBd2dEQ2drTURRQVZjM2xSVFUxSlNnTVdGbFpiRjBwY1hrdGNYRmRhVmxWTVZGY1hXbFpVRmxBV0FRa0tDMTBBQ2wwSURBMWNEUXdJRGx3TVhBeGNDd2xmV0FCYUN3NWREbHNYVTBvRENBTUtDQUVORGhWNVVVMU5TVW9ERmhaV1d4ZEtYRjVMWEE9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwiLSJdLFstNjEsIi0iXSxbLTYyLCI1OCJdLFstNjMsIi0iXSxbLTY0LCItIl0sWy02NSwiLSJdLFstNjYsIi0iXSxbLTY3LCItIl0sWyJkZGIiLCIwLDcsMCwwLDIsMiwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMywwLDEsMCwwLDAsMywxLDIsMjgsMCwxLDAsMSwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsODldLFsiYWJuY2giLDkwXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=5fop8fYJYa&pto=3296&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1700379542.g8MxKxj3UY7BaH4Y&suid=1.1700379542.I5LMpgkWuWBVUNqg&tuid=1.1700379542.GU07vfge9eGtCzQW&fbc=->m=WyJwYWdlX3ZpZXciXQ%3D%3D&it=39%2C3000%2C126&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
200 OK 1.1 kB URL GET HTTP/2 obs.segreencolumn.com/ct?id=40173&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1700379542679&hl=4&op=0&ag=585317903&rand=832870122082717092217127278226268100086505270269529208190212960186110280692017379021&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDExMjNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMSwzLDE1LDAsMCwxLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiNixJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiY2R3cGJcIixcImNkQXBpXCIsXCJIVE1MNVwiLFwiZ2VvTG9jYXRvclwiLFwiY29va2llc1V0aWxzXCIsXCJERVZcIixcIlVOREVGSU5FRFwiLFwidGVhbGl1bVV0aWxzXCIsXCJHRU9fTE9DQVRJT05fREVGQVVMVF9TVFJVQ1RcIixcIlVJRXZlbnRDb2xsZWN0b3JcIixcIlByb3h5Q29sbGVjdG9yXCIsXCJTRVBcIixcIlV0aWxzXCIsXCJtb2RhbE9iamVjdFwiLFwiUEFJUlwiLFwiQkxBQ0tCRVJSWVwiLFwiY3VzdG9tRXZlbnRzT2JqZWN0XCIsXCJnZW9Mb2NhdG9yU3RhdHVzXCIsXCJCcm93c2VyRGV0ZWN0XCIsXCJIYXNodGFibGVcIixcInN0YXJ0c1dpdGhcIixcIkRvbURhdGFDb2xsZWN0aW9uXCIsXCJJRV9GaW5nZXJQcmludFwiLFwiTW96aWxsYV9GaW5nZXJQcmludFwiLFwiT3BlcmFfRmluZ2VyUHJpbnRcIixcIlRpbWVyXCIsXCJnZXRSYW5kb21Qb3J0XCIsXCJCbGFja2JlcnJ5TG9jYXRpb25Db2xsZWN0b3JcIixcImRldGVjdEZpZWxkc1wiLFwiRmluZ2VyUHJpbnRcIixcInVybEVuY29kZVwiLFwiZW5jb2RlX2RldmljZXByaW50XCIsXCJkZWNvZGVfZGV2aWNlcHJpbnRcIixcInBvc3RfZGV2aWNlcHJpbnRcIixcInBvc3RfZmluZ2VycHJpbnRzXCIsXCJhZGRfZGV2aWNlcHJpbnRcIixcImZvcm1fYWRkX2RhdGFcIixcImZvcm1fYWRkX2RldmljZXByaW50XCIsXCJkZXRlY3REZXZpY2VDb2xsZWN0aW9uQVBJTW9kZVwiLFwiaW5pdFwiLFwic3RhcnRDb2xsZWN0aW9uXCIsXCJzdG9wQ29sbGVjdGlvblwiLFwiZ2V0R2VvbG9jYXRpb25TdHJ1Y3RcIixcIkhUTUw1TG9jYXRpb25Db2xsZWN0b3JcIixcIkludGVyYWN0aW9uRWxlbWVudFwiLFwiVUlFbGVtZW50TGlzdFwiLFwiYWN0aXZlWERldGVjdFwiLFwic3RyaXBJbGxlZ2FsQ2hhcnNcIixcInN0cmlwRnVsbFBhdGhcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwiMVwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQ4Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCwxMDI0LDAsMCwwLDAsXCItXCIsXCItXCIsMTI4MCwxMDI0XSJdLFstMjAsIi0iXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE3MDAzNzk1NDI2MzQsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0xLC0xLDg4LDAsNCwwLDAsMTYsMjksLTEsMCwsMjQwNywzMjUzLDMyNTMiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsNSx0cnVlLGZhbHNlLG51bGwsMCxmYWxzZSxmYWxzZV0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMDEwMDAwMDEwMDAwMDAwMCJdLFstNDQsIjAsNSwwLDUiXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzBcIixcIjExMzc4MjUwMjhcIixcIjM4NTUyMzExOTNcIixcIjI5NTYyOTMyOTdcIl0sXCJzXCI6MX0iXSxbLTU1LCIyIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJUUmRjUVVsV1MwMUtlVkZOVFVsS0F4WVdWbHNYU2x4ZVMxeGNWMXBXVlV4VVZ4ZGFWbFFXVUJZQkNRb0xYUUFLWFFnTURWd05EQWdPWEF4Y0RGd0xDVjlZQUZvTERsME9XeGRUU2dNSUF3OEJBQTRNRlhWNVVVMU5TVW9ERmhaV1d4ZEtYRjVMWEZ4WFdsWlZURlJYRjFwV1ZCWlFGZ0VKQ2d0ZEFBcGRDQXdOWEEwTUNBNWNERndNWEFzSlgxZ0FXZ3NPWFE1YkYxTktBd2dEQ2drTURRQVZjM2xSVFUxSlNnTVdGbFpiRjBwY1hrdGNYRmRhVmxWTVZGY1hXbFpVRmxBV0FRa0tDMTBBQ2wwSURBMWNEUXdJRGx3TVhBeGNDd2xmV0FCYUN3NWREbHNYVTBvRENBTUtDQUVORGhWNVVVMU5TVW9ERmhaV1d4ZEtYRjVMWEE9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwiLSJdLFstNjEsIi0iXSxbLTYyLCI1OCJdLFstNjMsIi0iXSxbLTY0LCItIl0sWy02NSwiLSJdLFstNjYsIi0iXSxbLTY3LCItIl0sWyJkZGIiLCIwLDcsMCwwLDIsMiwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMywwLDEsMCwwLDAsMywxLDIsMjgsMCwxLDAsMSwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsODldLFsiYWJuY2giLDkwXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=5fop8fYJYa&pto=3296&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1700379542.g8MxKxj3UY7BaH4Y&suid=1.1700379542.I5LMpgkWuWBVUNqg&tuid=1.1700379542.GU07vfge9eGtCzQW&fbc=->m=WyJwYWdlX3ZpZXciXQ%3D%3D&it=39%2C3000%2C126&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3057), with no line terminators
Hash 4730a0c6b53fc033ee12366e428f1ead
2706565814edee7525a45e2d13fd62eaca703c97
18704e854dbd40446a9362bdbb4e2c2febd3fabf2b85177ca38f0ee0791eeda2
GET /ct?id=40173&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1700379542679&hl=4&op=0&ag=585317903&rand=832870122082717092217127278226268100086505270269529208190212960186110280692017379021&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDExMjNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMSwzLDE1LDAsMCwxLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiNixJc045bkduV2JBWUFJeE5mUWFPcUdFMENGQVFzY0cwMEluaE9iWUJBS1lVT3pRTzZFWDAyMEltR0xjdTYydXJkUC9jMmQycE5tVlpBd2YzLy84ejc5R3JIYTFXdTNPbVhQUHZlIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiY2R3cGJcIixcImNkQXBpXCIsXCJIVE1MNVwiLFwiZ2VvTG9jYXRvclwiLFwiY29va2llc1V0aWxzXCIsXCJERVZcIixcIlVOREVGSU5FRFwiLFwidGVhbGl1bVV0aWxzXCIsXCJHRU9fTE9DQVRJT05fREVGQVVMVF9TVFJVQ1RcIixcIlVJRXZlbnRDb2xsZWN0b3JcIixcIlByb3h5Q29sbGVjdG9yXCIsXCJTRVBcIixcIlV0aWxzXCIsXCJtb2RhbE9iamVjdFwiLFwiUEFJUlwiLFwiQkxBQ0tCRVJSWVwiLFwiY3VzdG9tRXZlbnRzT2JqZWN0XCIsXCJnZW9Mb2NhdG9yU3RhdHVzXCIsXCJCcm93c2VyRGV0ZWN0XCIsXCJIYXNodGFibGVcIixcInN0YXJ0c1dpdGhcIixcIkRvbURhdGFDb2xsZWN0aW9uXCIsXCJJRV9GaW5nZXJQcmludFwiLFwiTW96aWxsYV9GaW5nZXJQcmludFwiLFwiT3BlcmFfRmluZ2VyUHJpbnRcIixcIlRpbWVyXCIsXCJnZXRSYW5kb21Qb3J0XCIsXCJCbGFja2JlcnJ5TG9jYXRpb25Db2xsZWN0b3JcIixcImRldGVjdEZpZWxkc1wiLFwiRmluZ2VyUHJpbnRcIixcInVybEVuY29kZVwiLFwiZW5jb2RlX2RldmljZXByaW50XCIsXCJkZWNvZGVfZGV2aWNlcHJpbnRcIixcInBvc3RfZGV2aWNlcHJpbnRcIixcInBvc3RfZmluZ2VycHJpbnRzXCIsXCJhZGRfZGV2aWNlcHJpbnRcIixcImZvcm1fYWRkX2RhdGFcIixcImZvcm1fYWRkX2RldmljZXByaW50XCIsXCJkZXRlY3REZXZpY2VDb2xsZWN0aW9uQVBJTW9kZVwiLFwiaW5pdFwiLFwic3RhcnRDb2xsZWN0aW9uXCIsXCJzdG9wQ29sbGVjdGlvblwiLFwiZ2V0R2VvbG9jYXRpb25TdHJ1Y3RcIixcIkhUTUw1TG9jYXRpb25Db2xsZWN0b3JcIixcIkludGVyYWN0aW9uRWxlbWVudFwiLFwiVUlFbGVtZW50TGlzdFwiLFwiYWN0aXZlWERldGVjdFwiLFwic3RyaXBJbGxlZ2FsQ2hhcnNcIixcInN0cmlwRnVsbFBhdGhcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwiMVwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQ4Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCwxMDI0LDAsMCwwLDAsXCItXCIsXCItXCIsMTI4MCwxMDI0XSJdLFstMjAsIi0iXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE3MDAzNzk1NDI2MzQsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0xLC0xLDg4LDAsNCwwLDAsMTYsMjksLTEsMCwsMjQwNywzMjUzLDMyNTMiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsNSx0cnVlLGZhbHNlLG51bGwsMCxmYWxzZSxmYWxzZV0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCI4ODMzOTkwMTYiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMDEwMDAwMDEwMDAwMDAwMCJdLFstNDQsIjAsNSwwLDUiXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzBcIixcIjExMzc4MjUwMjhcIixcIjM4NTUyMzExOTNcIixcIjI5NTYyOTMyOTdcIl0sXCJzXCI6MX0iXSxbLTU1LCIyIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJUUmRjUVVsV1MwMUtlVkZOVFVsS0F4WVdWbHNYU2x4ZVMxeGNWMXBXVlV4VVZ4ZGFWbFFXVUJZQkNRb0xYUUFLWFFnTURWd05EQWdPWEF4Y0RGd0xDVjlZQUZvTERsME9XeGRUU2dNSUF3OEJBQTRNRlhWNVVVMU5TVW9ERmhaV1d4ZEtYRjVMWEZ4WFdsWlZURlJYRjFwV1ZCWlFGZ0VKQ2d0ZEFBcGRDQXdOWEEwTUNBNWNERndNWEFzSlgxZ0FXZ3NPWFE1YkYxTktBd2dEQ2drTURRQVZjM2xSVFUxSlNnTVdGbFpiRjBwY1hrdGNYRmRhVmxWTVZGY1hXbFpVRmxBV0FRa0tDMTBBQ2wwSURBMWNEUXdJRGx3TVhBeGNDd2xmV0FCYUN3NWREbHNYVTBvRENBTUtDQUVORGhWNVVVMU5TVW9ERmhaV1d4ZEtYRjVMWEE9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwiLSJdLFstNjEsIi0iXSxbLTYyLCI1OCJdLFstNjMsIi0iXSxbLTY0LCItIl0sWy02NSwiLSJdLFstNjYsIi0iXSxbLTY3LCItIl0sWyJkZGIiLCIwLDcsMCwwLDIsMiwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMywwLDEsMCwwLDAsMywxLDIsMjgsMCwxLDAsMSwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsODldLFsiYWJuY2giLDkwXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=5fop8fYJYa&pto=3296&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1700379542.g8MxKxj3UY7BaH4Y&suid=1.1700379542.I5LMpgkWuWBVUNqg&tuid=1.1700379542.GU07vfge9eGtCzQW&fbc=->m=WyJwYWdlX3ZpZXciXQ%3D%3D&it=39%2C3000%2C126&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab= HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Sun, 19 Nov 2023 07:39:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=d4f29eb3bd9e64ce7b06b57e56a0bc2a; Max-Age=29030400; Path=/; Expires=Sun, 20 Oct 2024 07:39:01 GMT; HttpOnly; Secure; SameSite=None
content-length: 1093
X-Firefox-Spdy: h2
3.212.39.155/is
200 OK 32 B IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject3.212.39.155
Fingerprint00:A9:CD:24:20:F3:A9:39:C2:84:63:56:07:21:76:BC:6A:3D:B5:76
ValidityWed, 15 Feb 2023 00:00:00 GMT - Thu, 15 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 4f2c4690e2c49c6322cc881f1e53a1ce
ada5b8cf4a659d848c0f6e67c4a8bd8c01563bd5
4c826332a92fb29a49d15e56058013646eafff5555ac595978f8bbd3cec967ee
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /is HTTP/1.1
Host: 3.212.39.155
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 19 Nov 2023 07:39:01 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: application/x-www-form-urlencoded
Content-Length: 1522
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Cookie: cg_uuid=d4f29eb3bd9e64ce7b06b57e56a0bc2a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://myonlineaccess.pages.dev
content-type: application/json
date: Sun, 19 Nov 2023 07:39:01 GMT
content-length: 0
X-Firefox-Spdy: h2
obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aeec432e3428e9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f671d86d58b0e796d18ac2c7e51813f8c37c0563003719655555a33555f94ed691e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e82704f91d580435db3e7bf584e3eb65ef7ced06dd13f25e072afb8261267365588464979d0bec1677add2a3285f2c2a83d02622ddd409167940785208f3887a617503a0a84a2fdaf9f02ec1b15e60013ef5f3b79e9e70bdd9c248ae14c04a347095acdef5b53e8fc3bf22c86d5288a79c7d4b45a2222cb6d04533bb9be520da40e054ae964c975dc1ce63d67a60c7da7886779ad6f4e1dcfde90b54893daaa9a83b5b36a0c126c1a648b2595443820b0fc79284d881a4c570866ad194f5d038ef767c27d26a3995d4df0e2bd3fc78ae02f198409a37f73d4e0b1a8c33bc2cd2cca973aeac3e8744a7c09c95278a596563f6591845554f3e9fec2cf40b94dc8964fda733b3df7f8ad8a7b129dde2a910322cdba7111089e1471553a0baac7ba53a9ae85482fc3ce639f9658759c615c9a93bc71a24e3a797623d21370b5743275ff0e2e905d570e63d4a2a3be4a60c9ac14c1ef4aadea4bd6bc2ede7fb8ffdabf3553639873ac6e10209c624177db21d1c267eea69eb334096f9cb718b7ed6228bab2fcab1089d79115645027b55ca97b1d2690c11e95224f2c1c5a9f28a051794dbd061848d3722cad812207badc09d075de874d41bc645bd5dce4582974deab033fe89dc87da5568ebfc2923df27b487b1b704dc3176040fca2d1f0cadb100ccbf45d8939ad44692c4d4711c3d19fb61f719b80cf1f829e46e1c721a632328f350d8d06f16ec22&cri=5fop8fYJYa&ts=665&cb=1700379543344
200 OK 43 B URL GET HTTP/2 obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aeec432e3428e9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f671d86d58b0e796d18ac2c7e51813f8c37c0563003719655555a33555f94ed691e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e82704f91d580435db3e7bf584e3eb65ef7ced06dd13f25e072afb8261267365588464979d0bec1677add2a3285f2c2a83d02622ddd409167940785208f3887a617503a0a84a2fdaf9f02ec1b15e60013ef5f3b79e9e70bdd9c248ae14c04a347095acdef5b53e8fc3bf22c86d5288a79c7d4b45a2222cb6d04533bb9be520da40e054ae964c975dc1ce63d67a60c7da7886779ad6f4e1dcfde90b54893daaa9a83b5b36a0c126c1a648b2595443820b0fc79284d881a4c570866ad194f5d038ef767c27d26a3995d4df0e2bd3fc78ae02f198409a37f73d4e0b1a8c33bc2cd2cca973aeac3e8744a7c09c95278a596563f6591845554f3e9fec2cf40b94dc8964fda733b3df7f8ad8a7b129dde2a910322cdba7111089e1471553a0baac7ba53a9ae85482fc3ce639f9658759c615c9a93bc71a24e3a797623d21370b5743275ff0e2e905d570e63d4a2a3be4a60c9ac14c1ef4aadea4bd6bc2ede7fb8ffdabf3553639873ac6e10209c624177db21d1c267eea69eb334096f9cb718b7ed6228bab2fcab1089d79115645027b55ca97b1d2690c11e95224f2c1c5a9f28a051794dbd061848d3722cad812207badc09d075de874d41bc645bd5dce4582974deab033fe89dc87da5568ebfc2923df27b487b1b704dc3176040fca2d1f0cadb100ccbf45d8939ad44692c4d4711c3d19fb61f719b80cf1f829e46e1c721a632328f350d8d06f16ec22&cri=5fop8fYJYa&ts=665&cb=1700379543344
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126aeec432e3428e9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f671d86d58b0e796d18ac2c7e51813f8c37c0563003719655555a33555f94ed691e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e82704f91d580435db3e7bf584e3eb65ef7ced06dd13f25e072afb8261267365588464979d0bec1677add2a3285f2c2a83d02622ddd409167940785208f3887a617503a0a84a2fdaf9f02ec1b15e60013ef5f3b79e9e70bdd9c248ae14c04a347095acdef5b53e8fc3bf22c86d5288a79c7d4b45a2222cb6d04533bb9be520da40e054ae964c975dc1ce63d67a60c7da7886779ad6f4e1dcfde90b54893daaa9a83b5b36a0c126c1a648b2595443820b0fc79284d881a4c570866ad194f5d038ef767c27d26a3995d4df0e2bd3fc78ae02f198409a37f73d4e0b1a8c33bc2cd2cca973aeac3e8744a7c09c95278a596563f6591845554f3e9fec2cf40b94dc8964fda733b3df7f8ad8a7b129dde2a910322cdba7111089e1471553a0baac7ba53a9ae85482fc3ce639f9658759c615c9a93bc71a24e3a797623d21370b5743275ff0e2e905d570e63d4a2a3be4a60c9ac14c1ef4aadea4bd6bc2ede7fb8ffdabf3553639873ac6e10209c624177db21d1c267eea69eb334096f9cb718b7ed6228bab2fcab1089d79115645027b55ca97b1d2690c11e95224f2c1c5a9f28a051794dbd061848d3722cad812207badc09d075de874d41bc645bd5dce4582974deab033fe89dc87da5568ebfc2923df27b487b1b704dc3176040fca2d1f0cadb100ccbf45d8939ad44692c4d4711c3d19fb61f719b80cf1f829e46e1c721a632328f350d8d06f16ec22&cri=5fop8fYJYa&ts=665&cb=1700379543344 HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: cg_uuid=d4f29eb3bd9e64ce7b06b57e56a0bc2a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Sun, 19 Nov 2023 07:39:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 95F0B0B073B04CE8A1B4626D3D38320A Ref B: OSL30EDGE0522 Ref C: 2023-11-19T07:39:02Z
date: Sun, 19 Nov 2023 07:39:01 GMT
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A76913236D1F446C9CE5E720F6D7BC66 Ref B: OSL30EDGE0522 Ref C: 2023-11-19T07:39:02Z
date: Sun, 19 Nov 2023 07:39:01 GMT
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
200 OK 14 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (26365)
Hash 3f878b933f4898d62bae656524f29d6d
8f52466629788b1a7d3c3ce4313ac815db87a036
ff59042a787de1cac5fc06165134b4192aec60a6deb477bead309f0c0334653f
GET /utag/mtbank/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:49 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: l6N_ToYiAXSZLIyImzr..qW9gq2POa01
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"3f878b933f4898d62bae656524f29d6d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p2E3w96U4j7NjW3vxqJl1Q3VCwCCvZApEaQQPToxPD4AZrX9g3EyrA==
cache-control: max-age=300
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/875517505/?random=1700379543321&cv=11&fst=1700379543321&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1229746843.1700379543&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL GET HTTP/2 www.google.com/pagead/1p-conversion/875517505/?random=1700379543321&cv=11&fst=1700379543321&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1229746843.1700379543&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
GET /pagead/1p-conversion/875517505/?random=1700379543321&cv=11&fst=1700379543321&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1229746843.1700379543&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 07:39:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/875517505/?random=1700379543321&cv=11&fst=1700379543321&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1229746843.1700379543&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
200 OK 221 B URL GET HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.c81358859121583b7adf2ace89cb39f44.com
FingerprintF0:4C:1E:6C:93:32:C1:A9:2B:96:24:D4:D3:40:64:CD:64:96:7F:68
ValiditySun, 02 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Sun, 19 Nov 2023 02:51:32 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lx4GepG21JPDiaMvWfzg_rARHiqXpcC1EvgFv9AaimbDOkaBB9_M8Q==
age: 17251
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
200 OK 221 B URL GET HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.a79ab95c1589a13f8a4cab612bc71f9f7.com
FingerprintFC:90:7A:49:93:D8:73:45:0A:8A:7C:0F:95:8B:AA:C9:51:EC:C7:52
ValiditySun, 26 Mar 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Sun, 19 Nov 2023 04:19:08 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yxXFsMrLk1ERmWz2j8VdeWqTp7gblS61W3eKFqu5e_uoMRhV6r-LmA==
age: 11995
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
200 OK 6.7 kB IP
ASN #203220 Yahoo! UK Services Limited
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash c350c517a3c27f1e7be118ba81cb7396
18b223c538b4bc437b3b969fa88c89a16ca52283
779491cc62f9926c6ec6a446144ac0a515eb6f71ddec1c246055a197d316b4bc
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 9m+YVZZjJLoG8pdc7uW4AJp0F+uIdMKkML2kXNMbrVBbrQXAgnYyeTTZcQdX6AAf4VgdesSuxyU=
x-amz-request-id: MXAN976WXB9NZ3TC
date: Sun, 19 Nov 2023 07:38:08 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 55
content-encoding: gzip
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1700379542431&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=573858124.1700379543&ul=en-us&sr=1280x1024&_s=1&sid=1700379543&sct=1&seg=0&dl=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=qMNdFl0hWY47iv6l&ep.channelmix_event_id=qMNdFl0hWY47iv6l&ep.channelmix_conv_id=qMNdFl0hWY47iv6l-qMNdFl0hWY47iv6l&epn.channelmix_timestamp=1700379542437&tfd=3880
204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1700379542431&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=573858124.1700379543&ul=en-us&sr=1280x1024&_s=1&sid=1700379543&sct=1&seg=0&dl=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=qMNdFl0hWY47iv6l&ep.channelmix_event_id=qMNdFl0hWY47iv6l&ep.channelmix_conv_id=qMNdFl0hWY47iv6l-qMNdFl0hWY47iv6l&epn.channelmix_timestamp=1700379542437&tfd=3880
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1700379542431&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=573858124.1700379543&ul=en-us&sr=1280x1024&_s=1&sid=1700379543&sct=1&seg=0&dl=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=qMNdFl0hWY47iv6l&ep.channelmix_event_id=qMNdFl0hWY47iv6l&ep.channelmix_conv_id=qMNdFl0hWY47iv6l-qMNdFl0hWY47iv6l&epn.channelmix_timestamp=1700379542437&tfd=3880 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://myonlineaccess.pages.dev
date: Sun, 19 Nov 2023 07:39:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
3.2 kB URL 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP
Certificate IssuerSectigo Limited
Subject*.c81358859121583b7adf2ace89cb39f44.com
FingerprintF0:4C:1E:6C:93:32:C1:A9:2B:96:24:D4:D3:40:64:CD:64:96:7F:68
ValiditySun, 02 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Sun, 19 Nov 2023 02:51:32 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cxeJdIQ4wNTE2StXOwtomUacdwPOQgYdqBIbScDg67dcL-C-LkljPw==
age: 17251
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10087193.json
200 OK 22 B URL GET HTTP/2 s.yimg.com/wi/config/10087193.json
IP
ASN #203220 Yahoo! UK Services Limited
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10087193.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: JQ60N8FNJSAK0J46
x-amz-id-2: KcBpS+Pdow0VJYIb4vBQS6Sjzs673mSAQaohSnjR9tIQjQjaVRZ64wlLF5AhBCgkFIIZaZHi+Ow=
content-type: application/json
date: Sun, 19 Nov 2023 07:39:01 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
3.2 kB URL 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP
Certificate IssuerSectigo Limited
Subject*.a79ab95c1589a13f8a4cab612bc71f9f7.com
FingerprintFC:90:7A:49:93:D8:73:45:0A:8A:7C:0F:95:8B:AA:C9:51:EC:C7:52
ValiditySun, 26 Mar 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Sat, 18 Nov 2023 12:08:36 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EetiGVMX2523xJCVuySqP39JvaNA1VMiB7uEo4POCevR_NZKcJ2sMQ==
age: 70227
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
200 OK 221 B URL GET HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.b406929acabac9b095f124c81bdfcf57f.com
Fingerprint82:59:0C:15:94:5C:57:41:BA:EE:26:86:8F:38:67:35:B8:E2:C7:FE
ValiditySun, 02 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Sat, 18 Nov 2023 12:02:06 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iqRyCmMLM0Tny3G9G4CbtREa-bYK9uAE6xD8NEVMv6f-vYGuSXOFdA==
age: 70617
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5564484&Ver=2&mid=785a81e6-37bc-40cc-a966-0005a9caac94&sid=b650dc2086ae11ee8cd751f9f57a6e55&vid=b650f90086ae11eebd675f6aed4008f3&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&sw=1280&sh=1024&sc=24&evt=custom&rn=621461
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=5564484&Ver=2&mid=785a81e6-37bc-40cc-a966-0005a9caac94&sid=b650dc2086ae11ee8cd751f9f57a6e55&vid=b650f90086ae11eebd675f6aed4008f3&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&sw=1280&sh=1024&sc=24&evt=custom&rn=621461
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5564484&Ver=2&mid=785a81e6-37bc-40cc-a966-0005a9caac94&sid=b650dc2086ae11ee8cd751f9f57a6e55&vid=b650f90086ae11eebd675f6aed4008f3&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&sw=1280&sh=1024&sc=24&evt=custom&rn=621461 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=23AA94D4992C67973929871A98D966FA; domain=.bing.com; expires=Fri, 13-Dec-2024 07:39:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 74C0729B23C84B26A7EEA75E42DACB68 Ref B: OSL30EDGE0522 Ref C: 2023-11-19T07:39:02Z
date: Sun, 19 Nov 2023 07:39:02 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/875517505/?random=1700379543321&cv=11&fst=1700379543321&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1229746843.1700379543&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
200 OK 63 B URL GET HTTP/3 www.google.no/pagead/1p-conversion/875517505/?random=1700379543321&cv=11&fst=1700379543321&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1229746843.1700379543&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
GET /pagead/1p-conversion/875517505/?random=1700379543321&cv=11&fst=1700379543321&bg=ffffff&guid=ON&async=1>m=45be3b81v888587359&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.google.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&auid=1229746843.1700379543&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 07:39:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bat.bing.com/action/0?ti=331000312&Ver=2&mid=d9cab1fe-ff77-4086-b5ae-9892dbe64423&sid=b650dc2086ae11ee8cd751f9f57a6e55&vid=b650f90086ae11eebd675f6aed4008f3&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&r=<=2433&evt=pageLoad&sv=1&rn=943463
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=331000312&Ver=2&mid=d9cab1fe-ff77-4086-b5ae-9892dbe64423&sid=b650dc2086ae11ee8cd751f9f57a6e55&vid=b650f90086ae11eebd675f6aed4008f3&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&r=<=2433&evt=pageLoad&sv=1&rn=943463
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=331000312&Ver=2&mid=d9cab1fe-ff77-4086-b5ae-9892dbe64423&sid=b650dc2086ae11ee8cd751f9f57a6e55&vid=b650f90086ae11eebd675f6aed4008f3&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&r=<=2433&evt=pageLoad&sv=1&rn=943463 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0782B707C91D68310FC5A4C9C8E869DC; domain=.bing.com; expires=Fri, 13-Dec-2024 07:39:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D573F4DDF957447790F216D4136910D9 Ref B: OSL30EDGE0522 Ref C: 2023-11-19T07:39:02Z
date: Sun, 19 Nov 2023 07:39:02 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/5564484.js
204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/5564484.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5564484.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A11CA88EBAF6465F8491E9CF4106842E Ref B: OSL30EDGE0522 Ref C: 2023-11-19T07:39:02Z
date: Sun, 19 Nov 2023 07:39:02 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5564484&Ver=2&mid=785a81e6-37bc-40cc-a966-0005a9caac94&sid=b650dc2086ae11ee8cd751f9f57a6e55&vid=b650f90086ae11eebd675f6aed4008f3&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&r=<=2433&evt=pageLoad&sv=1&rn=518298
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=5564484&Ver=2&mid=785a81e6-37bc-40cc-a966-0005a9caac94&sid=b650dc2086ae11ee8cd751f9f57a6e55&vid=b650f90086ae11eebd675f6aed4008f3&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&r=<=2433&evt=pageLoad&sv=1&rn=518298
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5564484&Ver=2&mid=785a81e6-37bc-40cc-a966-0005a9caac94&sid=b650dc2086ae11ee8cd751f9f57a6e55&vid=b650f90086ae11eebd675f6aed4008f3&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&r=<=2433&evt=pageLoad&sv=1&rn=518298 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=06960818A3CA623C2D5F1BD6A23F63AF; domain=.bing.com; expires=Fri, 13-Dec-2024 07:39:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96E30924F7A848C5AC3DF63B1131AEE0 Ref B: OSL30EDGE0522 Ref C: 2023-11-19T07:39:02Z
date: Sun, 19 Nov 2023 07:39:02 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/331000312.js
204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/331000312.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/331000312.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 184F1186B569450D9628C6E6E672936D Ref B: OSL30EDGE0522 Ref C: 2023-11-19T07:39:02Z
date: Sun, 19 Nov 2023 07:39:02 GMT
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10108773.json
200 OK 22 B URL GET HTTP/2 s.yimg.com/wi/config/10108773.json
IP
ASN #203220 Yahoo! UK Services Limited
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10108773.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: RV4N5GG9XW5H2XTC
x-amz-id-2: WDkSHvAXSKcNdGFNjBU5uwyKjFEk186ZVj6vd7sYGrsAiUzHqUQWid+YUXIQMQoW47XqFyYAblc=
content-type: application/json
date: Sun, 19 Nov 2023 07:39:02 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 3
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
3.2 kB URL 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP
Certificate IssuerSectigo Limited
Subject*.b406929acabac9b095f124c81bdfcf57f.com
Fingerprint82:59:0C:15:94:5C:57:41:BA:EE:26:86:8F:38:67:35:B8:E2:C7:FE
ValiditySun, 02 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Sun, 19 Nov 2023 00:07:21 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dnFXFWy7eTFyO5WJ9VTA9VVvpgAydNjxeg2LMEx7fLVeRQ4quPxk_A==
age: 27103
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1700379542431&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=573858124.1700379543&ul=en-us&sr=1280x1024&_s=2&sid=1700379543&sct=1&seg=0&dl=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=CQ&_ee=1&up.cq_category=suspicious&tfd=4361
204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1700379542431&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=573858124.1700379543&ul=en-us&sr=1280x1024&_s=2&sid=1700379543&sct=1&seg=0&dl=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=CQ&_ee=1&up.cq_category=suspicious&tfd=4361
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1700379542431&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=573858124.1700379543&ul=en-us&sr=1280x1024&_s=2&sid=1700379543&sct=1&seg=0&dl=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=CQ&_ee=1&up.cq_category=suspicious&tfd=4361 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://myonlineaccess.pages.dev
date: Sun, 19 Nov 2023 07:39:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: application/x-www-form-urlencoded
Content-Length: 2041
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Cookie: cg_uuid=d4f29eb3bd9e64ce7b06b57e56a0bc2a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://myonlineaccess.pages.dev
content-type: application/json
date: Sun, 19 Nov 2023 07:39:03 GMT
content-length: 0
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: application/x-www-form-urlencoded
Content-Length: 2046
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Cookie: cg_uuid=d4f29eb3bd9e64ce7b06b57e56a0bc2a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://myonlineaccess.pages.dev
content-type: application/json
date: Sun, 19 Nov 2023 07:39:03 GMT
content-length: 0
X-Firefox-Spdy: h2
log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1700379541002-sjn0000789-f52f49e2-fb53-4a7f-a6a2-cbfe77408109&csid=a6a38969-8b2e-4023-b37e-c0fce01a57dc&ds=js&sdkVer=2.27.0.1257.6ffd198
204 No Content 0 B URL POST HTTP/2 log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1700379541002-sjn0000789-f52f49e2-fb53-4a7f-a6a2-cbfe77408109&csid=a6a38969-8b2e-4023-b37e-c0fce01a57dc&ds=js&sdkVer=2.27.0.1257.6ffd198
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.us.v2.we-stats.com
Fingerprint92:3F:49:C7:68:63:84:E4:9C:88:00:7F:F5:BD:A6:40:37:54:9C:9A
ValidityThu, 29 Jun 2023 18:52:04 GMT - Tue, 30 Jul 2024 18:52:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=mufasa&cdsnum=1700379541002-sjn0000789-f52f49e2-fb53-4a7f-a6a2-cbfe77408109&csid=a6a38969-8b2e-4023-b37e-c0fce01a57dc&ds=js&sdkVer=2.27.0.1257.6ffd198 HTTP/1.1
Host: log-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1280
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Sun, 19 Nov 2023 07:39:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
200 OK 58 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type ASCII text, with very long lines (1334)
Hash 7475228b6f7589022e5b32e35e6ab1c1
0b42a9681bf83a3fc5cc2a4679f1610fc22a5a0e
8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.css HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css;charset=utf-8
content-length: 57814
accept-ranges: bytes
cache-control: max-age=3600, public, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Sun, 19 Nov 2023 06:47:17 GMT
last-modified: Mon, 27 Mar 2023 20:18:46 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "6a323-5f7e773365580-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VK7AAua1LH1bf3A-8cEN0PLFbkiu50AILWbE_eKV6bSK67qU5pVQUA==
age: 3107
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=573858124.1700379543&shpt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%22573858124.1700379543%22%2C%22shpt%22%3A%22Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center%22%2C%22dcm_cid%22%3A%22573858124.1700379543%22%2C%22mntnis%22%3A%22oyqxm15ZuFvjEDAHIeGVtaHQOPlijZCA%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=573858124.1700379543&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221700379543%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&cb=73536047698151760&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
200 OK 1.1 kB URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=573858124.1700379543&shpt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%22573858124.1700379543%22%2C%22shpt%22%3A%22Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center%22%2C%22dcm_cid%22%3A%22573858124.1700379543%22%2C%22mntnis%22%3A%22oyqxm15ZuFvjEDAHIeGVtaHQOPlijZCA%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=573858124.1700379543&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221700379543%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&cb=73536047698151760&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (2123)
Hash d8d37965684b341b201c5d2e448dd1df
98c458d47f8eb5abc2c6263aea6c1a67b83ebfd3
14482d974ae1f48057eb9d2b6fdc9f494d63408560552385a0069884aff6e065
GET /st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=573858124.1700379543&shpt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%22573858124.1700379543%22%2C%22shpt%22%3A%22Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center%22%2C%22dcm_cid%22%3A%22573858124.1700379543%22%2C%22mntnis%22%3A%22oyqxm15ZuFvjEDAHIeGVtaHQOPlijZCA%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=573858124.1700379543&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221700379543%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&cb=73536047698151760&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 19 Nov 2023 07:39:04 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=b70b33a7-86ae-11ee-8132-413abf24879c;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: application/x-www-form-urlencoded
Content-Length: 2041
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Cookie: cg_uuid=d4f29eb3bd9e64ce7b06b57e56a0bc2a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://myonlineaccess.pages.dev
content-type: application/json
date: Sun, 19 Nov 2023 07:39:04 GMT
content-length: 0
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?QUANTUM_WARNING=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&CORS_LINK=https%3A%2F%2Fwww3.mtb.com%2Fetc.clientlibs%2Fmtb-web%2Fclientlibs%2Fclientlib-base.css&hit=undefined&s=null
200 OK 0 B URL GET HTTP/2 mtb-app.quantummetric.com/?QUANTUM_WARNING=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&CORS_LINK=https%3A%2F%2Fwww3.mtb.com%2Fetc.clientlibs%2Fmtb-web%2Fclientlibs%2Fclientlib-base.css&hit=undefined&s=null
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?QUANTUM_WARNING=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&CORS_LINK=https%3A%2F%2Fwww3.mtb.com%2Fetc.clientlibs%2Fmtb-web%2Fclientlibs%2Fclientlib-base.css&hit=undefined&s=null HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:05 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
gs.mountain.com/gs
200 OK 144 B IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with no line terminators
Hash 4506e7a8c65e8fb714a4d69a05f368cb
6de9011cd4db01885eed8403f56c71531f111075
67e94a09fb80f7cea6f71c2802e238dd37d41e5f72cae82989940ea6c76b1f04
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: guid=b70b33a7-86ae-11ee-8132-413abf24879c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 19 Nov 2023 07:39:05 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379546782&z=1&S=0&N=0&P=0
200 OK 91 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379546782&z=1&S=0&N=0&P=0
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7cc05c26dc2a7a3f44bfb93ef46fefe9
ca834b2c2eeb6160973a843449d22ae1b0fcfd0c
3a24c2762d725bdaded645d6158ea77816fd73fa80d14a795b565819cd35c039
POST /?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379546782&z=1&S=0&N=0&P=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 856
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:05 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
content-encoding: gzip
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?s=499e01838bceea24ab0fcbe8c7634017&H=a335cb76fefb4ffcbe2536fa&Q=3
200 OK 50 B URL GET HTTP/2 mtb-app.quantummetric.com/?s=499e01838bceea24ab0fcbe8c7634017&H=a335cb76fefb4ffcbe2536fa&Q=3
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash fa187c75ef32c05e9bf58b4c16ecd58f
307ec2580f33ee9d227ab965f034a2192213147f
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
GET /?s=499e01838bceea24ab0fcbe8c7634017&H=a335cb76fefb4ffcbe2536fa&Q=3 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:05 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
content-encoding: gzip
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379547236&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&S=1348&N=8&P=1
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379547236&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&S=1348&N=8&P=1
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379547236&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&S=1348&N=8&P=1 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 129
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:05 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
200 OK 754 B URL POST HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.us.v2.we-stats.com
Fingerprint92:3F:49:C7:68:63:84:E4:9C:88:00:7F:F5:BD:A6:40:37:54:9C:9A
ValidityThu, 29 Jun 2023 18:52:04 GMT - Tue, 30 Jul 2024 18:52:04 GMT
File type JSON data\012- , ASCII text, with very long lines (754), with no line terminators
Hash f1739045552ff452f8800d388589854b
1d894ec8a2eab3d370815b67ba254e3ebd903d7c
f81440c26febcc953479c61a54cdfee3799c16ea48e556924b07ee2c772b91c6
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: text/plain;charset=UTF-8
Content-Length: 10393
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 754
date: Sun, 19 Nov 2023 07:39:05 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: e044c80d-c0fe-45ba-8d26-18d263a5c6c3
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=573858124.1700379543&shpt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%22573858124.1700379543%22%2C%22shpt%22%3A%22Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center%22%2C%22dcm_cid%22%3A%22573858124.1700379543%22%2C%22mntnis%22%3A%22oyqxm15ZuFvjEDAHIeGVtaHQOPlijZCA%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=573858124.1700379543&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221700379543%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1700379544846977&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1700379545649
200 OK 450 B URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=573858124.1700379543&shpt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%22573858124.1700379543%22%2C%22shpt%22%3A%22Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center%22%2C%22dcm_cid%22%3A%22573858124.1700379543%22%2C%22mntnis%22%3A%22oyqxm15ZuFvjEDAHIeGVtaHQOPlijZCA%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=573858124.1700379543&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221700379543%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1700379544846977&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1700379545649
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (1555), with no line terminators
Hash 29f2f007e70c723c5b62258cff989e33
1100616d25afae5c50685e8e9cef0e6742f5563d
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
GET /st?ga_tracking_id=G-ZTNQ6ZK8T0&ga_client_id=573858124.1700379543&shpt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22ga_client_id%22%3A%22573858124.1700379543%22%2C%22shpt%22%3A%22Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center%22%2C%22dcm_cid%22%3A%22573858124.1700379543%22%2C%22mntnis%22%3A%22oyqxm15ZuFvjEDAHIeGVtaHQOPlijZCA%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=573858124.1700379543&available_ga=%5B%7B%22id%22%3A%22G-ZTNQ6ZK8T0%22%2C%22sess_id%22%3A%221700379543%22%7D%5D&hardcoded_ga=G-ZTNQ6ZK8T0&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1700379544846977&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1700379545649 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: guid=b70b33a7-86ae-11ee-8132-413abf24879c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 19 Nov 2023 07:39:06 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=b70b33a7-86ae-11ee-8132-413abf24879c;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 19
server: istio-envoy
connection: close
transfer-encoding: chunked
log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1700379541002-sjn0000789-f52f49e2-fb53-4a7f-a6a2-cbfe77408109&csid=a6a38969-8b2e-4023-b37e-c0fce01a57dc&ds=js&sdkVer=2.27.0.1257.6ffd198
204 No Content 0 B URL POST HTTP/2 log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1700379541002-sjn0000789-f52f49e2-fb53-4a7f-a6a2-cbfe77408109&csid=a6a38969-8b2e-4023-b37e-c0fce01a57dc&ds=js&sdkVer=2.27.0.1257.6ffd198
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.us.v2.we-stats.com
Fingerprint92:3F:49:C7:68:63:84:E4:9C:88:00:7F:F5:BD:A6:40:37:54:9C:9A
ValidityThu, 29 Jun 2023 18:52:04 GMT - Tue, 30 Jul 2024 18:52:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=mufasa&cdsnum=1700379541002-sjn0000789-f52f49e2-fb53-4a7f-a6a2-cbfe77408109&csid=a6a38969-8b2e-4023-b37e-c0fce01a57dc&ds=js&sdkVer=2.27.0.1257.6ffd198 HTTP/1.1
Host: log-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: text/plain;charset=UTF-8
Content-Length: 56
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 19 Nov 2023 07:39:06 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
rl.quantummetric.com/mtb/hash-check
200 OK 0 B URL OPTIONS HTTP/2 rl.quantummetric.com/mtb/hash-check
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /mtb/hash-check HTTP/1.1
Host: rl.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://myonlineaccess.pages.dev/
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:39:06 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: https://myonlineaccess.pages.dev
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
rl.quantummetric.com/mtb/hash-check
200 OK 2 B URL OPTIONS HTTP/2 rl.quantummetric.com/mtb/hash-check
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /mtb/hash-check HTTP/1.1
Host: rl.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 121
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:39:06 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://myonlineaccess.pages.dev
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: *
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: application/x-www-form-urlencoded
Content-Length: 2041
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Cookie: cg_uuid=d4f29eb3bd9e64ce7b06b57e56a0bc2a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://myonlineaccess.pages.dev
content-type: application/json
date: Sun, 19 Nov 2023 07:39:07 GMT
content-length: 0
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1700379542431&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=573858124.1700379543&ul=en-us&sr=1280x1024&_eu=AEA&_s=3&sid=1700379543&sct=1&seg=0&dl=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=scroll&epn.percent_scrolled=90&tfd=9362
204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1700379542431&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=573858124.1700379543&ul=en-us&sr=1280x1024&_eu=AEA&_s=3&sid=1700379543&sct=1&seg=0&dl=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=scroll&epn.percent_scrolled=90&tfd=9362
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZTNQ6ZK8T0>m=45je3b81v890340193&_p=1700379542431&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=573858124.1700379543&ul=en-us&sr=1280x1024&_eu=AEA&_s=3&sid=1700379543&sct=1&seg=0&dl=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=scroll&epn.percent_scrolled=90&tfd=9362 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://myonlineaccess.pages.dev
date: Sun, 19 Nov 2023 07:39:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379551783&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&S=1525&N=11&P=2
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379551783&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&S=1525&N=11&P=2
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379551783&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&S=1525&N=11&P=2 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 317
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:10 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379551919&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&Q=2&S=1262&N=1
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379551919&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&Q=2&S=1262&N=1
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379551919&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&Q=2&S=1262&N=1 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 164
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:10 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
200 OK 754 B URL POST HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoDaddy.com, Inc.
Subject*.us.v2.we-stats.com
Fingerprint92:3F:49:C7:68:63:84:E4:9C:88:00:7F:F5:BD:A6:40:37:54:9C:9A
ValidityThu, 29 Jun 2023 18:52:04 GMT - Tue, 30 Jul 2024 18:52:04 GMT
File type JSON data\012- , ASCII text, with very long lines (754), with no line terminators
Hash da92319bbd758bbd20da5233372efef1
749f052aca2cea68205067f4bc3d27d8b18397e0
40c00478337682e053361a56358debeb1b3b683e0443c35bc7e86702470fb314
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: text/plain;charset=UTF-8
Content-Length: 2321
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 754
date: Sun, 19 Nov 2023 07:39:10 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 54608ba7-3fa5-49e2-9926-69170e308b46
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
obs.segreencolumn.com/mon
200 OK 0 B URL POST HTTP/2 obs.segreencolumn.com/mon
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerZeroSSL
Subject*.segreencolumn.com
Fingerprint23:4D:3D:16:86:E1:78:86:DF:0A:FD:D3:25:CE:4F:8E:B6:FB:7B:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.segreencolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
Content-Type: application/x-www-form-urlencoded
Content-Length: 2044
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Cookie: cg_uuid=d4f29eb3bd9e64ce7b06b57e56a0bc2a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://myonlineaccess.pages.dev
content-type: application/json
date: Sun, 19 Nov 2023 07:39:12 GMT
content-length: 0
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379556783&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&S=2201&N=18&P=3
0 B URL mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379556783&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&S=2201&N=18&P=3
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379556783&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&S=2201&N=18&P=3 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 121
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:15 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379556921&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&Q=2&S=1491&N=2
0 B URL mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379556921&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&Q=2&S=1491&N=2
IP
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379556921&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&Q=2&S=1491&N=2 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 126
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:15 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.44.js?utv=ut4.51.202309082106
200 OK 12 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.44.js?utv=ut4.51.202309082106
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (2654)
Hash ead3e7e93f2a00859e53e8af518a769c
05f4b12fcb30ee7a9c91912991dd7fdab50b4ad9
a815f07309f546ec2efbfda07db85255a033a85fc3405aabb2b89198b24f3261
GET /utag/mtbank/main/prod/utag.44.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:31 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: rDyVnqJ2rimcpCPPzyp6QK6_NpTTAwBU
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:02 GMT
etag: W/"ead3e7e93f2a00859e53e8af518a769c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AEJnkXfKUcBKYOwMhHZH1NhGrq2-wVf_2gossx-2KvW4g2pkwYrDVw==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
cdn.quantummetric.com/qscripts/quantum-mtb.js
200 OK 402 kB URL GET HTTP/2 cdn.quantummetric.com/qscripts/quantum-mtb.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBF:54:0B:41:47:C2:B6:ED:76:B2:16:87:F5:14:21:47:F1:E0:64:E3
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3803)
Size 402 kB (401461 bytes)
Hash 865a9eea321ce115e7ac506d0e816df2
b0160c98e553bc846510ec5717627de096f53dc9
9c2b5147ca4e28d0ec50d86f9bdadf27f317cebb08adff473f10a5d378b3fdd0
GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:39:01 GMT
content-type: text/javascript
vary: Accept-Encoding
etag: W/"170024767693516986872405791691740804464"
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: no-sniff
strict-transport-security: max-age=31536000
x-robots-tag: noindex
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 8286cc044c3156c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.41.js?utv=ut4.51.202309082106
200 OK 26 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.41.js?utv=ut4.51.202309082106
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (9524)
Hash b181e169dcc14ae08a0cc3712d909661
e0b8c520c2cef056482ae45b5f3b78743a409e85
30427c6100181f0b280c743b43991f39692b204418fb3f9591b2d6b94a4a4a1e
GET /utag/mtbank/main/prod/utag.41.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:48 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: i3jOAutcZEWYBud91BzatvV1RKYIxBkX
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"b181e169dcc14ae08a0cc3712d909661"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wgthLDgKvQeS7ySnf9j_XnHfEWxje8POOtzuUvwNbtPVmjCimfMKfw==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=573858124.1700379543>m=45je3b81v890340193&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=403252505
200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=573858124.1700379543>m=45je3b81v890340193&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=403252505
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=573858124.1700379543>m=45je3b81v890340193&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=403252505 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 07:39:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.51.202006232100
200 OK 9.9 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.51.202006232100
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (10217), with no line terminators
Hash 1b0d49e8d1448a4a2c5363189d971145
6409af5ec18d74a1a0a77d7c5a208195cd370329
aacf6b00ccea07b663029bd57560c2e51733fe268a563c6a03c80ce5efa9e023
GET /utag/mtbank/main/prod/utag.43.js?utv=ut4.51.202006232100 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:47 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Gc30cLD0QVQgwn9rZ__OCClFW.C6_LEZ
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:02 GMT
etag: W/"2f0f67f4d7267d8569ee7b51d527f5d3"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZN9Xi3SRiPXfqv-y-ERbLdVZKk6HNwDPIXCjULa6aVlS_HXcfDHVhQ==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.215.js?utv=ut4.51.202304242124
200 OK 3.8 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.215.js?utv=ut4.51.202304242124
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3990), with no line terminators
Hash 11fd4f9c90ab9f30a578942551c9b1a8
8e8783bd18714ddd391a04189c6b5188660ae50b
ce6cd62b048f7ebba755c96b72b3ef06fa013ebebb108c7dd94d2fac984f0b87
GET /utag/mtbank/main/prod/utag.215.js?utv=ut4.51.202304242124 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ipH536GzoWmjvH35gdflz4_i49EYShJ.
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"6036d70643e670da4933ca0ef7ab8430"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OdDvRx8ScyoWZJDFyNPRaSMHx5Z3l9AIeoZ2yh1L69JWUrQH6F3EDg==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.76.js?utv=ut4.51.202309082106
200 OK 12 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.76.js?utv=ut4.51.202309082106
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1502)
Hash 116437dbfe2383c9f0cf62cad204af21
745a7e9d6ac335d60d21f853b11ff3c00f98082f
261d059a35cc207797574845f5ab6108985221618e7a3a2fb2ae959876aa1c6f
GET /utag/mtbank/main/prod/utag.76.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: TDkqzZwAqhrRhvbVciQ1HzbNX5W6oHLG
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:02 GMT
etag: W/"116437dbfe2383c9f0cf62cad204af21"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VSVlMo6ZtUPQFGszsHeZFbDSiXgmgjZD1GXO8zNzw8chDgTxS9Clgw==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.46.js?utv=ut4.51.202309082106
200 OK 23 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.46.js?utv=ut4.51.202309082106
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (2654)
Hash 6935e9649d85a3bc2d1b048f4bbcadad
651c243e405c4a3a0f68ae88f7c9acbe8508742e
fb85ebd26bea989b34bd3e933bebb11d303d2651ba1e165f00d8b54184b1794e
GET /utag/mtbank/main/prod/utag.46.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:44 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: yDptu2GaCDYWBiaRwrBolFZqExxEFvFv
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"6935e9649d85a3bc2d1b048f4bbcadad"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wagVKA6FhS4ciKofCr7wkXh8ldXa4Z9u8XTobnJfIQ6VAP0wsaStew==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.224.js?utv=ut4.51.202311152118
200 OK 11 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.224.js?utv=ut4.51.202311152118
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4277)
Hash 96fc5663c665ce5ac49b91da259ad6e2
40cd16916e6fd892fb163e65f541dd31ce6bef87
378802513d17c0ad7feba3c108bcc69656b021e0496697eb00f01150785902d9
GET /utag/mtbank/main/prod/utag.224.js?utv=ut4.51.202311152118 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:47 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: tl4wyRki75pZwKiOPr1xqbUx_7qFHOwH
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:02 GMT
etag: W/"96fc5663c665ce5ac49b91da259ad6e2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I054olaYRZ46fZQMEu4sOa30jWMqAESG6wRdwzEKZnfWQQudIGQl1w==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.47.js?utv=ut4.51.202106282113
200 OK 4.0 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.47.js?utv=ut4.51.202106282113
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4158), with no line terminators
Hash d7bd8440d774ee5496281ddd6fed96a8
a8deba43434065d26114f9eedc2a551036c6ab04
c0eff4095cd1fc9f00ffdae12244f9485afbcc526ae5e865de9b4e61b9075b0b
GET /utag/mtbank/main/prod/utag.47.js?utv=ut4.51.202106282113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _WiZ8H3xjRwaJ0aIi23JsMDWqZ3fi_K7
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"b73a711ac493f9b5876470d80db7b924"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FUWF5TXEfVZ-kuMZevdm4fssMoNMk-_QatKNBz1mwweiMvOiSqONTQ==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379547069&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&U=9a095ddbebdc3df502e064987da1f0e4&z=1&Q=2&S=0&N=0
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379547069&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&U=9a095ddbebdc3df502e064987da1f0e4&z=1&Q=2&S=0&N=0
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379547069&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&U=9a095ddbebdc3df502e064987da1f0e4&z=1&Q=2&S=0&N=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 616
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:05 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
200 OK 68 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 67671
accept-ranges: bytes
content-disposition: inline
last-modified: Thu, 30 Jan 2020 22:52:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Sun, 19 Nov 2023 07:39:00 GMT
cache-control: max-age=86400, public, no-cache="set-cookie"
etag: "10857-59d634f851c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IfAFYzaWXOlbSCRaG3qj72CqmijEsowr3noBnIgs8Xc_pbnGZ6nAtQ==
age: 206
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.210.js?utv=ut4.51.202308231951
200 OK 4.7 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.210.js?utv=ut4.51.202308231951
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4953), with no line terminators
Hash 233c4e53246b29b19005f3207f5b2bca
90fa3a1108eb881985eecaf9f614e17f66efebe2
fcd881080f534c9bf1e7db9804d916b29b7dcf80603f57c2ae7ffcfeaf76cc5e
GET /utag/mtbank/main/prod/utag.210.js?utv=ut4.51.202308231951 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:45 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: VImDRX.P39UMgeHdx6ognuc_OknWoUZ2
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"fc8dd498b52d8d3cf99c905c4c449ab5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FUTp9W3_EImlaQyUf9hbDZwY3KRO0IxVs15Ix-1jK3607t6nyHbCdA==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
200 OK 80 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (6007)
Hash 2f0066863c3bd710b7c377fa0120740b
ed5fc0b95ec4b3372eea3584cfb7da276135580a
cfb01d57a614c957786e548c6e0f0e45ad764e5f7527b2be97d9653bc13530a3
GET /utag/mtbank/main/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:49 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: PZuUK.nGSoyLZnNSGfnhLHybf5SsM.04
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:38:58 GMT
etag: W/"2f0066863c3bd710b7c377fa0120740b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 22GqPiqMjA0UGgEidZHSfXbynnZB7LGTNMDpv2mlSZGbAxkTy3pHtA==
age: 234
cache-control: max-age=300
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.40.js?utv=ut4.51.202309082106
200 OK 23 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.40.js?utv=ut4.51.202309082106
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (2654)
Hash abdad7929e53cd427b404739bb6c008a
f24c50678845cf9dd2deb490b4ff60dc0091a436
ebeae3232d874a98ff3fd8a80a2f2daa1fef4753f6ad12ff6c38340f5defc195
GET /utag/mtbank/main/prod/utag.40.js?utv=ut4.51.202309082106 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:42 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _6F8FUKDRtIryAvM8HqwXjyMb9Ii.wRb
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"abdad7929e53cd427b404739bb6c008a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L8sWrE4UrhzWzpl7PweeKzPU4uCEDCT3j2b_N-MVE_KnVqfVdfd1jQ==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.214.js?utv=ut4.51.202311032118
200 OK 19 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.214.js?utv=ut4.51.202311032118
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3546)
Hash 44f250918a311d630ea570f556d2ad93
a8d849a101842f8a8a193a6c773cee716627dfb6
51d55bf1a4edbb8a3c1b4ac53501414c4f13b75b17390b997df4158c705a2bc3
GET /utag/mtbank/main/prod/utag.214.js?utv=ut4.51.202311032118 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:41 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: HAzDvZm40wLeQCnYirC8bSPhhHx5v75P
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"44f250918a311d630ea570f556d2ad93"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uQ4DqeGbmNHnRXQzUAq23qoi1X151P5NSnboaTB2Ku9H4mbSE32-ZQ==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.70.js?utv=ut4.51.202302282213
200 OK 6.0 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.70.js?utv=ut4.51.202302282213
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (6214), with no line terminators
Hash d3dc955c2f3e37d4acfa9c538ef8677a
9b44f042fc069a87a2e74b05d077f7c6979fc040
d4584ae50e5702c22d8118cb917574689ab6cad39f5ff8d28260fc8fe34948a5
GET /utag/mtbank/main/prod/utag.70.js?utv=ut4.51.202302282213 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: eMPj3gHdAkavqOj4BpyYxorQneegUOSr
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"f929de1f2a09babd711094e1f9c5796a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Sg_5AXUNTcHG3R-s-C-YE89Sm0iPdzx5h-1We-C3zlYeaUR0SvRjIQ==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/vendor.js
200 OK 242 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/vendor.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
Size 242 kB (242353 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etc.clientlibs/axp-common/clientlibs/vendor.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 20:28:18 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Sun, 19 Nov 2023 07:38:58 GMT
cache-control: max-age=3600, public, no-cache="set-cookie"
etag: "3b2b1-5f7e7954e5c80-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CRf-S3Wm8UPw2hYIwlYAmGyMxB76BRRdD5SeBxr2ebifPXPMGidITA==
age: 2982
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.42.js?utv=ut4.51.202106282113
200 OK 4.0 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.42.js?utv=ut4.51.202106282113
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4158), with no line terminators
Hash 02c15fd08cefcb82a3f8890f08a0726b
8697e18a000b237c32db530b3d45790362b8f7a3
98748010fab38114c7f61227b556ab2004afcdfed9226569992654bca791ad63
GET /utag/mtbank/main/prod/utag.42.js?utv=ut4.51.202106282113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:35 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: WiraxjljFhTG49GlHjiqidFB6Ot7qVYl
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:01 GMT
etag: W/"5f85233eee038f754ba6a18b664cc7a4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 32Z9F41Y-j7safRmrFV9oEYArHPrnZrdKdSSYyIMlhZvspkHd_BvYQ==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
200 OK 51 kB URL GET HTTP/2 www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash bb4143aae2f3517aa4712a9337be8fe3
4f6da3557d792200e5e8eab711ba6d3f2e5e1eec
e480bce53335a5518f40162dae6dd605fb305958ebc6b71ab319d3ea4f0e57aa
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://www3.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 67671
accept-ranges: bytes
cache-control: max-age=86400, public, no-cache="set-cookie"
content-disposition: inline
date: Sun, 19 Nov 2023 07:35:34 GMT
etag: "10857-5b1bce27771c0"
last-modified: Thu, 15 Oct 2020 22:08:15 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EokLF8wjt1687ujN7WJZ2tGU7W4Pj_MC6TitHr4Olf4eko44v-2pFA==
age: 206
X-Firefox-Spdy: h2
myonlineaccess.pages.dev/
200 OK 68 kB URL User Request GET HTTP/2 myonlineaccess.pages.dev/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmyonlineaccess.pages.dev
Fingerprint96:ED:2B:C7:A0:CB:6E:29:CC:BC:40:63:3E:7F:3A:A4:00:B9:05:34
ValiditySat, 18 Nov 2023 13:46:31 GMT - Fri, 16 Feb 2024 13:46:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing M & T Bank Coporation
GET / HTTP/1.1
Host: myonlineaccess.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:38:58 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"975bee3149ad0e870b808f4d2439b148"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20Dxu7ApDgMFjPPee7nLI8aqaDnFB0EP7kSF5s%2BizDkg7lsQ6hNsFPPU4Lh6aNodNftUpm6lRfqGsz1JDwM2tRPQFfXlG9zjZp0wZm3FvtbGxnOER4vp%2FdjsAaHvWzNhKnrX4Kl2unS%2Bh3g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8286cbf16e14b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js
200 OK 790 kB URL GET HTTP/2 www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerEntrust, Inc.
Subjectwww.mtb.com
Fingerprint9B:CE:E1:9E:DF:CF:A7:70:66:BD:9C:1E:66:77:D5:32:4A:52:0E:E8
ValidityFri, 26 May 2023 12:21:19 GMT - Sun, 02 Jun 2024 12:21:19 GMT
Size 790 kB (790165 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /content/dam/mtb-web/scripts/cdsession.js HTTP/1.1
Host: www3.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 18:39:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Sun, 19 Nov 2023 07:38:58 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "c0e95-5f28e24b9fdc0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wm2RZLPHqLIrSyRntXPUws4CGl-0UWu71EkrBd3ZIZ5IupiLsVVB1Q==
age: 2852
X-Firefox-Spdy: h2
up.pixel.ad/assets/up.js
200 OK 3.3 kB IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerDigiCert, Inc.
Subject*.pixel.ad
Fingerprint90:49:0B:53:0F:49:12:53:9F:86:B5:F7:18:5B:E6:4B:FC:E3:D5:1F
ValidityTue, 24 Jan 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (3397), with no line terminators
Hash abf8041ca87e63118a314d3eb6e88286
42bcdc9c4268292c40b9b792401c9143994cd9ac
6920f2ce84f1df07a49b5d2efde8a58ed447ac98160c05c726ac948aae34d08c
GET /assets/up.js HTTP/1.1
Host: up.pixel.ad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: accept-encoding
content-encoding: gzip
content-type: application/javascript
server: AC1.1
x-llid: dc34ae644fc1500c10d257775ea70ee8
age: 514219
date: Sun, 19 Nov 2023 07:39:01 GMT
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
content-length: 1550
X-Firefox-Spdy: h2
mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379546934&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&Q=1&Y=1&X=0340eaccf2ee46d047c473279af94572
200 OK 0 B URL POST HTTP/2 mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379546934&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&Q=1&Y=1&X=0340eaccf2ee46d047c473279af94572
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerSectigo Limited
Subject*.quantummetric.com
FingerprintF2:CB:F4:32:62:E1:1E:CE:70:02:62:1F:71:26:7A:5D:6B:7C:7B:C0
ValidityWed, 18 Jan 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?T=B&u=https%3A%2F%2Fmyonlineaccess.pages.dev%2F&t=1700379545672&v=1700379546934&H=a335cb76fefb4ffcbe2536fa&s=499e01838bceea24ab0fcbe8c7634017&z=1&Q=1&Y=1&X=0340eaccf2ee46d047c473279af94572 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12562
Origin: https://myonlineaccess.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://myonlineaccess.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 19 Nov 2023 07:39:05 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://myonlineaccess.pages.dev
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
x-robots-tag: noindex
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/main/prod/utag.199.js?utv=ut4.51.202209122156
200 OK 1.8 kB URL GET HTTP/2 tags.tiqcdn.com/utag/mtbank/main/prod/utag.199.js?utv=ut4.51.202209122156
IP
Requested by https://myonlineaccess.pages.dev/
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1861), with no line terminators
Hash ca258e25c943bcef3dfd41645822d4ad
e54e2ac4f7a57bbef6ff9edb7e407fef59ce77d2
5fd992c797f3409de143f4e684faf01e21bfb70f3320bfcc5ea273e1de39f802
GET /utag/mtbank/main/prod/utag.199.js?utv=ut4.51.202209122156 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlineaccess.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 16:05:38 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 39ee5QVEo8WXmjVJ8sKmTOfp_xfmNwjF
server: AmazonS3
content-encoding: br
date: Sun, 19 Nov 2023 07:39:02 GMT
etag: W/"ccd5e6b310aaffc4c01db119fd655d49"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YRXERnWAsIG7AHPqCKpCpR5j8bJHHnzzEBENYSZnbCusHCt7RyVlFQ==
cache-control: max-age=1296000
X-Firefox-Spdy: h2
172.66.44.175
104.17.25.14
184.24.45.171
87.248.119.252