firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 23:53:57 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3Ky2y0Y1He5nbMabY4QnvoTdwwOX6R5m06_bHWzswdpeU4SD4GlS1g==
Age: 2233
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4213
Expires: Tue, 27 Sep 2022 01:41:23 GMT
Date: Tue, 27 Sep 2022 00:31:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yvNfmVM1lTqlDaE8YqZ__NzT5FWyiRZEJkfMAZ1tchZ2EbIiys808Q==
age: 71755
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:31:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 00:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 00:54:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wgeJrf_zK4dO4WmiXgHzvxGavTXtA7ftXh5Il8Mzl0CQN0IdvfyLpA==
Age: 1224
business4alltech.com/wp-content/uploads/2022/08/mtbank/auth.php
207.244.251.248200 OK 20 kB URL HTTP/1.1 business4alltech.com/wp-content/uploads/2022/08/mtbank/auth.php
IP 207.244.251.248:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (9275), with CRLF line terminators
Hash 2722abe83b9b5832bd6cb72f210dc827
82e634b26c947f15f08cc9ceb8b6200264279287
a1bf8a17311684839a29b36d7386bbeec1119e2f83662f7eb79906bf31af6434
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/mtbank/auth.php HTTP/1.1
Host: business4alltech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:31:10 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 898693cdbb61ff3b4e934d4001c57b31
2d35b0b8e9527e0c2413816a8632ba4627d18c8e
233cdc4fb0a0cc3672301a6c6db4ece86785b4bc3e8db1ef48c87868e64a5727
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1196
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:11 GMT
Last-Modified: Tue, 27 Sep 2022 00:11:15 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=AW-990489911
142.250.74.72200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-990489911
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash a00488de53e78d6e118c871fc1477a9f
160081553ebedaa3e36966a2cf707beb3c9bfad6
6fd919442f0b83782a3c4819bc4a70dde8bb80f2b46ada5f3a22d42bf6eb5602
GET /gtag/js?id=AW-990489911 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 00:31:11 GMT
expires: Tue, 27 Sep 2022 00:31:11 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.9.js?utv=ut4.48.202207190010
23.38.200.249200 OK 2.3 kB URL HTTP/2 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.9.js?utv=ut4.48.202207190010
IP 23.38.200.249:0
File type ASCII text, with very long lines (1687)
Hash 1fcbc217d808f4d5768b28decfa82f67
41f333d97d207cc4838f938d4f0ddb848fbbc6c3
528892a53f29312c126ce5fbebe2a637bf0b1ad8061e922497b70954716ba934
GET /utag/mtbank/olb-legacy/prod/utag.9.js?utv=ut4.48.202207190010 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "810e03934b3c10d7c8dec1a74ad420aa:1662399491.418422"
last-modified: Mon, 05 Sep 2022 17:38:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 12 Oct 2022 00:31:11 GMT
date: Tue, 27 Sep 2022 00:31:11 GMT
content-length: 2309
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113
23.38.200.249200 OK 3.5 kB URL HTTP/2 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113
IP 23.38.200.249:0
File type ASCII text, with very long lines (1579)
Hash f51f6472c0b3773d744257799dc5a808
5da9efcd4dcb1e9a2cdae9d56dbd04a60dfdfb66
d9487b13d7808c0b581a79cb6f953b7f4b0ac128cdf545d5a2074575f22d3930
GET /utag/mtbank/olb-legacy/prod/utag.8.js?utv=ut4.48.202111012113 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "55e2dafd4e2f01e1da100818637f6e46:1635801208.490581"
last-modified: Mon, 01 Nov 2021 21:13:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 12 Oct 2022 00:31:11 GMT
date: Tue, 27 Sep 2022 00:31:11 GMT
content-length: 3522
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.1.js?utv=ut4.48.202103120408
23.38.200.249200 OK 22 kB URL HTTP/2 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.1.js?utv=ut4.48.202103120408
IP 23.38.200.249:0
File type ASCII text, with very long lines (11428)
Hash 7c434a02f5c8030b8db5fcf731ed7888
48823e97d85fb8649287e2d924eb81964f1b23a6
ccd002ef76b2127737081d3414c80b245f8c8f9a1792ad53900bc522c9dd0b11
GET /utag/mtbank/olb-legacy/prod/utag.1.js?utv=ut4.48.202103120408 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "65f0adaaf89b2c30ed0eef3dbd1e8105:1662399491.158223"
last-modified: Mon, 05 Sep 2022 17:38:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 12 Oct 2022 00:31:11 GMT
date: Tue, 27 Sep 2022 00:31:11 GMT
content-length: 22296
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3223
Expires: Tue, 27 Sep 2022 01:24:54 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3223
Expires: Tue, 27 Sep 2022 01:24:54 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3324
Expires: Tue, 27 Sep 2022 01:26:35 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3265
Expires: Tue, 27 Sep 2022 01:25:36 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 98a711494b388326e74f75f498c6c689
74be2cb7c25680d1badc9859c528e80b76106b8e
4b9e0428e9881f0638540ab282df7e9138567f9708c8e53c218f857f2fe5b855
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4B9E0428E9881F0638540AB282DF7E9138567F9708C8E53C218F857F2FE5B855"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3262
Expires: Tue, 27 Sep 2022 01:25:33 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.246.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.246.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YNOcRs9jD4VW3yq09wwqog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: c1fghJNecqv26K69n2z2LnihYI4=
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 4ef0cd4da22ffd7f25414aff75a13fde
a0f02ce54c8ec489b71d63374dd9ab8e60467298
78d7bece33e824f84b460606b2cb07091edf49d620b78908d1e053426c91b0ef
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "78D7BECE33E824F84B460606B2CB07091EDF49D620B78908D1E053426C91B0EF"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3556
Expires: Tue, 27 Sep 2022 01:30:27 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js
23.38.200.249200 OK 33 kB URL HTTP/2 tags.tiqcdn.com/utag/mtbank/olb-legacy/prod/utag.js
IP 23.38.200.249:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (11428)
Hash 00ea03b7bd72d30aea8ef9f81725f038
6b7c029ae2e16cc7e92d5f1366a90b942d661cd4
77c885c08aebc8d8080b12f97ea5fa719ef4c57e8ff723fe6fa5582dfa2c5868
GET /utag/mtbank/olb-legacy/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "4e9cf25064003bbb26b1409333c6cc7b:1663204422.838639"
last-modified: Thu, 15 Sep 2022 01:13:43 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Tue, 27 Sep 2022 00:36:11 GMT
date: Tue, 27 Sep 2022 00:31:11 GMT
content-length: 32838
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ccb7f939720852d686b9d7e040ce3426
ded40f77c9aa8f09eeafea8630e583f052f98492
d0311f76d518fcaf028acbfdbad3f82efb99c30a975c3d5cf7ac31616bfc1be7
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "D0311F76D518FCAF028ACBFDBAD3F82EFB99C30A975C3D5CF7AC31616BFC1BE7"
Last-Modified: Mon, 26 Sep 2022 19:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3577
Expires: Tue, 27 Sep 2022 01:30:48 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 4ef0cd4da22ffd7f25414aff75a13fde
a0f02ce54c8ec489b71d63374dd9ab8e60467298
78d7bece33e824f84b460606b2cb07091edf49d620b78908d1e053426c91b0ef
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "78D7BECE33E824F84B460606B2CB07091EDF49D620B78908D1E053426C91B0EF"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Tue, 27 Sep 2022 01:31:11 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ccb7f939720852d686b9d7e040ce3426
ded40f77c9aa8f09eeafea8630e583f052f98492
d0311f76d518fcaf028acbfdbad3f82efb99c30a975c3d5cf7ac31616bfc1be7
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "D0311F76D518FCAF028ACBFDBAD3F82EFB99C30A975C3D5CF7AC31616BFC1BE7"
Last-Modified: Mon, 26 Sep 2022 19:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3573
Expires: Tue, 27 Sep 2022 01:30:44 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ccb7f939720852d686b9d7e040ce3426
ded40f77c9aa8f09eeafea8630e583f052f98492
d0311f76d518fcaf028acbfdbad3f82efb99c30a975c3d5cf7ac31616bfc1be7
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "D0311F76D518FCAF028ACBFDBAD3F82EFB99C30A975C3D5CF7AC31616BFC1BE7"
Last-Modified: Mon, 26 Sep 2022 19:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3576
Expires: Tue, 27 Sep 2022 01:30:47 GMT
Date: Tue, 27 Sep 2022 00:31:11 GMT
Connection: keep-alive
onlinebanking.mtb.com/Assets/js/tealium_prod.js
24.75.29.69200 OK 353 B URL HTTP/1.1 onlinebanking.mtb.com/Assets/js/tealium_prod.js
IP 24.75.29.69:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 101ca6821b5179cc585c3e69a33e9380
793e93a26361db3ba129bc9425d1553d9e3432b6
529eb9139f78fc51456067418c9b48bedcc2225fa99cf8602fa529a4097eb5b7
GET /Assets/js/tealium_prod.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 01:37:36 GMT
Accept-Ranges: bytes
ETag: "03013ba5acdd81:0"
Vary: Accept-Encoding
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-18
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1939493248"
Date: Tue, 27 Sep 2022 00:31:11 GMT
Content-Length: 353
Set-Cookie: dtCookie=v_4_srv_9_sn_A1D15C83391501F1A76066E609BDE9F8_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f7a45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a92646782523159da6dfa5a4107e612e33e5271ba6be4a4b6d06e919081709ea7703b63506c02da6a75f7f18d3345e7d6b7e; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed1477fd83f4df250c92394ef4baa4499ce675601d30ed9e207b27f6b157a117dee7d5d574b58cd7a3263c7127838a83dc0d5; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab2000f85beb470e5bd669b589f1e10abcb080033291708ec55dd9c474381e415d171e080693376f1130009144f990bdda67670927a2d0eea6987e918ce7387505b7922c0c0c264ce00117e2433ede4d9289cb4bb42a26bbfa7d89; Path=/
resources.mtb.com/r/simple-layout-responsive/css.mtb?v=03142022100000
192.216.61.78200 OK 35 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/css.mtb?v=03142022100000
IP 192.216.61.78:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 612ef637c25041c445e4fdf710694d70
c4037320ef3bf75754dbba6ffbb712cc8ea947cd
d3f9b1bf0a23fba1044ec913042d5068e3445fe37aa9dc4ad2dff2b9fbcfbeef
GET /r/simple-layout-responsive/css.mtb?v=03142022100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Expires: Wed, 27 Sep 2023 00:31:11 GMT
Last-Modified: Tue, 27 Sep 2022 00:31:10 GMT
ETag: "1664238671:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1105584442"
Date: Tue, 27 Sep 2022 00:31:11 GMT
ntCoent-Length: 258715
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_9_sn_613CBE6CD36FB24A120E8EBE11F0002F_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd4892df5b944002a82a4c5cb68336e2626142588acd4018b5d35424d37041848b62da27ff55d1c8c5d76d4f6afac43c9a; Path=/
TS0128739d=019f8203fd0f53baa467d8d291828dcaa4294581916142588acd4018b5d35424d37041848be8dc68b8622a2f906924f13a337e3aea6c3c34245042683d57a99ca87fd8c0e2; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab20008d9a41a6dc7c0d868018869014f9493a6840e7390a13446f32920736160c4eca08ff9361d31130004d76e4cbc5c9f43ebbcd9d1e054e7ebe77c80cc6e61f629ae0c26e1aa8852e1acd81dd8fc1abfd4bc62365a5c0ca51c3; Path=/
Transfer-Encoding: chunked
onlinebanking.mtb.com/Assets/scripts/Login/Index.js
24.75.29.69200 OK 2.0 kB URL HTTP/1.1 onlinebanking.mtb.com/Assets/scripts/Login/Index.js
IP 24.75.29.69:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash cca50529c6bd8ea1b8e0a88c7461e03d
3eba19d87fa8954e1b129656fd96690db25b3eea
f4369c531116b5d7ab77159d3c25540ed8336e66a3e5b6ff5e9b545dfd5d813b
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 01:37:36 GMT
Accept-Ranges: bytes
ETag: "03013ba5acdd81:0"
Vary: Accept-Encoding
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-18
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1174083039"
Date: Tue, 27 Sep 2022 00:31:11 GMT
Content-Length: 2008
Set-Cookie: dtCookie=v_4_srv_2_sn_BA4E89E025D4C50232098478F91D2D7B_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f7a45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a9267f861143d186a9186c35710726f9e39a589fa3cbc84fc1d13cac454f98bd925a15fefeb0e9e983deb3666df2a590ab04; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147d93227363b1d6b63d3340867c47d7f9dd33cd0679174a0905a395971ac492ff3f3e8e07d3f732b35698e47d1ed92f8c9; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab20007a150cd08ad146dd0ff398ad7a6ab9a379b9dbd2b0b9e5da44b388add453802c08d5c4fcc9113000a6e5c245d457c7580927a2d0eea6987ef79a5b74cfb83aefa886ca8e44a4c2ddfdb8ccb658b87a2d81daa3d615c5bc00; Path=/
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 898693cdbb61ff3b4e934d4001c57b31
2d35b0b8e9527e0c2413816a8632ba4627d18c8e
233cdc4fb0a0cc3672301a6c6db4ece86785b4bc3e8db1ef48c87868e64a5727
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1196
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:11 GMT
Last-Modified: Tue, 27 Sep 2022 00:11:15 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
onlinebanking.mtb.com/Assets/scripts/kessel-help.js
24.75.29.69200 OK 264 B URL HTTP/1.1 onlinebanking.mtb.com/Assets/scripts/kessel-help.js
IP 24.75.29.69:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3c2bde0d87b8030ce922fa69a25639c7
db153aef185e08cbdcaed9197ed62acd474025d6
91f27df0bf447053fd1bf738a96385714404b7c621c9d862d08f126841f13309
GET /Assets/scripts/kessel-help.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 01:37:36 GMT
Accept-Ranges: bytes
ETag: "03013ba5acdd81:0"
Vary: Accept-Encoding
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-18
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1995711954"
Date: Tue, 27 Sep 2022 00:31:11 GMT
Content-Length: 264
Set-Cookie: dtCookie=v_4_srv_9_sn_4BD7986943A2940444028BC87EA758D6_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f7a45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a92626c8068f2487784aaf0f19b13047bd40e2ffc8e602e228306bdaa6f6e5be2d40a8bcf378693971ed5a9b9c42d44f6f46; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147e86fd0c85186e55be32609aa3a570f1e90d1541dd8778271a005c2f4d88f9e8560e42ebda3cf3de16efd13d07dc42706; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab200084c34c474a4d93f29cf6b45e8f8d55dd11a68e097bd09c3c45f0eb40f4881cba0870a44942113000a26c27c27ce699c82ecd598665abc0efa75da9791f86837627d83d60c3b6d97a3c92477d39b1924cc85170e1cf26f0c8; Path=/
onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js
24.75.29.69200 OK 86 kB URL HTTP/1.1 onlinebanking.mtb.com/ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js
IP 24.75.29.69:0
File type ASCII text, with very long lines (1629)
Hash dfbc58d3a725843d905bb466313afcbf
8642551dc5750aa4e82c2595c2e4d8e28c5658df
7297767ec8d243f3678be6106de01b1facc09b7af1f11178d1de6e8ffce06612
GET /ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=3600
Content-Length: 86087
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Tue, 27 Sep 2022 01:31:11 GMT
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-18
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Date: Tue, 27 Sep 2022 00:31:11 GMT
Set-Cookie: mtbcookie=ffffffffc3a03f7a45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a926600e354330efd1c54589f5fb30c5fa1a644a7865d307d38c71849b1ca21839cbcb0e38ad0c85273a7c52c8ecd4e9fbc2; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147ebaf89f9123266c28d7c08f02d274f0253474e76f95b5c0f65760df00b9d98c90f0c26b1be21467b5044d94ae12e5226; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab2000631793f32ec90b3c16545291916360aed8ee8576c4dc27d82a1aacf72711e0120863f2f58e1130005bd69ad11c5808170927a2d0eea6987e0008b44c51af72e74a28d895ca5a9a30f5d75962fc162dcb68516f53729f6e77; Path=/
resources.mtb.com/r/simple-layout-responsive/js.mtb?v=03142022100000
192.216.61.78200 OK 104 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/js.mtb?v=03142022100000
IP 192.216.61.78:0
File type ASCII text, with CRLF line terminators
Size 104 kB (103531 bytes)
Hash 709ebc99ab68894c16d41797eb08e778
76a47991fe6d37cfff3521535bf366798a97e292
3ac3d1438229e5d19ab15b5a7552eb05497af3ea08ecc93fb3c5d084d73e60b9
GET /r/simple-layout-responsive/js.mtb?v=03142022100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Expires: Wed, 27 Sep 2023 00:31:11 GMT
Last-Modified: Tue, 27 Sep 2022 00:31:10 GMT
ETag: "1664238671:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-956491304"
Date: Tue, 27 Sep 2022 00:31:11 GMT
ntCoent-Length: 322405
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_2_sn_27245126B49ADAE44CED34DDED7A39E8_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd17506fbf8b1217b2d3b6baf565798f33968b43d2a5d226553454f5787be6c3ccf8d8ca1681ed3100344182d0188cbb9f; Path=/
TS0128739d=019f8203fd6adb058fbb633a051110457e27c9a422968b43d2a5d226553454f5787be6c3cc0604b30c218dd55b6ccf8730da46d1e72b06ef7cb04857395c9b3296a0435810; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000fc8b04cf7bdf953b4974b3ca1031869730773d893f868b00a46cee6c489b95590836af8a39113000faebbbb628b6b3cdbbcd9d1e054e7ebe4646410959fbdf70f3435fe2adf5d43e16b4894ebb6e3685f8f4dc545ed2ba18; Path=/
Transfer-Encoding: chunked
onlinebanking.mtb.com/Assets/js/kessel-client-prod.js
24.75.29.69200 OK 118 kB URL HTTP/1.1 onlinebanking.mtb.com/Assets/js/kessel-client-prod.js
IP 24.75.29.69:0
File type ASCII text, with very long lines (63933), with CRLF line terminators
Size 118 kB (118395 bytes)
Hash 5dcfbd47308d65804db355c0b142c275
8fe82f87d9ee268d0b6deed83066451a1ef10d46
d262cc105c8dba27b9c9b94a8f0feae014236ea91e20e1011d4a538ffeb869cf
GET /Assets/js/kessel-client-prod.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=1800
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 01:37:36 GMT
Accept-Ranges: bytes
ETag: "03013ba5acdd81:0"
Vary: Accept-Encoding
P3P: CP='CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT'
X-SVR: B-WEB-18
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-329297550"
Date: Tue, 27 Sep 2022 00:31:11 GMT
Content-Length: 118395
Set-Cookie: dtCookie=v_4_srv_4_sn_B34ECC85573963E1194D15FD8F5A39E7_perc_100000_ol_0_mul_1_app-3A893c324bd7e5ac65_0_rcs-3Acss_0; Path=/; Domain=.mtb.com
mtbcookie=ffffffffc3a03f7a45525d5f4f58455e445a4a42378b;Version=1;Max-Age=1200;path=/;secure;httponly
TS01e71088=01fb46a926b961e305cad243fd7451118f9fb668bd015e8a53eb1689195a9683abd9d5a55383a51b27337cfcb58f5037453edfd372; Path=/; Domain=.onlinebanking.mtb.com
TS01e71088028=01fe6ed147192955e69e2a9e5cbee5037d7373cd4ab972689aa612965105639ad9d23dd3eaee9c5d5c5caa125dd83b5d165bda5c93; Path=/; Domain=.onlinebanking.mtb.com
TSba0bc889027=0856addebbab20000b6be4bf43ce70fe0129cc711f4ce62001c1274cb652ed81431e8d20b23eefd10838c7da67113000d62e6ec4781584780927a2d0eea6987e9236b26da4e0fff1729ee48cd99bcf5bce2fdd8eb3d47effef2e866005e8d78a; Path=/
onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
24.75.29.69200 OK 172 kB URL HTTP/1.1 onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
IP 24.75.29.69:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 172 kB (171871 bytes)
Hash bb4e8be25b5193dac25c03212adc919d
010d8aa02069862c8370fdbd47a89f7972be6a46
cf6c58c865b81422ff5e6ee87cb5d6b5e6fa5ab82a77a9453bdbf9b24397a5f2
GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: onlinebanking.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:31:11 GMT
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
X-Ion-Hop: 1
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Set-Cookie: e9LegkvD=A2XXWnyDAQAAR8rv9WAGCLBMrmskKOjwOeqrjaIFP-6eoxBkL9dQEIkaIciQAVtaKpqcuC2nwH8AADQwAAAAAA|1|0|cfb494a86955e83731a8f9d7555097a966dbcbf1; Path=/; Max-Age=1577847600; Domain=mtb.com
TS01e71088=01fb46a92642e7b9032179a72a7eb45bb6e03f7a54a03d96d0a5c535cd9717c4f4af882913376e00a6f09e5ad0e9a626d25e315d68; Path=/; Domain=.onlinebanking.mtb.com
TS01ea4191=01fb46a92642e7b9032179a72a7eb45bb6e03f7a54a03d96d0a5c535cd9717c4f4af882913376e00a6f09e5ad0e9a626d25e315d68; path=/; domain=mtb.com
TSba0bc889027=0856addebbab2000e11b03a84cc97ce9135bb542ec45acf7b6d40e913974a7b79b0a002a05b0f3da08dd84d2f0113000b58dd46eda973e6f0927a2d0eea6987e96e8921f55d1c7feb551271ab4ec05c5146c50d113beef5ec480122e00f1e0de; Path=/
Transfer-Encoding: chunked
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6675
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:31:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6675
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:31:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6675
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:31:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6675
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:31:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6675
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:31:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 9714
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 9552
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1af609199093985d73fd1d256482c12
a54f3f4af645c1c93299360bc7dcf06bbae8de81
047e15a2d3ea5b7d1f3d22cdac2ac0446c6267c99deb0b12576366088d29d5b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8657
x-amzn-requestid: 172be66b-6140-4ff6-a061-22d177e75c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YtlXZGujoAMF2vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63288295-6f74795f2b26d54409b2f388;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 14:54:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RCHPkVe_BYTR3-jGiJZ6reK2ZNYa6rvqsK0_QZr0cTiR70JMRPSMuw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:02:04 GMT
age: 8948
etag: "a54f3f4af645c1c93299360bc7dcf06bbae8de81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e88b78ede0e4583585d6bb805fb39470
edff303440c5972381295b4b2602bd3f77f6702a
ce55a1ff5c71ec43884b74a08cd32ef75cb0632a91f3fe8b150f5ead499375a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6487
x-amzn-requestid: cd11b94b-24be-4e6d-bce3-a480b2c1cc23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDWDQEYAIAMFetw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633136e1-5fcb76b5408fdfa20ec55dd8;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 05:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GcEH02ZlJM-8wUvNf7K7rK7f1cs6_m4i9UYUNxXUGzcDTEz74JH3cA==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:59:28 GMT
age: 9104
etag: "edff303440c5972381295b4b2602bd3f77f6702a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c9691e104001fe54d3c6273b7b8596
481ec2135ca0a96484c36cced30776c871aedf8f
f9e5e087d8b6e9b357c9f93b00c5919d89d90ac9b48d2dcd1ac72bf775a5cf49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5383
x-amzn-requestid: 9c49e638-4bc7-4283-b0fc-f488fd92bd2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7zT3HZ4oAMFVew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e327e-669996c326605d130e3099ac;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 22:26:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6O0O2Z791hRcK9j718v8_m4EGIJ62RFJqzG4AgvbD1-yqC6pJylRWg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 23:27:03 GMT
age: 3849
etag: "481ec2135ca0a96484c36cced30776c871aedf8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2267eb0a20554688393db616344441ee
49546314082f2e4f4c4c2686cc0ca281ae6bae47
4e37955fb99beb25ceb9deb7c4398914af4192c2e3614e5d68cdafa8c85b256e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7146
x-amzn-requestid: 100deff4-ea7e-47d4-a46d-6d9d0d1d6aad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASE1HiPIAMFZqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffd51-0b5dec0d7bb5fdf754e9c816;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:03:45 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IZeWsnZ6p1erJ-H07l2EzQ97Duu0qYrb5USVnoyj348rIEMJA9MnBg==
via: 1.1 7256fedee68a59a508800e0dda035348.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 07:11:44 GMT
age: 62368
etag: "49546314082f2e4f4c4c2686cc0ca281ae6bae47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
resources.mtb.com/Assets/img/mtb-entrust.svg
192.216.61.78200 OK 1.3 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-entrust.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators
Hash 9a569ad20708d7453d89fe6c72e7fcdc
60b6a41620583484642f7c826faf8e3c879a6374
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 21 Sep 2022 01:07:38 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-451614361"
Date: Tue, 27 Sep 2022 00:31:13 GMT
Content-Length: 1349
Set-Cookie: TSf60233d5027=08affc4e07ab20009157aa5f16cd1f277775f0c0b06b271725aa46772163c7f49d03db35767c1264083dca43c41130000d75d041fcad68e375efa5070a2e6d2cc1768cd980b7b23353bea823a70a27f77d3e67d3685e35b7e9cea2139dc8deb3; Path=/
resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
192.216.61.78200 OK 230 B URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 916635d10512ae6a1840614a895dcd38
db175de4c42281bb4d239c57d1b95b8e75c529ec
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 21 Sep 2022 01:07:38 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="714102538"
Date: Tue, 27 Sep 2022 00:31:13 GMT
Content-Length: 230
Set-Cookie: TSf60233d5027=08affc4e07ab200068f0f029a836a4391cda09ec67809d66ac3001b2a53503087f41ea044929ec450803a7cfd11130006d22d6c31aa00d9e75efa5070a2e6d2cb6138544b37e01217941a68bff137d1f70b22a4d7cb18acbdc7eaa75457065f5; Path=/
resources.mtb.com/Assets/img/mtb-logo.svg
192.216.61.78200 OK 2.0 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-logo.svg
IP 192.216.61.78:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators
Hash f2b901cf895852a0866fe4a16c7f1730
c4240af1ec798477b4e65a185ddbb1b038817da4
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 21 Sep 2022 01:07:38 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1121638418"
Date: Tue, 27 Sep 2022 00:31:13 GMT
Content-Length: 2039
Set-Cookie: TSf60233d5027=08affc4e07ab2000875e1f3d5df825ba51ad89337d3873b19bf8b8814a7ac6042f0a584aba126e51084ff659a111300099f32b301865152375efa5070a2e6d2c90f23671034f71885b5ce3d29a39955c9360454fd5f44fe454da5a906695d539; Path=/
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash d0b509c9adb0dc8aa9bf0ab1980f624d
4a20f57d5c76fbaf00052258421c56d353bf23d1
a57c02ff6838525846993137c7fc52c335392b8ed59f1180a2dff972c81f0824
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 27 Sep 2022 00:31:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 26 Sep 2022 23:36:42 GMT
Expires: Tue, 27 Sep 2022 23:36:42 GMT
ETag: "4a20f57d5c76fbaf00052258421c56d353bf23d1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209150113&cb=1664238672923
23.38.200.249200 OK 2 B URL HTTP/1.1 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209150113&cb=1664238672923
IP 23.38.200.249:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=mtbank/olb-legacy/202209150113&cb=1664238672923 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://business4alltech.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
Last-Modified: Thu, 14 Apr 2016 16:57:51 GMT
Server: AkamaiNetStorage
Content-Length: 2
Cache-Control: max-age=600
Expires: Tue, 27 Sep 2022 00:41:14 GMT
Date: Tue, 27 Sep 2022 00:31:14 GMT
Connection: keep-alive
ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A2XXWnyDAQAAZoe7874gZcCiLyim02WuRWrPk3mVX80_81QkWtdQEIkaIciQAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775
107.162.179.174200 OK 921 B URL HTTP/1.0 ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A2XXWnyDAQAAZoe7874gZcCiLyim02WuRWrPk3mVX80_81QkWtdQEIkaIciQAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775
IP 107.162.179.174:0
File type ASCII text, with very long lines (921), with no line terminators
Hash d2ba8833ef47ac879413690afe52c329
93d1fa7c25a387c914287be2715a9a7b4c0830cd
283bacd3fa5780e29fa5ae4cf19d2d99e1e5a11fe0612677f29118029c1ab328
GET /1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A2XXWnyDAQAAZoe7874gZcCiLyim02WuRWrPk3mVX80_81QkWtdQEIkaIciQAVtaKpqcuC2nwH8AADQwAAAAAA==&c=240388775 HTTP/1.1
Host: ponos.zeronaught.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.0 200 OK
Access-Control-Allow-Origin: *
Content-Type: text/plain; charset=UTF-8
Connection: close
Content-Length: 921
cdn.quantummetric.com/qscripts/quantum-mtb.js
172.67.20.158301 Moved Permanently 178 B URL HTTP/1.1 cdn.quantummetric.com/qscripts/quantum-mtb.js
IP 172.67.20.158:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://business4alltech.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 00:31:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.quantummetric.com/qscripts/quantum-mtb.js
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751022a61e4cb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
192.216.61.78200 OK 4.8 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 4776, version 1.0\012- data
Hash ac13691b89191d11d0e5577eb3cf3d53
0126fa82c0ab022e61b5de74f1fe3e204a905a7b
108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://business4alltech.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Wed, 21 Sep 2022 01:07:37 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2027901974", dtTao;desc="1"
Date: Tue, 27 Sep 2022 00:31:14 GMT
Content-Length: 4776
Set-Cookie: dtCookie=v_4_srv_11_sn_E4C7089D874C7472FEB8195EFCB52C66_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fdb9f7baab521a4fafffb674c12eac15c9d591a0b83b9f00e5b67d1131253a761440b462b89646f8b1956255f68868bc14; Path=/
TS0128739d=019f8203fd487b478c28718730930c09c5505d536bd591a0b83b9f00e5b67d1131253a76144aec66ac3a2146fffaefee9e15ad1a5aeb15f772ae1aeaf8203d44da38f77047; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000342dec0a1b7a2b283db01ead5f4c44e2c0c7329f8c8af1c30009ee7fe21c15cb080ae93eca113000fa37d6eb69747d4ff4426f2a12736b5fb7c71b4479fd687b5132ec70e572393bded811ca88084578bf63c21c5015446e; Path=/
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash f290f94f3a79e728777fb72b0538e0d5
1050a726a828a4353a87523498eed3437cde7df7
30fce61855bfcb773bcdc1f2e05145eef45a2fb21f70e81147e36285b0c6ae60
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 27 Sep 2022 00:31:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 26 Sep 2022 19:59:41 GMT
Expires: Tue, 27 Sep 2022 19:59:41 GMT
ETag: "1050a726a828a4353a87523498eed3437cde7df7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdn.quantummetric.com/qscripts/quantum-mtb.js
172.67.20.158200 OK 141 kB URL HTTP/2 cdn.quantummetric.com/qscripts/quantum-mtb.js
IP 172.67.20.158:0
File type ASCII text, with very long lines (3730)
Size 141 kB (140596 bytes)
Hash b37e7e03a93b01a15e657fe8360d7ba0
a281de755989177d9d64503b813637e022fc8b9f
7359c004ee3bde6fccbc703991eae80287519f11fcdcdef5db20bcd6e4960d1b
GET /qscripts/quantum-mtb.js HTTP/1.1
Host: cdn.quantummetric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:31:11 GMT
content-type: text/javascript
vary: Accept-Encoding
etag: W/"166378973649816613605351101664179202417"
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 7510228eda07fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
192.216.61.78200 OK 68 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
IP 192.216.61.78:0
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://business4alltech.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Wed, 21 Sep 2022 01:07:37 GMT
Accept-Ranges: bytes
ETag: "029628a56cdd81:0:dtagent10247220811100421ZWhG"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="485885199", dtTao;desc="1"
Date: Tue, 27 Sep 2022 00:31:14 GMT
Content-Length: 67671
Set-Cookie: dtCookie=v_4_srv_6_sn_C3C258C03C29F645A1066B3A9D2A2DAF_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fdd274d37917347cc34f2fe02fe241194102de0586e166b3acc3154f539e50c3651982ff13ab82a61c86e3f2c80e4e2ea7; Path=/
TS0128739d=019f8203fdc659d195a5c5c28f72c3cd8556aa539402de0586e166b3acc3154f539e50c365a8cb85871331ba59dfed6def36284674f636cb7f63d6d9b1331c491789dc46e9; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab20001d167d478a5e686add564dcf74d57a3299c4410a6a14e90e9c4904f2dcd98732086ecc6fa31130008c141e7e8d706422f4426f2a12736b5f199a54eb14753ba9eef1e790c0c09519f4bc08ce764585b886f8fd4b7d2f7650; Path=/
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
52.141.217.134200 OK 899 B URL HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (899), with no line terminators
Hash c65968ae493ad7a1c7b000ef52db0f0d
f5ff0a5f994c6909ac3617edf10177e6322d7270
8e32f77deb3f6a2e7bc234e89d1a699f0f18094c226fa3062496cb187e7a1537
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 899
date: Tue, 27 Sep 2022 00:31:14 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 5f3a0c44-6426-4db7-a1db-875c9c6967bc
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s6957767912909?AQB=1&ndh=1&pf=1&t=27%2F8%2F2022%200%3A31%3A12%202%200&fid=51DAC0E6EB3CEDE5-1BBC9C959F803596&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Monday%3A8%3A30PM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664238672911&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
13.36.218.177302 Found 0 B URL HTTP/1.1 mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s6957767912909?AQB=1&ndh=1&pf=1&t=27%2F8%2F2022%200%3A31%3A12%202%200&fid=51DAC0E6EB3CEDE5-1BBC9C959F803596&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Monday%3A8%3A30PM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664238672911&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 13.36.218.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/mtb/1/JS-2.9.0/s6957767912909?AQB=1&ndh=1&pf=1&t=27%2F8%2F2022%200%3A31%3A12%202%200&fid=51DAC0E6EB3CEDE5-1BBC9C959F803596&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Monday%3A8%3A30PM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664238672911&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://business4alltech.com/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Tue, 27 Sep 2022 00:31:15 GMT
content-type: text/plain;charset=utf-8
expires: Mon, 26 Sep 2022 00:31:15 GMT
last-modified: Wed, 28 Sep 2022 00:31:15 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_nwa=[CS]v4|0-0|63324453[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Thu, 26 Sep 2024 00:31:31 GMT; SameSite=None;
location: http://mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s6957767912909?AQB=1&pccr=true&ndh=1&pf=1&t=27%2F8%2F2022%200%3A31%3A12%202%200&fid=51DAC0E6EB3CEDE5-1BBC9C959F803596&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Monday%3A8%3A30PM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664238672911&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 27 Sep 2022 00:31:15 GMT
expires: Tue, 27 Sep 2022 00:31:15 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1659620062241&cv=9&fst=1659620062241&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1659620062241&cv=9&fst=1659620062241&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2410), with no line terminators
Hash e823c71fb084c8a7c28c4a8e56198067
4ff3fc2319a2f266c097d53669215ec75442082c
7cb2b23a21cd39984eee6dbe311b515369ce7d701d7ca0b3fca60fe2d1376835
GET /pagead/viewthroughconversion/990489911/?random=1659620062241&cv=9&fst=1659620062241&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:31:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1077
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 00:46:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s6957767912909?AQB=1&pccr=true&ndh=1&pf=1&t=27%2F8%2F2022%200%3A31%3A12%202%200&fid=51DAC0E6EB3CEDE5-1BBC9C959F803596&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Monday%3A8%3A30PM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664238672911&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
13.36.218.177200 OK 43 B URL HTTP/1.1 mtb.d1.sc.omtrdc.net/b/ss/mtb/1/JS-2.9.0/s6957767912909?AQB=1&pccr=true&ndh=1&pf=1&t=27%2F8%2F2022%200%3A31%3A12%202%200&fid=51DAC0E6EB3CEDE5-1BBC9C959F803596&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Monday%3A8%3A30PM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664238672911&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/mtb/1/JS-2.9.0/s6957767912909?AQB=1&pccr=true&ndh=1&pf=1&t=27%2F8%2F2022%200%3A31%3A12%202%200&fid=51DAC0E6EB3CEDE5-1BBC9C959F803596&ce=UTF-8&g=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&cc=USD&events=event21&c16=no%20value&c17=Monday%3A8%3A30PM&v19=D%3Dc17&c20=D%3Dg&c21=1&v21=D%3Dg&c22=New&v22=1&c23=First%20Visit&v23=New&v24=First%20Visit&v26=stop&c41=OLB&v41=OLB&v136=1664238672911&v151=Tealium&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://business4alltech.com/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Tue, 27 Sep 2022 00:31:15 GMT
expires: Mon, 26 Sep 2022 00:31:15 GMT
last-modified: Wed, 28 Sep 2022 00:31:15 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_nwa=[CS]v4|51DAC0E6EB3CEDE5-1BBC9C959F803596|0[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Thu, 26 Sep 2024 00:31:31 GMT; SameSite=None;
etag: 3573925341773791232-4619675729291782988
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
www.google.com/pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2511061312&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2511061312&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2511061312&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:31:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash f34f09e3e98315df9385a44731e7cdb0
fd18e9ad354933ceb1e5befb31bdb0987d92fe1d
aedb712ed271a200e34cc891a82c3af9c70d76a4c1f16e8ebc3d4bd3e3fa747a
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "AEDB712ED271A200E34CC891A82C3AF9C70D76A4C1F16E8EBC3D4BD3E3FA747A"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Tue, 27 Sep 2022 01:31:15 GMT
Date: Tue, 27 Sep 2022 00:31:15 GMT
Connection: keep-alive
asset.mtb.com/Documents/html/homepage/favicon.ico
54.230.111.37200 OK 15 kB URL HTTP/2 asset.mtb.com/Documents/html/homepage/favicon.ico
IP 54.230.111.37:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash e82f458a5c1c5353a97401eccc925613
949d6c8d06ca14b52f496c20f63fae269b6708c2
cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 14862
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Wed, 04 May 2022 18:18:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Tue, 27 Sep 2022 00:11:22 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "3dce-5de33a8b9cac0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ps0WuosYxWQjJ9ycm6PCdejlG83qo3twlc3I4ht3Dj39fwW5ybP6pQ==
age: 2856
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2511061312&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2511061312&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/990489911/?random=1659620062241&cv=9&fst=1659618000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fsacrificeivsuccess.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2511061312&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 00:31:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:31:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
52.141.217.134200 OK 666 B URL HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (666), with no line terminators
Hash 6142b462aa6e3dff59d7009dbe01b5d2
d1703b4f89970e620828e749e3ad54c2f820dc8c
b9ae9c907e06ee9ce439362bdd0c3839932d77254b111fe9217da67d8ec19950
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 960
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 666
date: Tue, 27 Sep 2022 00:31:14 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: ee1adc92-c777-4ddb-8cfd-9d7c557421cc
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c19865d5cb58e1b3e635d3c7549f965d
bfc8ad4c0d95b416a31f18ccdb94d29e33c1f695
902a4701bd5670f1f8e56f39471d31bd529f10c812d33578b00da22a3dce978b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:31:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 18:00:06 GMT
Expires: Fri, 30 Sep 2022 18:00:05 GMT
Etag: "bfc8ad4c0d95b416a31f18ccdb94d29e33c1f695"
Cache-Control: max-age=321529,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751022ab7975b4eb-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f78c4377fed813c5041f31b116714539
3eca094f337b484fa34d4bbb6e57bbbb2dfd7149
bf2208a8578ac007a94903dc31a9e576b1bb73c3c7a5fdc3e36200d64bec48d7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:31:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:15:46 GMT
Expires: Mon, 03 Oct 2022 11:15:45 GMT
Etag: "3eca094f337b484fa34d4bbb6e57bbbb2dfd7149"
Cache-Control: max-age=556469,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751022ab7841b506-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 7bcaac4393afff7dddc7255ff78d5850
a29b4b75545fb24e3e8df8fb02a109b18fd98b15
78ab8c4fe3696ab46713ded6bba2b2d51e41057c79795891814cb6234e31e7a3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 00:31:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 00:17:20 GMT
Expires: Sun, 02 Oct 2022 00:17:19 GMT
Etag: "a29b4b75545fb24e3e8df8fb02a109b18fd98b15"
Cache-Control: max-age=430563,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751022ab8845b506-OSL
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
54.230.111.34200 OK 221 B URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
IP 54.230.111.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 21:32:00 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6WlXovXPFm_Nwckdj1istfJetsMihiTEYFBXCl-QAVhMw27V-30wxQ==
age: 10756
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
54.230.111.127200 OK 221 B URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
IP 54.230.111.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 10:44:19 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 37TJCJ59s4jbg9qysXcFNUdyR-BkstHpq2CWHO8ulg5Q9gWBMKcLFQ==
age: 49617
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
54.230.111.29200 OK 221 B URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
IP 54.230.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://business4alltech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Mon, 26 Sep 2022 14:22:55 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8UwDoty1iJEpu8Q_Cw8ux5Ms9EcIU5BQxuOBGjFkhvHpyXteVQH75Q==
age: 36501
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.127200 OK 3.2 kB URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.127:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 18:24:38 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cyC7AYJO_LHhUWIrcfI73lun8DXpl74BlfBKUvN8NJmvTnfqYbPu1w==
age: 21999
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.29200 OK 3.2 kB URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.29:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 11:15:39 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UG_YejVBpAZLGXno1TaL4gq3O-QXs1fX4ujzJCsqHoNZt8-zsm6u5Q==
age: 47738
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.34200 OK 3.2 kB URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.34:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Tue, 27 Sep 2022 00:31:17 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sp9x1YZp0y2hZAVvwEEfZ2-6apBXkxAovKDADhszN2LmjGvfKHz2eQ==
X-Firefox-Spdy: h2
log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1664238675387-sjn0000355-8aeb1950-34d8-4afa-af44-6355fb927b87&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51
52.238.253.184204 No Content 0 B URL HTTP/2 log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1664238675387-sjn0000355-8aeb1950-34d8-4afa-af44-6355fb927b87&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51
IP 52.238.253.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=mufasa&cdsnum=1664238675387-sjn0000355-8aeb1950-34d8-4afa-af44-6355fb927b87&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51 HTTP/1.1
Host: log-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1344
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 00:31:18 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
business4alltech.com/rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D73_sn_8K0U7BFC0QIC5DMKDES1018S83EMTQTM&svrid=-73&flavor=post&vi=ECKMRGFIHKDMIASKRUSCTAMCQGFSVERF-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&bp=3&app=893c324bd7e5ac65&crc=939575725&en=zgefxirc&end=1
207.244.251.248404 Not Found 66 kB URL HTTP/1.1 business4alltech.com/rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D73_sn_8K0U7BFC0QIC5DMKDES1018S83EMTQTM&svrid=-73&flavor=post&vi=ECKMRGFIHKDMIASKRUSCTAMCQGFSVERF-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&bp=3&app=893c324bd7e5ac65&crc=939575725&en=zgefxirc&end=1
IP 207.244.251.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8124), with CRLF, LF line terminators
Hash 47f0cd5e4f3030ff6f752f1a562401a2
218d4fb7b5bd7923a94e9e1c39226a45e1736a16
b6de310d8917f13e6fe53b66ef9567acae92783fa1001f85a55b1888c4ae801a
POST /rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D73_sn_8K0U7BFC0QIC5DMKDES1018S83EMTQTM&svrid=-73&flavor=post&vi=ECKMRGFIHKDMIASKRUSCTAMCQGFSVERF-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php&bp=3&app=893c324bd7e5ac65&crc=939575725&en=zgefxirc&end=1 HTTP/1.1
Host: business4alltech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 1516
Origin: http://business4alltech.com
Connection: keep-alive
Referer: http://business4alltech.com/wp-content/uploads/2022/08/mtbank/auth.php
Cookie: utag_main=v_id:01837c5acf820015f0ae9c2e5cd900044004600900918$_sn:1$_se:1$_ss:1$_st:1664240469699$ses_id:1664238669699%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:business4alltech.com; dtCookie=v_4_srv_-2D73_sn_8K0U7BFC0QIC5DMKDES1018S83EMTQTM; rxVisitor=1664238672772AAF0ER7CCJETE7PQA9AENV53RG3DP5N2; dtPC=-73$438672770_218h-vECKMRGFIHKDMIASKRUSCTAMCQGFSVERF-0e0; rxvt=1664240473680|1664238672773; dtLatC=58; dtSa=-; cdContextId=2; bmuid=1664238672828-C8A73E2D-4551-4F43-9412-3FDCCA7C740D; sc_visit_start=1; s_visitStart=no%20value; s_pv=no%20value; s_vnum=2096238672905%26vn%3D1; s_invisit=true; s_nr=1664238672913-New; s_dslv=1664238672913; s_dslv_s=First%20Visit; s_fid=51DAC0E6EB3CEDE5-1BBC9C959F803596; s_ppvl=http%253A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php%2C96%2C93%2C939%2C1280%2C939%2C1280%2C1024%2C1%2CP; s_ppv=http%253A%2F%2Fbusiness4alltech.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fmtbank%2Fauth.php%2C96%2C96%2C939%2C1280%2C939%2C1280%2C1024%2C1%2CP; s_cc=true; cdSNum=1664238675387-sjn0000355-8aeb1950-34d8-4afa-af44-6355fb927b87
HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 00:31:17 GMT
Server: Apache
Access-Control-Allow-Origin: http://business4alltech.com
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://business4alltech.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8