r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5c6a87f6d6b5c54dcb1b630ae6001c73
e0315c9936d6f2f58ff7d078e74a8ec7802265a8
d88ef07b9fcfb42d27a490cb57df4adaf3261efc7d0b38246db387da3ca32a8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D88EF07B9FCFB42D27A490CB57DF4ADAF3261EFC7D0B38246DB387DA3CA32A8D"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5509
Expires: Sat, 31 Dec 2022 06:42:05 GMT
Date: Sat, 31 Dec 2022 05:10:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0e93d32de9bcebd3483b40a8fed30718
7e1fe5db1f08b75a079780717e4f18ad76767212
4f0aaacfefd27c89225a1a0d2fbe778ec4f3369b5e4e1599255bf12866196cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F0AAACFEFD27C89225A1A0D2FBE778EC4F3369B5E4E1599255BF12866196CD4"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11952
Expires: Sat, 31 Dec 2022 08:29:28 GMT
Date: Sat, 31 Dec 2022 05:10:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 428881081ad357fb55af33ebf9d12c16
29b7be72f76da07db4a03fb1bc57ffe16d520a22
9adff7f91b147b0d93166bc4ece0dd31fd19fd8b2c269a6a596a1e902f49a1fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ADFF7F91B147B0D93166BC4ECE0DD31FD19FD8B2C269A6A596A1E902F49A1FE"
Last-Modified: Wed, 28 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2969
Expires: Sat, 31 Dec 2022 05:59:45 GMT
Date: Sat, 31 Dec 2022 05:10:16 GMT
Connection: keep-alive
www.user-mtb01.hufeer.ir/login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso=
200 OK 4.8 kB URL HTTP/1.1 www.user-mtb01.hufeer.ir/login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso=
IP
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (960), with CRLF line terminators
Hash d9d3b9129013d7c03caa960e39f0344d
b61db46f8e8e7406f0414ff9f12a59605fd068d0
0208b343f1f505560ddc01fefda5c50c04b0a6609cd52c0cf3f1ca1f58980c60
Analyzer Verdict Alert urlquery phishing Phishing - M&T Bank
NIDS Severity Alert suricata high ET PHISHING Possible DarkX Credential Phishing Landing Page 2022-12-19
GET /login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso= HTTP/1.1
Host: www.user-mtb01.hufeer.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
expires: Sat, 31 Dec 2022 05:10:16 GMT
content-length: 4798
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 31 Dec 2022 05:10:16 GMT
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JnsrVgdbBWP2sR291YC6tZVEPuS3iyxRNDzy5mzzedR3jeWRRBBOD7BwYPMT6uoFsiPzMwTfuXU=
x-amz-request-id: CMWH42ZZEE7MF1T3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 31 Dec 2022 04:59:29 GMT
age: 647
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 31 Dec 2022 04:35:37 GMT
content-type: application/json
age: 2079
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 31 Dec 2022 05:10:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17
404 Not Found 708 B URL HTTP/1.1 www.user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17
IP
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - M&T Bank
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17 HTTP/1.1
Host: www.user-mtb01.hufeer.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso=
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 31 Dec 2022 05:10:16 GMT
www.user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9
404 Not Found 708 B URL HTTP/1.1 www.user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9
IP
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - M&T Bank
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9 HTTP/1.1
Host: www.user-mtb01.hufeer.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso=
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 31 Dec 2022 05:10:16 GMT
www.user-mtb01.hufeer.ir/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
404 Not Found 708 B URL HTTP/1.1 www.user-mtb01.hufeer.ir/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
IP
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - M&T Bank
fortinet Phishing
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1
Host: www.user-mtb01.hufeer.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso=
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 31 Dec 2022 05:10:16 GMT
www.user-mtb01.hufeer.ir/Assets/scripts/Login/Index.js
404 Not Found 708 B URL HTTP/1.1 www.user-mtb01.hufeer.ir/Assets/scripts/Login/Index.js
IP
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - M&T Bank
fortinet Phishing
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: www.user-mtb01.hufeer.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso=
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 31 Dec 2022 05:10:16 GMT
www.user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17
404 Not Found 708 B URL HTTP/1.1 www.user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17
IP
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - M&T Bank
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17 HTTP/1.1
Host: www.user-mtb01.hufeer.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso=
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 31 Dec 2022 05:10:16 GMT
ocsp.digicert.com/
200 OK 471 B IP
Hash 553f97ab8a2c2f1abe4ee932cf6dab42
9e9433075523efb0cf7d13b6811d237c4b48f099
8a7c26f298fb34ec9d5cbd977a2677118b9360ad3134bb56171c13d4d13da540
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1602
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 05:10:16 GMT
Last-Modified: Sat, 31 Dec 2022 04:43:34 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.user-mtb01.hufeer.ir/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
404 Not Found 708 B URL HTTP/1.1 www.user-mtb01.hufeer.ir/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
IP
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - M&T Bank
fortinet Phishing
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1
Host: www.user-mtb01.hufeer.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso=
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 31 Dec 2022 05:10:16 GMT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 31 Dec 2022 05:08:10 GMT
age: 127
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash e8adbb3cdce38a6dea68fb34c8c9a59c
70eb7aefb330cd8d09fa30ee8ec0f7756145055d
bec3e439ed96bba8c751803282a7934c4e6bb8274d706440f3a03a1e24e5e657
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BEC3E439ED96BBA8C751803282A7934C4E6BB8274D706440F3A03A1E24E5E657"
Last-Modified: Fri, 30 Dec 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3550
Expires: Sat, 31 Dec 2022 06:09:27 GMT
Date: Sat, 31 Dec 2022 05:10:17 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash e8adbb3cdce38a6dea68fb34c8c9a59c
70eb7aefb330cd8d09fa30ee8ec0f7756145055d
bec3e439ed96bba8c751803282a7934c4e6bb8274d706440f3a03a1e24e5e657
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BEC3E439ED96BBA8C751803282A7934C4E6BB8274D706440F3A03A1E24E5E657"
Last-Modified: Fri, 30 Dec 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Sat, 31 Dec 2022 06:10:17 GMT
Date: Sat, 31 Dec 2022 05:10:17 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash e8adbb3cdce38a6dea68fb34c8c9a59c
70eb7aefb330cd8d09fa30ee8ec0f7756145055d
bec3e439ed96bba8c751803282a7934c4e6bb8274d706440f3a03a1e24e5e657
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BEC3E439ED96BBA8C751803282A7934C4E6BB8274D706440F3A03A1E24E5E657"
Last-Modified: Fri, 30 Dec 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3591
Expires: Sat, 31 Dec 2022 06:10:08 GMT
Date: Sat, 31 Dec 2022 05:10:17 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash e8adbb3cdce38a6dea68fb34c8c9a59c
70eb7aefb330cd8d09fa30ee8ec0f7756145055d
bec3e439ed96bba8c751803282a7934c4e6bb8274d706440f3a03a1e24e5e657
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BEC3E439ED96BBA8C751803282A7934C4E6BB8274D706440F3A03A1E24E5E657"
Last-Modified: Fri, 30 Dec 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Sat, 31 Dec 2022 06:09:40 GMT
Date: Sat, 31 Dec 2022 05:10:17 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8bdmV5Fq6bychuHU9/W3wA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ro5Vo8Y1+rn59xnjrhg2n7Gb4Gc=
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 30d1a7c54a69e625e5887e6cf623fd68
80d292ef68252eafade05473a5db9435f0a6a74e
94f8ab9fcccca6a070ea887cd86bc3480c4f5ea002638651195ff74bca35af2d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "94F8AB9FCCCCA6A070EA887CD86BC3480C4F5EA002638651195FF74BCA35AF2D"
Last-Modified: Fri, 30 Dec 2022 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3566
Expires: Sat, 31 Dec 2022 06:09:43 GMT
Date: Sat, 31 Dec 2022 05:10:17 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 30d1a7c54a69e625e5887e6cf623fd68
80d292ef68252eafade05473a5db9435f0a6a74e
94f8ab9fcccca6a070ea887cd86bc3480c4f5ea002638651195ff74bca35af2d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "94F8AB9FCCCCA6A070EA887CD86BC3480C4F5EA002638651195FF74BCA35AF2D"
Last-Modified: Fri, 30 Dec 2022 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3551
Expires: Sat, 31 Dec 2022 06:09:28 GMT
Date: Sat, 31 Dec 2022 05:10:17 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 30d1a7c54a69e625e5887e6cf623fd68
80d292ef68252eafade05473a5db9435f0a6a74e
94f8ab9fcccca6a070ea887cd86bc3480c4f5ea002638651195ff74bca35af2d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "94F8AB9FCCCCA6A070EA887CD86BC3480C4F5EA002638651195FF74BCA35AF2D"
Last-Modified: Fri, 30 Dec 2022 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Sat, 31 Dec 2022 06:10:17 GMT
Date: Sat, 31 Dec 2022 05:10:17 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 30d1a7c54a69e625e5887e6cf623fd68
80d292ef68252eafade05473a5db9435f0a6a74e
94f8ab9fcccca6a070ea887cd86bc3480c4f5ea002638651195ff74bca35af2d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "94F8AB9FCCCCA6A070EA887CD86BC3480C4F5EA002638651195FF74BCA35AF2D"
Last-Modified: Fri, 30 Dec 2022 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3574
Expires: Sat, 31 Dec 2022 06:09:51 GMT
Date: Sat, 31 Dec 2022 05:10:17 GMT
Connection: keep-alive
nexus.ensighten.com/mtbank/OE-Prod/Bootstrap.js
200 OK 15 B URL HTTP/1.1 nexus.ensighten.com/mtbank/OE-Prod/Bootstrap.js
IP
Hash ffe905f50d9b47e6353b68513c4d48ac
d2c2ee4201cca3be67abf771ed1f1922fa94d083
c0d8671e209f009f9c1ad8153222f942087ec193b7e87f856e60971bd5424633
GET /mtbank/OE-Prod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 15
Connection: keep-alive
Date: Sat, 31 Dec 2022 05:10:18 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Fri, 22 Jul 2022 23:48:01 GMT
ETag: "ffe905f50d9b47e6353b68513c4d48ac"
x-amz-server-side-encryption: AES256
Cache-Control: no-cache, no-store
x-amz-version-id: aoJA4xuOoFemAhjg4lZAdeni.2iMq5FL
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: E3Jpsl85D1dCL8681CrTOQtHTbUFmvBmgKV4WVbks6lB3tSnzmWGTg==
resources.mtb.com/r/simple-layout-responsive/css.mtb?v=08132020140516
200 OK 35 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/css.mtb?v=08132020140516
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dea96768b0391a33311f34f0338c270e
d34315a2069eddf5ceb828e4421f8355bf712fa0
58f9206909a26235f1b4847e2f34fdb73b727103cd62490f23927648d08838f3
GET /r/simple-layout-responsive/css.mtb?v=08132020140516 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Expires: Sun, 31 Dec 2023 05:10:17 GMT
Last-Modified: Sat, 31 Dec 2022 05:10:16 GMT
ETag: "1672463417:dtagent10255221104040649ShC2"
Vary: User-Agent
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1338488344"
Date: Sat, 31 Dec 2022 05:10:16 GMT
Cteonnt-Length: 258715
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_11_sn_9B67CE3B76611B7BE84AE98BC72D6824_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd457bb8d3434654c22e2283718d81318884011f63d06d218f08e8791805c47d51b6e5e4f60066bb1fef162a47b26d27ca; Path=/
TS0128739d=019f8203fda2ce71b668c08b89834543d9be0e7a9f84011f63d06d218f08e8791805c47d51c2d1b1096be459dd7c038183ea14ace6a11aac084d7f7804162cfd7713a0d277; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200011c044baec1f9b4899ddb9e89c1698ff27d080b349bd909050ff97420396f5b00892e77b90113000b8609a5ebd639158010d96d45f298db123fe97f0cd74b02a3f2a04734b8e7d77702e641dac285a7923196b435d992832; Path=/
Transfer-Encoding: chunked
resources.mtb.com/Assets/img/mtb-entrust.svg
200 OK 1.3 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-entrust.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators
Hash 9a569ad20708d7453d89fe6c72e7fcdc
60b6a41620583484642f7c826faf8e3c879a6374
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Fri, 16 Dec 2022 06:37:56 GMT
Accept-Ranges: bytes
ETag: "07a5bee1811d91:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1417419376"
Date: Sat, 31 Dec 2022 05:10:16 GMT
Content-Length: 1349
Set-Cookie: TSf60233d5027=08affc4e07ab2000db6c05af67f54976f142f31049568c8bc165c9d95ca4f52437f9d02d17f3a0c9081f782efe113000668f8a6f40b2551c010d96d45f298db19638c458ea9a4b1e0004c15d2939b89219769ed12f25bae11a2c5dfdf0f4d0f8; Path=/
resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
200 OK 230 B URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 916635d10512ae6a1840614a895dcd38
db175de4c42281bb4d239c57d1b95b8e75c529ec
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Fri, 16 Dec 2022 06:37:56 GMT
Accept-Ranges: bytes
ETag: "07a5bee1811d91:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1800135593"
Date: Sat, 31 Dec 2022 05:10:16 GMT
Content-Length: 230
Set-Cookie: dtCookie=v_4_srv_4_sn_DF93DD58291C08332BF2961F3C94F310_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fdfd43d9fde38cdb57c3982528ded34ecf34f492dc30821d2fc65a33685476cab2eb00684cb902e33c62c85fe8d3b41839; Path=/
TS0128739d=019f8203fd49ec84f7e3454d0c71b4e26a828a27d734f492dc30821d2fc65a33685476cab2197f16bae2f17a9e5e264358cf66bd02536be34b2968d3152f9159daedad317e; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab20001e92bf8607b177e02c646c7ce3d7c4098983ce2487d21f6f5771b25b78a76f7708a5cccff6113000e8462743d7d89e99010d96d45f298db16718e8500e8c9a184e2f1d92446e2eb97c9d2d19c5dafa0b7ed467e6a2ceda84; Path=/
resources.mtb.com/Assets/img/mtb-logo.svg
200 OK 2.0 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators
Hash f2b901cf895852a0866fe4a16c7f1730
c4240af1ec798477b4e65a185ddbb1b038817da4
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Fri, 16 Dec 2022 06:37:56 GMT
Accept-Ranges: bytes
ETag: "07a5bee1811d91:0"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1523761698"
Date: Sat, 31 Dec 2022 05:10:16 GMT
Content-Length: 2039
Set-Cookie: dtCookie=v_4_srv_4_sn_800106C143121E677A38FCE8ED497AC8_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd347c83ff39ddcbf498c507ca46dfebcf69d0d262e1c36f5db5118c2423daa4d3609738bf3755f009c286a4abb64e9ddf; Path=/
TS0128739d=019f8203fdd1fd7c0bf57ceab00b703f771726315869d0d262e1c36f5db5118c2423daa4d3b6d0ecfc05b09138e49d97995b2c10b9f242181b6f976523cf43dca19c93e76f; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000b78a4fbf7f1318a38b10a758d927e45363dcc4eb0cbd3d03cdce6b4f779d592908614e5c2e1130004412a3c3f960893a010d96d45f298db101e894915f810629e299e236b3511280bf06faf0082aefd5e6b7e6c49e7d9f22; Path=/
resources.mtb.com/r/simple-layout-responsive/js.mtb?v=08132020140516
200 OK 104 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/js.mtb?v=08132020140516
IP
File type ASCII text, with CRLF line terminators
Size 104 kB (103531 bytes)
Hash 709ebc99ab68894c16d41797eb08e778
76a47991fe6d37cfff3521535bf366798a97e292
3ac3d1438229e5d19ab15b5a7552eb05497af3ea08ecc93fb3c5d084d73e60b9
GET /r/simple-layout-responsive/js.mtb?v=08132020140516 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Expires: Sun, 31 Dec 2023 05:10:17 GMT
Last-Modified: Sat, 31 Dec 2022 05:10:16 GMT
ETag: "1672463417:dtagent10255221104040649ShC2"
Vary: User-Agent
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1779982798"
Date: Sat, 31 Dec 2022 05:10:16 GMT
ntCoent-Length: 322405
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_1_sn_F9C8545CF0CB48E7828DEF1329EE51C6_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd38045dfe5e0e440096f7d9c26e11ed1274f8b42a7ce3ccd65b615e0c38ec365d8129cf9bb0fed74f46d7a85ff0a37cca; Path=/
TS0128739d=019f8203fd339aa6fa1ac31bdba0f77f8c82ce877474f8b42a7ce3ccd65b615e0c38ec365dbea85bb7500129e1eaa61c2766a9c506d7f7177649143860030ae807bc20fe12; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000cd0b796c0aafb86ec22bcb6f583ec4ee3abb1228620944feb5f61da85f28423e08b7031e281130001732fb2fa2ed2fdc010d96d45f298db17f978c36fceb62564c35efce0166933ede03eb872031486ae44404ef898e4b0f; Path=/
Transfer-Encoding: chunked
www.user-mtb01.hufeer.ir/Assets/scripts/Login/Index.js
404 Not Found 708 B URL HTTP/1.1 www.user-mtb01.hufeer.ir/Assets/scripts/Login/Index.js
IP
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - M&T Bank
fortinet Phishing
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: www.user-mtb01.hufeer.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/login.php?online_id=c3fbbdff0a60523b9bdf9bfda&country=&iso=
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 31 Dec 2022 05:10:17 GMT
resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
200 OK 4.8 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
IP
File type Web Open Font Format, TrueType, length 4776, version 1.0\012- data
Hash ac13691b89191d11d0e5577eb3cf3d53
0126fa82c0ab022e61b5de74f1fe3e204a905a7b
108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.user-mtb01.hufeer.ir
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Fri, 16 Dec 2022 06:37:55 GMT
Accept-Ranges: bytes
ETag: "07a5bee1811d91:0:dtagent10255221104040649ShC2"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="227245766", dtTao;desc="1"
Date: Sat, 31 Dec 2022 05:10:17 GMT
Content-Length: 4776
Set-Cookie: dtCookie=v_4_srv_2_sn_7C39381830A824A00EF5A0BB0B77A796_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fdccd1910245cf706f2d7d412a024dbda4a26d6dcb5bb65a4d35f208fc3db1c83c3efd16951a96a66f252bfcd0fed73b0d; Path=/
TS0128739d=019f8203fd9a7889b2cdc973cd93f5f7536135039ba26d6dcb5bb65a4d35f208fc3db1c83c2fe8c44b08bde9454bb52ee598121d9d90fcf057a8338b6536631581a7600949; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab20007febbc51ea70fe6eb722561821db4b37c49f453a6b7ef0e7ba0a9eacccffb78c0858a6f847113000b04b88e7915686f352ab2614ced26fa1d705eaf456bb7f2feb936f81ab13434b7a1bd7696465b4627440ad1f98c5cf55; Path=/
asset.mtb.com/Documents/html/homepage/favicon.ico
200 OK 15 kB URL HTTP/2 asset.mtb.com/Documents/html/homepage/favicon.ico
IP
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash e82f458a5c1c5353a97401eccc925613
949d6c8d06ca14b52f496c20f63fae269b6708c2
cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.user-mtb01.hufeer.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 14862
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
last-modified: Wed, 04 May 2022 18:18:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
date: Sat, 31 Dec 2022 05:09:24 GMT
cache-control: max-age=3600, no-cache="set-cookie"
etag: "3dce-5de33a8b9cac0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yezMuITeT0bbHA2ift3byVn3D2L8b9bVD8P2PWtns6WB3eGIAP79gg==
age: 1030
X-Firefox-Spdy: h2
resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
200 OK 68 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
IP
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.user-mtb01.hufeer.ir
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Fri, 16 Dec 2022 06:37:55 GMT
Accept-Ranges: bytes
ETag: "07a5bee1811d91:0:dtagent10255221104040649ShC2"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1519963251", dtTao;desc="1"
Date: Sat, 31 Dec 2022 05:10:17 GMT
Content-Length: 67671
Set-Cookie: dtCookie=v_4_srv_11_sn_20E8A6B604C2C0F7105BD67C193C7B5D_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd8953f14143d0a998b954fd8092b78d2504cd9943113091e478814e9016d0841eab5125944f05a4ed67ed82614b8cffa1; Path=/
TS0128739d=019f8203fddadca4a70c1d88cad13e0f4bc9ab6a7e04cd9943113091e478814e9016d0841ec828556c5271a95ca7a04dc1e35c4510385357fd2df299c6390f69aaf50e66c1; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab200073d58db14553db0c471116d0e16cbc912191789f8ff1d7bda92615584e7b3cae0820ae27c7113000b3e0cee2aeb3f25b52ab2614ced26fa1a9b1ac3d6bb1435f382eb7422517c86d1293331f23a8e4c7fa3abc54df1827d8; Path=/
resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
200 OK 64 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
IP
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.user-mtb01.hufeer.ir
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Fri, 16 Dec 2022 06:37:55 GMT
Accept-Ranges: bytes
ETag: "07a5bee1811d91:0:dtagent10255221104040649ShC2"
X-Srv: M-SC-01
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-758069167", dtTao;desc="1"
Date: Sat, 31 Dec 2022 05:10:17 GMT
Content-Length: 64318
Set-Cookie: dtCookie=v_4_srv_4_sn_43B109BA9F0D5F1A383A9381E57DC3E2_perc_100000_ol_0_mul_1_app-3A1ce138bfdcbaa26d_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=019f8203fd4ba2d68d328d077faeb0bc4d3f1ac4cefb899cf96a23645dcf1bd0d7c928f34a8ac4da2fe315a80f8b2175989b6ee577; Path=/
TS0128739d=019f8203fd3f8485579de4f3afa38247b43b7d70cefb899cf96a23645dcf1bd0d7c928f34a5893b750859cdaa6dd744d4ef78ba508b9fba72f6b3f52a7c3139b1ee4b39f86; path=/; domain=.mtb.com
TSf60233d5027=08affc4e07ab2000afa827f6ebc88b65a380b1e093b08fce932cd18764060a4ba5f6b32b0b40807b082e448a41113000fe3df7413ae15d5252ab2614ced26fa14e43f7bf1888e2eb9ab58371bb4f0eaad0ebd1651a1b4977eb55d8cb71ffe10f; Path=/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5831
Expires: Sat, 31 Dec 2022 06:47:29 GMT
Date: Sat, 31 Dec 2022 05:10:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5831
Expires: Sat, 31 Dec 2022 06:47:29 GMT
Date: Sat, 31 Dec 2022 05:10:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5831
Expires: Sat, 31 Dec 2022 06:47:29 GMT
Date: Sat, 31 Dec 2022 05:10:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5831
Expires: Sat, 31 Dec 2022 06:47:29 GMT
Date: Sat, 31 Dec 2022 05:10:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5831
Expires: Sat, 31 Dec 2022 06:47:29 GMT
Date: Sat, 31 Dec 2022 05:10:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25798042-7930-4e6f-a0bd-787a91be0a5e.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25798042-7930-4e6f-a0bd-787a91be0a5e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47dee999ba5371ce7322f7c0b3885583
5f92dcc4dadaaefd6221e34c38a2ec828a2e19c8
8ba507368aaffac94dae18b2b4a45fda9bb4fd9d5719041fa8216760be712133
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25798042-7930-4e6f-a0bd-787a91be0a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7124
x-amzn-requestid: 2dbfcee0-2228-4c02-b73c-58c74a6d51ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCHK6IAMFRSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-3437213e4f187aca0c4f2ae2;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oUAcGu1mp7ZvTBHxJ9P4w7DzZqXgp226m2s9K7bews0ITQiXnt9-mQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "5f92dcc4dadaaefd6221e34c38a2ec828a2e19c8"
content-type: image/jpeg
age: 26586
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc62c3ca8bc387a91c7d4711b5bc2409
7a984b459227e11984faa2539569a90875a58d29
e14a0e22b58fc1f3f392b842573e3abff7b24eb66db6b351046a186acc3b2954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7660
x-amzn-requestid: 9338abf2-1191-47da-95ff-0a201604fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCEDhoAMFZ4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-433f4ba9780dbc7a485ccbe9;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yR6kZT7use-SXKKXM3rRmo56EFDJN9VUcRSlzb0cG7nn_pblH0uL6g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "7a984b459227e11984faa2539569a90875a58d29"
content-type: image/jpeg
age: 26586
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70e0fda-677d-4149-b601-312092ec4ee4.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70e0fda-677d-4149-b601-312092ec4ee4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dedaee779721ed1a6f00cae692403a34
4aa72d6c8518392ad0b6bcc0bd4024120fdf27a6
c2734da0f2c82ddd837fb3e5f34f71ce2090f17046d53dbbc8b7aafe885183cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70e0fda-677d-4149-b601-312092ec4ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10471
x-amzn-requestid: 20fee92b-87e6-4820-b591-e5d38e2d1d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d5DGOGwLoAMF1Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad188e-74d987c54b5f471e41e0ba24;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 04:33:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3CdbBskWUGM9ZsaZ_lCXEXHT4CsQY0CBKqaZTOjui-Shnb6h29Iarw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 12:06:59 GMT
age: 61399
etag: "4aa72d6c8518392ad0b6bcc0bd4024120fdf27a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a747e4ba9f713788d8d9c13ba12d253
58726a734bd0c049ed38b760c8f235c918ac1dc4
8be489aafe2c6e61bdd234a28d9d9e0de96e9d04549e2c6638a6343112c29f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9173
x-amzn-requestid: 36af4d98-e328-44ac-abdc-58f8bb3dec9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sLQEh0IAMF5wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a47-6ea74b1133d81bf312e5bdb2;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0dYlGS4Z1EAJ9y9W6pepgty5vl1f_GWzXaSSta1EXwdGex-yjjkxiw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "58726a734bd0c049ed38b760c8f235c918ac1dc4"
content-type: image/jpeg
age: 26586
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39ae26c1-8b46-483b-a677-bcdb29df22f0.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39ae26c1-8b46-483b-a677-bcdb29df22f0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d24641b2340aa1dcd1e90821ca7aae4
7ef95226664efc320e453f027c51229c958ad46d
3f6a6e8abbfb7057b09cd3aebbebfa3fde792aaf31fc09681de2ff448ab8209b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39ae26c1-8b46-483b-a677-bcdb29df22f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6090
x-amzn-requestid: 3d385ba2-3e1c-4d01-801f-379311dd71f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxTYLFz1oAMFSDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a9ff67-5efe60b33d2c07ba5ce61b13;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 20:09:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HZYcmd2Qspa3SyAIl029KK6HiXV1ZVDWPiY9q7sgCGEtnYG9oJALVQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:54:27 GMT
age: 26151
etag: "7ef95226664efc320e453f027c51229c958ad46d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba629c9334582ac5e37a14fceb073b43
54adf501819f973ada947a82bf1d28c7de76ef72
9fd8cbe35dc6051926698405e2d9eac24a903148ac425d6cf314eb77b14fbc76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8187
x-amzn-requestid: aaf90c51-50ac-47ca-ae8f-f4afd190b0d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d5fsAEGUoAMF2Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad464c-3f2838fd1d7b16e10f1beb98;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 07:48:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VEipOlCxzx5CSXab3Xcl6vk1pk8qF23HmAbDV34A7uWMIcmFYW0W1g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:21 GMT
age: 26577
etag: "54adf501819f973ada947a82bf1d28c7de76ef72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
212.33.195.109
23.36.76.226
34.160.144.191
93.184.220.29