r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10699
Expires: Sun, 02 Oct 2022 21:36:37 GMT
Date: Sun, 02 Oct 2022 18:38:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
18.165.201.83200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 18:03:12 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 680c9e756bdd27fcfeee763a87afaa06.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: dIT9MDT9wTXwAIpcRRXQ9z0VkotLnctZ0BN16uIKVI4ejO4T3rkIXg==
Age: 2106
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.95200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.95:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 2fe8f7f5aca4ab098dc7bad8e97a06dc.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 3m5V49x8iR4bk95wnhjYwLx7bO9G4jvio_IXOCCRXvEV5Zl-8u4D9A==
age: 54302
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 18:38:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.83200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 18:32:57 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 18:33:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4c3c0be12954d0bfb5e695119bb76338.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 96atsKPMbMXuTWF7Ql813BEAGXK3pLqjoo__YFxkboCL5lgiA7VPwQ==
Age: 326
ocsp.sca1b.amazontrust.com/
108.138.212.135200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.138.212.135:0
Hash abdaebe60fe121f993519ece2e494028
5ec3ae3092841de5dad6a886a57b3345f890750a
8bdf4b2513bbfbf368183dc0bd12af388925ac119137d334b2a65bcb45e9a515
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 18:38:19 GMT
Last-Modified: Sun, 02 Oct 2022 17:12:10 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 5f579649fb5bae8b4702b48b6acbf556.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: J2aaAi54M8bfwp2E1AHo6o4bm2QSdFUWXp8B6lm48nHR10XPOwZu9g==
Age: 5169
gt.com.bo/ruxitagentjs_ICA27Vfjoqrux_10237220328075400.js
184.171.244.50200 OK 0 B URL HTTP/1.1 gt.com.bo/ruxitagentjs_ICA27Vfjoqrux_10237220328075400.js
IP 184.171.244.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ruxitagentjs_ICA27Vfjoqrux_10237220328075400.js HTTP/1.1
Host: gt.com.bo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/login.php
Cookie: PHPSESSID=b0cbb80415e910d0fa7f4cc5d95dc493
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:38:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5790
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:19 GMT
Last-Modified: Sun, 02 Oct 2022 17:01:49 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
cdn.levelaccess.net/accessjs/YW1wX2h1bnRpbmd0b24xMTAw/access.js
143.204.55.9200 OK 62 kB URL HTTP/1.1 cdn.levelaccess.net/accessjs/YW1wX2h1bnRpbmd0b24xMTAw/access.js
IP 143.204.55.9:0
File type ASCII text, with very long lines (1379)
Hash 10c21619ee80ae45b981718b4000be33
6ce6d035aa35174610ef6a8aa4b6564ed94d684c
93853987a1a87ef6a2a76465295928669004494841f3c2e9241f57f6134edf95
GET /accessjs/YW1wX2h1bnRpbmd0b24xMTAw/access.js HTTP/1.1
Host: cdn.levelaccess.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 62484
Connection: keep-alive
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 18 Aug 2022 11:17:24 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
x-amz-version-id: mYLHPInXvKzp8AwW2k_umeVHlhAunVbI
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 02 Oct 2022 18:38:19 GMT
Cache-Control: max-age=900
ETag: "10c21619ee80ae45b981718b4000be33"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PSGh-C9wJt9W6hoIrb5-pooTVh6890p8VTAUB-my04o03KqvyogGaw==
Age: 892
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 611685257b784bde479adb6468d27171
2fb054504ef474ea0bdd5e84a02f3246f5aab8cb
fd671d6902c6bd81bd494e819a63ee3a461d0a1d533c91ce11b1978ea3085cbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3631
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:19 GMT
Last-Modified: Sun, 02 Oct 2022 17:37:49 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 611685257b784bde479adb6468d27171
2fb054504ef474ea0bdd5e84a02f3246f5aab8cb
fd671d6902c6bd81bd494e819a63ee3a461d0a1d533c91ce11b1978ea3085cbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3631
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:19 GMT
Last-Modified: Sun, 02 Oct 2022 17:37:49 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
gt.com.bo/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
184.171.244.50200 OK 0 B URL HTTP/1.1 gt.com.bo/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
IP 184.171.244.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Presentation/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: gt.com.bo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/login.php
Cookie: PHPSESSID=b0cbb80415e910d0fa7f4cc5d95dc493
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:38:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
gt.com.bo/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
184.171.244.50200 OK 0 B URL HTTP/1.1 gt.com.bo/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
IP 184.171.244.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2 HTTP/1.1
Host: gt.com.bo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/login.php
Cookie: PHPSESSID=b0cbb80415e910d0fa7f4cc5d95dc493
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:38:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
gt.com.bo/Presentation/fonts/muli-v11-latin-700.woff2
184.171.244.50200 OK 0 B URL HTTP/1.1 gt.com.bo/Presentation/fonts/muli-v11-latin-700.woff2
IP 184.171.244.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Presentation/fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: gt.com.bo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/login.php
Cookie: PHPSESSID=b0cbb80415e910d0fa7f4cc5d95dc493
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:38:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 611685257b784bde479adb6468d27171
2fb054504ef474ea0bdd5e84a02f3246f5aab8cb
fd671d6902c6bd81bd494e819a63ee3a461d0a1d533c91ce11b1978ea3085cbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4342
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:19 GMT
Last-Modified: Sun, 02 Oct 2022 17:25:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 611685257b784bde479adb6468d27171
2fb054504ef474ea0bdd5e84a02f3246f5aab8cb
fd671d6902c6bd81bd494e819a63ee3a461d0a1d533c91ce11b1978ea3085cbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6153
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:19 GMT
Last-Modified: Sun, 02 Oct 2022 16:55:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
gt.com.bo/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
184.171.244.50200 OK 0 B URL HTTP/1.1 gt.com.bo/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
IP 184.171.244.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Presentation/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: gt.com.bo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/login.php
Cookie: PHPSESSID=b0cbb80415e910d0fa7f4cc5d95dc493
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:38:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1
104.84.152.187200 OK 7.0 kB URL HTTP/2 www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (19644)
Hash d9f7f6f1d8cae7de7faa2e580df82897
32b9823645d243df89b8a8334685606e50acb214
a28478b0a52567947edf22f9f4e8ed9418786c9050b1f2b7677243b4dda13d4b
GET /Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 7010
cache-control: public, max-age=461655
expires: Sat, 08 Oct 2022 02:52:34 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.huntington.com/-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC
104.84.152.187200 OK 1.6 kB URL HTTP/2 www.huntington.com/-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3955), with CRLF line terminators
Hash c54fde5c7f10f3373c14c27609946887
76f3a105d90a2ee61357401656a063b0d1a460c3
791aacc8fbb8221f0828eb1412475de0a403000a13db9760a178177035195e6a
GET /-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: 25ac81b1cb8b4557ac63e0186de9a92b
last-modified: Tue, 14 Jul 2020 14:26:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="lockup.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtRpid;desc="-813670566"
x-ua-compatible: IE=edge
content-length: 1578
cache-control: public, max-age=264463
expires: Wed, 05 Oct 2022 20:06:02 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.huntington.com/-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58
104.84.152.187200 OK 449 B URL HTTP/2 www.huntington.com/-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (859), with no line terminators
Hash 648a49d01455e0be73da9e42a8617016
e7ccaaffff511ad60775110a51d1397520ec50b1
cc8f79aa4f6c0fe7efabdde6ffc887aff179327d960992a4a4d760afb734bfeb
GET /-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: 2d91d2b82c4a40438297b714b6e7ceb5
last-modified: Mon, 11 Dec 2017 15:39:44 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="logo-honeycomb.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1838116293"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=498029
expires: Sat, 08 Oct 2022 12:58:48 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
content-length: 449
X-Firefox-Spdy: h2
www.huntington.com/-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97
104.84.152.187200 OK 764 B URL HTTP/2 www.huntington.com/-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 842c50db22ce317c9fdd556a89a56ed7
16618234768512011cbfa25fbe4a2058182c2438
35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979
GET /-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 764
content-type: image/svg+xml
etag: 57637a2d5858427aba58213dfd85741c
last-modified: Tue, 08 Mar 2022 19:24:24 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="EHL_Black_HouseOnly.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="2136463186"
x-ua-compatible: IE=edge
cache-control: public, max-age=989894
expires: Fri, 14 Oct 2022 05:36:33 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
X-Firefox-Spdy: h2
www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01
104.84.152.187200 OK 3.1 kB URL HTTP/2 www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7496)
Hash 6519ee104141a08c31190299e874f8ab
e579c256778cb669ebda4388a62bcfc85f43659f
9ade77f1bcf0aa8b9bfc31986c183216c9102eedf342a54f8e42818156d0012b
GET /Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 3053
cache-control: public, max-age=1408767
expires: Wed, 19 Oct 2022 01:57:46 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
104.84.152.187200 OK 1.2 kB URL HTTP/2 www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4339)
Hash 19ac7c952619cab53123eee38648d8bd
47e839324893deeef4e9f6b46dff135e1542dc9a
1a8ffa5f523a7a462b51616592473a2799bb0d687c1391d7d2ba3e5a58f95d78
GET /Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 1249
cache-control: public, max-age=482694
expires: Sat, 08 Oct 2022 08:43:13 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.huntington.com/Presentation/Styles/toolkit.min.css?v=AMmax9WAuwRxSsAQnVkeq8d53r-y0o3SUyBCek-Jx8Q1
104.84.152.187200 OK 76 kB URL HTTP/2 www.huntington.com/Presentation/Styles/toolkit.min.css?v=AMmax9WAuwRxSsAQnVkeq8d53r-y0o3SUyBCek-Jx8Q1
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash a784ea85cf47b597a36bbaccdad5dac6
8657763b8b3d4e9d74160318fb6aa4248899b1f7
b17bca29ba7bb7ea9019e1d0bb32d047e71ae40c6c24837c34b0d469a0fc8534
GET /Presentation/Styles/toolkit.min.css?v=AMmax9WAuwRxSsAQnVkeq8d53r-y0o3SUyBCek-Jx8Q1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 76136
cache-control: public, max-age=916055
expires: Thu, 13 Oct 2022 09:05:54 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.huntington.com/Presentation/Scripts/toolkit.min.js?v=tyFose6-470BKk7aNSlJoBaWK2APwT4wXv9asTTlaMg1
104.84.152.187200 OK 170 kB URL HTTP/2 www.huntington.com/Presentation/Scripts/toolkit.min.js?v=tyFose6-470BKk7aNSlJoBaWK2APwT4wXv9asTTlaMg1
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
Size 170 kB (169957 bytes)
Hash 13aa474d483584f46444352bc9150c09
1b22a3171e26bfe7eed2cfe8e369a644ce041adf
95a2dfc07be78344fd532aedddce4c0c9905884b3344fecdd90fea968a578d5d
GET /Presentation/Scripts/toolkit.min.js?v=tyFose6-470BKk7aNSlJoBaWK2APwT4wXv9asTTlaMg1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 169957
cache-control: public, max-age=974499
expires: Fri, 14 Oct 2022 01:19:58 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YmWTYMMl6k7O1anLLPbxRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4gr2L7mkbZjn3pUCN1EU2UoF+SM=
gt.com.bo/Presentation/fonts/muli-v11-latin-600.woff2
184.171.244.50200 OK 0 B URL HTTP/1.1 gt.com.bo/Presentation/fonts/muli-v11-latin-600.woff2
IP 184.171.244.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Presentation/fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: gt.com.bo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/login.php
Cookie: PHPSESSID=b0cbb80415e910d0fa7f4cc5d95dc493
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:38:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
gt.com.bo/Presentation/Scripts/jquery-3.5.1.min.js
184.171.244.50200 OK 0 B URL HTTP/1.1 gt.com.bo/Presentation/Scripts/jquery-3.5.1.min.js
IP 184.171.244.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Presentation/Scripts/jquery-3.5.1.min.js HTTP/1.1
Host: gt.com.bo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/login.php
Cookie: PHPSESSID=b0cbb80415e910d0fa7f4cc5d95dc493
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:38:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1
104.84.152.187200 OK 14 kB URL HTTP/2 www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (45689), with no line terminators
Hash 1ee15309bb313a5479cf9d3c90953de2
0e1c797088d6be92035bff7e5495b3a953b5a6b4
a57d97a52e080f530b7c9e39563b957174720ed6c8b57a119321ad4f9b70b7bf
GET /Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="762343362"
x-ua-compatible: IE=edge
content-length: 14478
cache-control: public, max-age=304313
expires: Thu, 06 Oct 2022 07:10:12 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.huntington.com/Presentation/fonts/muli-v11-latin-600.woff2
104.84.152.187200 OK 17 kB URL HTTP/2 www.huntington.com/Presentation/fonts/muli-v11-latin-600.woff2
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 17080, version 1.0\012- data
Hash b6e5b86d74352699fff02e4bdc5185e5
f01de24cfaf2f20e715e4d49023fcb19b1a62d1d
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea
GET /Presentation/fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gt.com.bo
Connection: keep-alive
Referer: https://www.huntington.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 17080
content-type: application/font-woff2
etag: "0e13fefa2c7d81:0:dtagent10243220606153550wO3Q"
last-modified: Tue, 13 Sep 2022 18:59:21 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-398723881", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=1081574
expires: Sat, 15 Oct 2022 07:04:33 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
X-Firefox-Spdy: h2
www.huntington.com/Presentation/fonts/muli-v11-latin-700.woff2
104.84.152.187200 OK 17 kB URL HTTP/2 www.huntington.com/Presentation/fonts/muli-v11-latin-700.woff2
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 17128, version 1.0\012- data
Hash 8f65fa68cfb5d8cc4f4fa728a470332b
62b57f937d710caae3ee52435ba0c408e8653c43
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273
GET /Presentation/fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gt.com.bo
Connection: keep-alive
Referer: https://www.huntington.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 17128
content-type: application/font-woff2
etag: "055e39b9c9bd81:0:dtagent102372203280754004oXK"
last-modified: Tue, 19 Jul 2022 18:23:13 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-683294235", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=289899
expires: Thu, 06 Oct 2022 03:09:58 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
X-Firefox-Spdy: h2
www.huntington.com/Presentation/fonts/muli-v11-latin-300.woff2
104.84.152.187200 OK 17 kB URL HTTP/2 www.huntington.com/Presentation/fonts/muli-v11-latin-300.woff2
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 16872, version 1.0\012- data
Hash 3d9d9afae68fc95977ec200c119c42a1
2b44b2f5ec04f2f06fd28c9041fb8fa582ab8fcc
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24
GET /Presentation/fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gt.com.bo
Connection: keep-alive
Referer: https://www.huntington.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 16872
content-type: application/font-woff2
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
cache-control: public, max-age=1100699
expires: Sat, 15 Oct 2022 12:23:18 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
X-Firefox-Spdy: h2
gt.com.bo/login.php
184.171.244.50200 OK 20 kB IP 184.171.244.50:0
File type Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Hash 3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d
GET /login.php HTTP/1.1
Host: gt.com.bo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:38:18 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=b0cbb80415e910d0fa7f4cc5d95dc493; path=/
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 166844
Content-Type: text/html; charset=UTF-8
www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
104.84.152.187200 OK 217 B URL HTTP/2 www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type PNG image data, 18 x 18, 8-bit grayscale, non-interlaced\012- data
Hash 756ea9671899d785a86de4dcc11af817
89c6975e8d8a858e94aeed1c69b010abf2afd563
6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e
GET /Presentation/onlineopinionV5/oo_icon_retina_black.gif HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "01efff054ccd81:0"
last-modified: Fri, 23 Sep 2022 23:23:07 GMT
server: Akamai Image Manager
content-length: 217
content-type: image/png
cache-control: private, no-transform, max-age=388893
expires: Fri, 07 Oct 2022 06:39:52 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
X-Firefox-Spdy: h2
www.huntington.com/Presentation/images/apple-touch-icon-180.png
104.84.152.187200 OK 1.4 kB URL HTTP/2 www.huntington.com/Presentation/images/apple-touch-icon-180.png
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash a0131f101ffcb7a4ca9362590f2a2bc3
35d7bed54a1f629bb6b27ed8600f51d287936f63
2185fef1daa3b586e2701b95bce79e6f388d216498828d09b854fd497386b320
GET /Presentation/images/apple-touch-icon-180.png HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "0d42de2dc28d81:0"
last-modified: Wed, 08 Jun 2022 20:27:04 GMT
server: Akamai Image Manager
x-serial: 859
x-check-cacheable: YES
content-length: 1351
content-type: image/png
cache-control: private, no-transform, max-age=388733
expires: Fri, 07 Oct 2022 06:37:12 GMT
date: Sun, 02 Oct 2022 18:38:19 GMT
X-Firefox-Spdy: h2
www.huntington.com/Presentation/images/favicon-16x16.png
104.84.152.187200 OK 322 B URL HTTP/2 www.huntington.com/Presentation/images/favicon-16x16.png
IP 104.84.152.187:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 55f45d358206ca31c4759defeea3be62
04c605b51629b94085bc2bd054b4e6c6989b2ffb
1c8581c1cc0ae1972eaf6022b377d3cb4c343f9c14d441376b1c546996685f51
GET /Presentation/images/favicon-16x16.png HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "0d42de2dc28d81:0"
last-modified: Wed, 08 Jun 2022 21:36:06 GMT
server: Akamai Image Manager
content-length: 322
content-type: image/webp
cache-control: private, no-transform, max-age=393048
expires: Fri, 07 Oct 2022 07:49:08 GMT
date: Sun, 02 Oct 2022 18:38:20 GMT
X-Firefox-Spdy: h2
ensighten.huntingtonbank.com/huntington/com/serverComponent.php?namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2014%2018:17:34%20GMT%202021&ClientID=1035&PageID=http%3A%2F%2Fgt.com.bo%2Flogin.php
63.34.68.24200 OK 245 B URL HTTP/1.1 ensighten.huntingtonbank.com/huntington/com/serverComponent.php?namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2014%2018:17:34%20GMT%202021&ClientID=1035&PageID=http%3A%2F%2Fgt.com.bo%2Flogin.php
IP 63.34.68.24:0
File type ASCII text, with very long lines (318)
Hash 874e310ed2d13abcb1f572e7d3cd0bad
bcadff5fe82965bd82dc85c02c849d3638539d0b
face81ae6fcb2915d1ba66c524d97fc48049f093688e8ba0b09a8614808f053a
GET /huntington/com/serverComponent.php?namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2014%2018:17:34%20GMT%202021&ClientID=1035&PageID=http%3A%2F%2Fgt.com.bo%2Flogin.php HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 02 Oct 2022 18:38:19 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 78bdf6e23d7dfa3884111f27d93df4c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: DYpiSa8ycX_SuHlUbsT47TYqwoDFLilQsZ-n5XEAKMLmyxl4RX_CkA==
Content-Encoding: gzip
ensighten.huntingtonbank.com/huntington/com/code/9a1b6331138514cb6fe470cc185bf18b.js?conditionId0=422774
63.34.68.24200 OK 37 kB URL HTTP/1.1 ensighten.huntingtonbank.com/huntington/com/code/9a1b6331138514cb6fe470cc185bf18b.js?conditionId0=422774
IP 63.34.68.24:0
File type ASCII text, with very long lines (557)
Hash a6352cd40473394449444d06a6614a33
800b3ffd4a0b7b7535951f1835416f081343a8eb
79262a3ca67b73069dd6e13b0612eaa0701cac80aa7b4cd43833c87d86b31112
GET /huntington/com/code/9a1b6331138514cb6fe470cc185bf18b.js?conditionId0=422774 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 14 Oct 2021 18:17:36 GMT
ETag: W/"343b95a29c4d1282c9423a9ce6389b7b"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: RiPMSKsWuEpWaZDJ3tYdxqW1NQygwN_i
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 e85f40b9e4a0224c05d79e84598c0254.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: 2iKrhSKkiKBuab42uW3nYNEvD8_CdN0MOiy9ZMAm-Lj7nM1i-3S6HA==
Age: 1527355
ensighten.huntingtonbank.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=72&fn=http%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2Fcode%2F9a1b6331138514cb6fe470cc185bf18b.js%3FconditionId0%3D422774&cid=1035&client=huntington&publishPath=com&rid=3377322&did=527462&errorName=ReferenceError
63.34.68.24204 No Content 0 B URL HTTP/1.1 ensighten.huntingtonbank.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=72&fn=http%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2Fcode%2F9a1b6331138514cb6fe470cc185bf18b.js%3FconditionId0%3D422774&cid=1035&client=huntington&publishPath=com&rid=3377322&did=527462&errorName=ReferenceError
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=%24%20is%20not%20defined&lnn=72&fn=http%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2Fcode%2F9a1b6331138514cb6fe470cc185bf18b.js%3FconditionId0%3D422774&cid=1035&client=huntington&publishPath=com&rid=3377322&did=527462&errorName=ReferenceError HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 bae6c56679b50ffff11fef6a7ffeea12.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: r3PsfMtyuIVB3VctaPykcfWL8YxOXujUuJozVrAcHC38ovA83A3KfA==
Age: 52092
www.googletagmanager.com/gtag/js?id=DC-10701487
142.250.74.168302 Found 252 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=DC-10701487
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c911c6f4161cf68ee27d02ec0f268ff8
0bd040c44c96dd6b1b89613ffc4e48a0152eec95
c9fc67737c8a2913e73cf8ab458fbb11b1d39ea3302992eb0da094fe74954164
GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=DC-10701487
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 252
X-XSS-Protection: 0
huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
52.177.241.160200 OK 2.0 kB URL HTTP/2 huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
IP 52.177.241.160:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1021)
Hash fc43734040c7da80fb9ae6389ba379d2
5b7b438fa98a38ba9a0186fa9749f4899d62d262
2f2cd8adeca6106c2941fe0fbae2bbc8820b76ad3a2bc2f99534135b4bf03b48
GET /chatskins/launch/inqChatLaunch10006663.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:38:20 GMT
content-type: application/javascript
content-length: 1973
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: no-cache
samesite: Strict
etag: "9FS8Mt/Em8j"
last-modified: Thu, 29 Sep 2022 05:27:34 GMT
accept-ranges: bytes
content-encoding: gzip
X-Firefox-Spdy: h2
ensighten.huntingtonbank.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=14&fn=http%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2Fcode%2F9a1b6331138514cb6fe470cc185bf18b.js%3FconditionId0%3D422774&cid=1035&client=huntington&publishPath=com&rid=3605489&did=324003&errorName=ReferenceError
63.34.68.24204 No Content 0 B URL HTTP/1.1 ensighten.huntingtonbank.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=14&fn=http%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2Fcode%2F9a1b6331138514cb6fe470cc185bf18b.js%3FconditionId0%3D422774&cid=1035&client=huntington&publishPath=com&rid=3605489&did=324003&errorName=ReferenceError
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=%24%20is%20not%20defined&lnn=14&fn=http%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2Fcode%2F9a1b6331138514cb6fe470cc185bf18b.js%3FconditionId0%3D422774&cid=1035&client=huntington&publishPath=com&rid=3605489&did=324003&errorName=ReferenceError HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 93bbc6688f0d24cc7122c5dfa105d524.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: O002VkxmB102hpmHETsV3tAsxwYBIbvvz85-RLHxTSsl9d1C1YZH-Q==
Age: 52092
ensighten.huntingtonbank.com/error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20COM%20-%20Floodlight%20-%20cat%2C%20ID%3A13458.&lnn=54&fn=https%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2FBootstrap.js&cid=1035&client=huntington&publishPath=com&rid=3377286&did=632104&errorName=DataDefinitionException
63.34.68.24204 No Content 0 B URL HTTP/1.1 ensighten.huntingtonbank.com/error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20COM%20-%20Floodlight%20-%20cat%2C%20ID%3A13458.&lnn=54&fn=https%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2FBootstrap.js&cid=1035&client=huntington&publishPath=com&rid=3377286&did=632104&errorName=DataDefinitionException
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20COM%20-%20Floodlight%20-%20cat%2C%20ID%3A13458.&lnn=54&fn=https%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2FBootstrap.js&cid=1035&client=huntington&publishPath=com&rid=3377286&did=632104&errorName=DataDefinitionException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 17c7dca456d18c7a1217f1dd39cdf4ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: L13UUk5O3ghYyZ55DF_u30mBz_V-yQbQ8QRqN3xjQ44Hl4o2CCZqQA==
Age: 52092
ensighten.huntingtonbank.com/error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20COM%20-%20Floodlight%20-%20type%2C%20ID%3A13460.&lnn=54&fn=https%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2FBootstrap.js&cid=1035&client=huntington&publishPath=com&rid=3377286&did=632104&errorName=DataDefinitionException
63.34.68.24204 No Content 0 B URL HTTP/1.1 ensighten.huntingtonbank.com/error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20COM%20-%20Floodlight%20-%20type%2C%20ID%3A13460.&lnn=54&fn=https%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2FBootstrap.js&cid=1035&client=huntington&publishPath=com&rid=3377286&did=632104&errorName=DataDefinitionException
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20COM%20-%20Floodlight%20-%20type%2C%20ID%3A13460.&lnn=54&fn=https%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2FBootstrap.js&cid=1035&client=huntington&publishPath=com&rid=3377286&did=632104&errorName=DataDefinitionException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 93bbc6688f0d24cc7122c5dfa105d524.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: JzTdBL03utuYKVdOWQz9l5jxUeDTLjXB3bdiq-kW9XqIV2RkmrTI3Q==
Age: 52092
ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2FBootstrap.js&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
63.34.68.24204 No Content 0 B URL HTTP/1.1 ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2FBootstrap.js&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
IP 63.34.68.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Fensighten.huntingtonbank.com%2Fhuntington%2Fcom%2FBootstrap.js&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 6c764dc941201b2dee59f4fdf4cd1602.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: QjNJP8yC4KGEPV4EZKLBd473a8Pzwh4AYBHVqiefw-XFPC9IRA2cDg==
Age: 52092
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=DC-10701487
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-10701487
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 069fd247eb422a15d88d3d24abcabe48
2f8aade4af2bc6e5892ecab3a60b2747d8521316
6218daa2d2c9bbad2300bd5621d8b3b3b545bf5ddf0c6b9e41dcd82a529a08bb
GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gt.com.bo/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 18:38:20 GMT
expires: Sun, 02 Oct 2022 18:38:20 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1664429241026
13.107.227.53200 OK 6.6 kB URL HTTP/2 media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1664429241026
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- C source, ASCII text, with very long lines (22059)
Hash 58925100755032b2c0891e974286331c
3d817931d795e2ab4d29f0ca1edcb1d5bdeecb7e
f027de299c2efbab4ae5be8e1d2d807c5b2843181195b152fa27911496adc4d0
GET /media/launch/chatLoader.min.js?codeVersion=1664429241026 HTTP/1.1
Host: media-us1.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=3600
content-length: 6600
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 23:54:40 GMT
accept-ranges: bytes
etag: "FehmxxSTRPD"
vary: Accept-Encoding
server: TouchCommerce Server
x-cache: TCP_HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
samesite: Strict
x-azure-ref-originshield: 02tA5YwAAAADzSv6lCkvNQJI4c3MKLgpjRlJBMjMxMDUwNDE3MDE5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-azure-ref: 0nNo5YwAAAADa7dPB5CFJT6HXkfN2FAMwT1NMMjMxMDUwMjA0MDE5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
date: Sun, 02 Oct 2022 18:38:19 GMT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
142.250.74.168302 Found 287 B URL HTTP/1.1 www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 38911cae1d8fb0baaf10fbcc263920c9
5ebba50367e9da80eca247d0d7fd171a3d161fc5
1c535af9057c16bb8654d88ba03dfa76f47041316c6b78c332e56bd809a49f22
GET /gtag/destination?id=AW-849064376&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 287
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9a5925fe9faff42cc8390efdc5e2eff8
39ca642317be780d118d5ff62197921098af3e08
7e8b8a5e18a9d993d5b47ac50b123a45aba9d25df045d0b833dc7e552eb7079f
GET /gtag/js?id=AW-786635084&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash df9ee05cc140f619a69b770c388c33df
c07e052104e98a1176dd6512fc01b6075b4865a5
2d628f50fb563fcb6c30ad985277f59e0bdf4f240ecedfb3b1e5aa70aeae17d4
GET /gtag/js?id=AW-849073348&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 211253e14e3774c27f057fd79c6f3297
117ffcb6132283d4854b262e6d7bf74dc93333a9
1f8edff0043067941ef114cc6d71502f1bfb8dd829a3a61723d6fffc484cd577
GET /gtag/js?id=AW-849063932&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 70c1096689fc71f2152ebe6c5c26cd78
06096e48d46a7e2cae7bc7a369ab729910f4473d
84dcca42231d9c3689703524bf60a2cca448645ee6559dbe43c9c0498efc391b
GET /gtag/js?id=AW-391028924&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=2077616005825;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php?
142.250.74.70200 OK 358 B URL HTTP/1.1 10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=2077616005825;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (457), with no line terminators
Hash ac5609a623d6ff90994a8cea000a9eeb
c09f911a6c74023869d00e628b0376b7e73ec3f3
eb011e99aaaa9adf583d51d029aada355b0936a20883353a54427850ca35bb0a
GET /activityi;src=10701487;type=global;cat=allpv;ord=2077616005825;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php? HTTP/1.1
Host: 10701487.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 02 Oct 2022 18:38:20 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 358
X-XSS-Protection: 0
10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=506820981129;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php?
142.250.74.70200 OK 363 B URL HTTP/1.1 10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=506820981129;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (463), with no line terminators
Hash 83817dbe998a698116416274fc6248ee
f777773fcfd0e59feb461c9deb934333fa3f50b0
2920515f12313656d3610e7f672e1ba343c49ccb43a35c701dd6fb93259da994
GET /activityi;src=10701487;type=global;cat=uvisit;ord=1;num=506820981129;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php? HTTP/1.1
Host: 10701487.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 02 Oct 2022 18:38:20 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 363
X-XSS-Protection: 0
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 3.1 kB URL HTTP/1.1 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 200 OK
Last-Modified: Fri, 12 Aug 2022 20:23:36 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=utf-8
X-EdgeConnect-MidMile-RTT: 17
X-EdgeConnect-Origin-MEX-Latency: 321
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=63753
Date: Sun, 02 Oct 2022 18:38:20 GMT
Content-Length: 3063
Connection: keep-alive
X-CDN: AKAM
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11367
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=33E71FF1415B60330B070DC0400C613E; domain=.bing.com; expires=Fri, 27-Oct-2023 18:38:20 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 62B5F738B77346D5833FED53232E7037 Ref B: OSL30EDGE0308 Ref C: 2022-10-02T18:38:20Z
Date: Sun, 02 Oct 2022 18:38:20 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5840
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:20 GMT
Last-Modified: Sun, 02 Oct 2022 17:01:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=2077616005825;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php
142.250.74.162200 OK 358 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=2077616005825;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (456), with no line terminators
Hash 52db2c7a69c08f62a9ffcdd5ea5d8f74
086d831e7aece28d71869b30b81b8618ffcb2e76
cb9968ade5811e83348a4b1c6b42165c113a531a8061e21dd309c68b8426183d
GET /ddm/fls/i/src=10701487;type=global;cat=allpv;ord=2077616005825;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.adsrvr.org/up_loader.1.1.0.js
18.164.70.179200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 18.164.70.179:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 02 Oct 2022 05:47:51 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 7d9efc042e7adb5feec60cb3e228036c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: r6uoQEds_FA3hkELmctf0fpySS4woVB8T4H3Gij3EBe4lADsBuCYnw==
Age: 46230
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ceb7f2392dd816131e0001a76cb54e19
6416c2a788f016ff94f0a10616e443e47890e97f
517337577ada3f7f9e3da9c42ce722b5a760721d59a0404afdb2810fe252245e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=506820981129;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php
142.250.74.162200 OK 363 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=506820981129;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (462), with no line terminators
Hash aa4e9d037517ab7e349ecd6ba495264a
9ee2ebefe2e39b4f90f315b6c596360407f4c143
dba348d18c97d12b25bfc8b18b7ce7ef9da81f5d629eba608f8e561f1cc03f6a
GET /ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=506820981129;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 02 Oct 2022 18:38:20 GMT
expires: Sun, 02 Oct 2022 18:38:20 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: QrRkdjxuJmZUoSXEKhqibeZZ9JFBkp397ukPTFSBZQi3JX56vKnc9+qf1eGxQvZxvuZ4G21e7n6uopueThkaig==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Sun, 02 Oct 2022 18:38:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1503
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:20 GMT
Last-Modified: Sun, 02 Oct 2022 18:13:17 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4383
Expires: Sun, 02 Oct 2022 19:51:23 GMT
Date: Sun, 02 Oct 2022 18:38:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4f94a2722366412417efbb65aa368b8
f2942fbd2a6f0326f99c3a271de2dab12c881b15
97805013c570f1c9ad0158d99dfc6f521628bfb4b72a2a5d79526ec7b04df2f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4383
Expires: Sun, 02 Oct 2022 19:51:23 GMT
Date: Sun, 02 Oct 2022 18:38:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4383
Expires: Sun, 02 Oct 2022 19:51:23 GMT
Date: Sun, 02 Oct 2022 18:38:20 GMT
Connection: keep-alive
bat.bing.com/action/0?ti=5067672&Ver=2&mid=38fa9029-e108-468a-a6d3-04326442aae0&sid=637b9d40428111edade749cf1a402f7a&vid=637bb0f0428111eda0588325e7b07987&vids=0&msclkid=N&ec=Visit&ea=Public&sw=1280&sh=1024&sc=24&evt=custom&rn=439482
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5067672&Ver=2&mid=38fa9029-e108-468a-a6d3-04326442aae0&sid=637b9d40428111edade749cf1a402f7a&vid=637bb0f0428111eda0588325e7b07987&vids=0&msclkid=N&ec=Visit&ea=Public&sw=1280&sh=1024&sc=24&evt=custom&rn=439482
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5067672&Ver=2&mid=38fa9029-e108-468a-a6d3-04326442aae0&sid=637b9d40428111edade749cf1a402f7a&vid=637bb0f0428111eda0588325e7b07987&vids=0&msclkid=N&ec=Visit&ea=Public&sw=1280&sh=1024&sc=24&evt=custom&rn=439482 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=09519D2904B46A7A31CF8F1805416BB6; domain=.bing.com; expires=Fri, 27-Oct-2023 18:38:20 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B35C4ECC1784A33A8802B5BC7704871 Ref B: OSL30EDGE0120 Ref C: 2022-10-02T18:38:20Z
date: Sun, 02 Oct 2022 18:38:20 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5067672&Ver=2&mid=38fa9029-e108-468a-a6d3-04326442aae0&sid=637b9d40428111edade749cf1a402f7a&vid=637bb0f0428111eda0588325e7b07987&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Online%20Banking,%20Insurance,%20Investing,%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&kw=Huntington%20bank%20mobile%20login,%20Huntington%20mobile,%20Huntington%20bank%20mobile%20&p=http%3A%2F%2Fgt.com.bo%2Flogin.php&r=<=1589&evt=pageLoad&sv=1&rn=349893
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5067672&Ver=2&mid=38fa9029-e108-468a-a6d3-04326442aae0&sid=637b9d40428111edade749cf1a402f7a&vid=637bb0f0428111eda0588325e7b07987&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Online%20Banking,%20Insurance,%20Investing,%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&kw=Huntington%20bank%20mobile%20login,%20Huntington%20mobile,%20Huntington%20bank%20mobile%20&p=http%3A%2F%2Fgt.com.bo%2Flogin.php&r=<=1589&evt=pageLoad&sv=1&rn=349893
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5067672&Ver=2&mid=38fa9029-e108-468a-a6d3-04326442aae0&sid=637b9d40428111edade749cf1a402f7a&vid=637bb0f0428111eda0588325e7b07987&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Online%20Banking,%20Insurance,%20Investing,%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&kw=Huntington%20bank%20mobile%20login,%20Huntington%20mobile,%20Huntington%20bank%20mobile%20&p=http%3A%2F%2Fgt.com.bo%2Flogin.php&r=<=1589&evt=pageLoad&sv=1&rn=349893 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=18B95227DF9E627F31184016DE6B63D3; domain=.bing.com; expires=Fri, 27-Oct-2023 18:38:20 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07CC2D4F793C442CA26FFCB1F10A745E Ref B: OSL30EDGE0120 Ref C: 2022-10-02T18:38:20Z
date: Sun, 02 Oct 2022 18:38:20 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 74983
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=2077616005825;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php
142.250.74.162200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=2077616005825;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=10701487;type=global;cat=allpv;ord=2077616005825;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:20 GMT
expires: Sun, 02 Oct 2022 18:38:20 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=506820981129;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php
142.250.74.162200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=506820981129;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=506820981129;gtm=2od9s0;auiddc=1166403827.1664735900;u1=;u11=;~oref=http%3A%2F%2Fgt.com.bo%2Flogin.php HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:20 GMT
expires: Sun, 02 Oct 2022 18:38:20 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94d82ad8d70761f6ee1384b4183335f3
5d3389a965cfa45dab2202d89b40264368674e8a
ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:21:15 GMT
age: 73025
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1664735900521&url=http%3A%2F%2Fgt.com.bo%2Flogin.php
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1664735900521&url=http%3A%2F%2Fgt.com.bo%2Flogin.php
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=291554&time=1664735900521&url=http%3A%2F%2Fgt.com.bo%2Flogin.php HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1664735900521%26url%3Dhttp%253A%252F%252Fgt.com.bo%252Flogin.php%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLqxtpNhyjbbgAAAYOZ_fT2QwOa72drDg0Xrgq0OezQ4neLdDAVAQVz2Q3nPePgQdPcx_zFOBDQuA; Max-Age=2592000; Expires=Tue, 01 Nov 2022 18:38:20 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLiefUu2Vxc7wAAAYOZ_fT2rSq891T2bXDcRPkzlXQKZZPIejVsOaeXmn4Ruh9O2MSq7gjjw0c-QMsgSWgbOA; Max-Age=2592000; Expires=Tue, 01 Nov 2022 18:38:20 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&94fbf416-c636-4441-8fac-bed693ba5932"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 02-Oct-2023 18:38:20 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2396:u=1:x=1:i=1664735900:t=1664822300:v=2:sig=AQGTGg0QufXazPC__VAPeh-F-MQmc6dZ"; Expires=Mon, 03 Oct 2022 18:38:20 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXqEYgEwansz61hLO2vkw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FD034369BBC546859ADF9E7FA2A43056 Ref B: OSL30EDGE0214 Ref C: 2022-10-02T18:38:20Z
date: Sun, 02 Oct 2022 18:38:20 GMT
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
age: 74986
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 74984
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e711c6bf0d0808f0b5c57b80916eba4d
36c8dcdfdc2c59246ba9d999ddffd5387f68155e
e252f3c857e18ddaea7059bfb19826ac5e47c694ce57068d85f60bd1ac5f6c25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6101
x-amzn-requestid: 0edbc5d1-324f-4b4f-a55c-b9333f2bb6a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnFumIAMFoEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-1422f70670e89174415c1aba;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hG5L6pTNHLcM-nBovmH6kFuFK5oXJuxVWsnaffj6L8bDlGnpFVJFKg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:17:57 GMT
age: 73223
etag: "36c8dcdfdc2c59246ba9d999ddffd5387f68155e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ae1e7d3-41cb-4400-8cae-870baa006b86.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ae1e7d3-41cb-4400-8cae-870baa006b86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a137925cb6116c46ce21c6e27933c44
2973e908318c68489bba9b4242254769a4f3d1ba
737bf9c3d2906a937ed0b082c8830982163be90acf8dd01dacc7ec80c5c8bcd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ae1e7d3-41cb-4400-8cae-870baa006b86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7777
x-amzn-requestid: d035ce80-1700-4e69-8b75-e0bf47ca9ddf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCWCFw4oAMFVDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63311759-0412900d669b5381058ec9a2;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:07:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Qjg6qPJNIehAnTLi-hWNzXTtp0q6Jnw82sOKKZJvTznFmNihUcNgJw==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 18:22:17 GMT
age: 963
etag: "2973e908318c68489bba9b4242254769a4f3d1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c120ef4802f4eb64e93225496ba6944a
cdebb30349fa79f7ddb7d13aac47735565ac0ba2
1bcd7dc722018962f16783f0f888742a7926c0a7e466deef174f0f4fc5eb4a4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c120ef4802f4eb64e93225496ba6944a
cdebb30349fa79f7ddb7d13aac47735565ac0ba2
1bcd7dc722018962f16783f0f888742a7926c0a7e466deef174f0f4fc5eb4a4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/5067672.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5067672.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5067672.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1D0E02D3152260BC2FA810E214D761D9; domain=.bing.com; expires=Fri, 27-Oct-2023 18:38:20 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5145D44DE5B64B8D8F0B1EC1E94B76DF Ref B: OSL30EDGE0120 Ref C: 2022-10-02T18:38:20Z
date: Sun, 02 Oct 2022 18:38:20 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1664735900797&cv=9&fst=1664735900797&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1664735900797&cv=9&fst=1664735900797&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2412), with no line terminators
Hash c6227912b2069624774ea6b9ad81d82d
a0047b18dea912ee41fe8679594677a052a46ea7
83fcc4e46625edf0576088524a1ac32245b17f65e13a6edc89b27e97bdfad765
GET /pagead/viewthroughconversion/786635084/?random=1664735900797&cv=9&fst=1664735900797&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1083
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 18:53:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1664735900785&cv=9&fst=1664735900785&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1664735900785&cv=9&fst=1664735900785&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2412), with no line terminators
Hash da43bc01a893c734555f3f293083f8ff
faa427e616ccd9cebe031d3838f292dd46861184
ca8a1ba57a0f76c876023a790ff4d90aa0dd50a6a3a88e9cba6bbe56382836cc
GET /pagead/viewthroughconversion/849073348/?random=1664735900785&cv=9&fst=1664735900785&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1084
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 18:53:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/?random=1664735900778&cv=9&fst=1664735900778&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dpage_view%3Badobeidappid%3D%7C&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/?random=1664735900778&cv=9&fst=1664735900778&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dpage_view%3Badobeidappid%3D%7C&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2450), with no line terminators
Hash 30af12b9da6b90d6041d98ed077b49b6
27bd131c5e2a5846ff486a56c00584799ecd9a89
ce97f0908fc765ed652650333d2825e7e8f3dc99906d578b1cd3fe0320472594
GET /pagead/viewthroughconversion/849064376/?random=1664735900778&cv=9&fst=1664735900778&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dpage_view%3Badobeidappid%3D%7C&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1098
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 18:53:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1664735900808&cv=9&fst=1664735900808&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1664735900808&cv=9&fst=1664735900808&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2410), with no line terminators
Hash 8c2e1d2c3def8492d5b892edbc340504
10b48c57d42d37feed0b5ee850784e33b40c2075
3f1def6b56d9f91c18bb669a94e22cd53967c67c10aebb219f6d8d860668a3f4
GET /pagead/viewthroughconversion/391028924/?random=1664735900808&cv=9&fst=1664735900808&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1082
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 18:53:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1664735900811&cv=9&fst=1664735900811&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1664735900811&cv=9&fst=1664735900811&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2412), with no line terminators
Hash baef9640d0bc2f515c9d2e77e09fb932
a3635d77b0034bb35ed17ffd6d19892e277af509
89a0fa8ce564ab0ff1b16dee232cdc76f33596d57cb619839c0a12422e432245
GET /pagead/viewthroughconversion/849063932/?random=1664735900811&cv=9&fst=1664735900811&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&auid=1166403827.1664735900&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1083
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 18:53:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10030245.json
188.125.94.206200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10030245.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10030245.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gt.com.bo
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: T1N9XZPFC0PKXWSH
x-amz-id-2: aFNW4ysjAhpFnujl0N8o2zWzR2EgM3ZtoQZB6pc4d652c7QDPJTUOJF/+qD5ewtcCPE0iRVGHYs=
content-type: application/json
date: Sun, 02 Oct 2022 18:38:21 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 1
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/849073348/?random=1664735900785&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=1982790487&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/849073348/?random=1664735900785&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=1982790487&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849073348/?random=1664735900785&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=1982790487&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/849064376/?random=1664735900778&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dpage_view%3Badobeidappid%3D%7C&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=3582903097&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/849064376/?random=1664735900778&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dpage_view%3Badobeidappid%3D%7C&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=3582903097&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849064376/?random=1664735900778&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dpage_view%3Badobeidappid%3D%7C&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=3582903097&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/849063932/?random=1664735900811&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=3875240051&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/849063932/?random=1664735900811&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=3875240051&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849063932/?random=1664735900811&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=3875240051&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/786635084/?random=1664735900797&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=2126708461&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/786635084/?random=1664735900797&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=2126708461&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/786635084/?random=1664735900797&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=2126708461&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/391028924/?random=1664735900808&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=103127643&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/391028924/?random=1664735900808&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=103127643&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/391028924/?random=1664735900808&cv=9&fst=1664733600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&async=1&fmt=3&is_vtc=1&random=103127643&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Fgt.com.bo%2Flogin.php&rl=&if=false&ts=1664735900963&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1664735900962.1450321158&it=1664735900805&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=56c9ac57-f67e-4332-b7d6-61d2b70eb0a4&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Fgt.com.bo%2Flogin.php&rl=&if=false&ts=1664735900963&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1664735900962.1450321158&it=1664735900805&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=56c9ac57-f67e-4332-b7d6-61d2b70eb0a4&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Fgt.com.bo%2Flogin.php&rl=&if=false&ts=1664735900963&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1664735900962.1450321158&it=1664735900805&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=56c9ac57-f67e-4332-b7d6-61d2b70eb0a4&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 02 Oct 2022 18:38:21 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1664735900521%26url%3Dhttp%253A%252F%252Fgt.com.bo%252Flogin.php%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1664735900521%26url%3Dhttp%253A%252F%252Fgt.com.bo%252Flogin.php%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1664735900521%26url%3Dhttp%253A%252F%252Fgt.com.bo%252Flogin.php%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gt.com.bo/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1664735900521&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&6dad062e-d462-4dfd-815b-24724b2519d9"; Domain=.linkedin.com; Expires=Mon, 02-Oct-2023 18:38:21 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221002183821520a6a5f-5e24-46b6-8a4f-8800766c1ae6AQG4Mgun03SrT63yVh4eI4gBAGf7Uglk"; Domain=.www.linkedin.com; Expires=Mon, 02-Oct-2023 18:38:21 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjQ3MzU5MDE7MjswMjF7eFYMViBJadwKEUHkZWLVnr8f+41V3dJpDfSLK5urCg==; Domain=.linkedin.com; Expires=Fri, 31 Mar 2023 18:38:21 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2354:u=1:x=1:i=1664735901:t=1664822301:v=2:sig=AQGrxe2urhxxfsvKQFSn0obOHs5Xz9hi"; Expires=Mon, 03 Oct 2022 18:38:21 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXqEYgIFMc54hGhvZEM5g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9EB5BFA8D8DA4356B4C67CBDAC0CF13E Ref B: OSL30EDGE0214 Ref C: 2022-10-02T18:38:21Z
date: Sun, 02 Oct 2022 18:38:20 GMT
content-length: 0
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&.yp=10030245&f=http%3A%2F%2Fgt.com.bo%2Flogin.php&enc=UTF-8&yv=1.13.0&et=custom&ec=Visit&ea=Public&tagmgr=gtm%2Censighten
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&.yp=10030245&f=http%3A%2F%2Fgt.com.bo%2Flogin.php&enc=UTF-8&yv=1.13.0&et=custom&ec=Visit&ea=Public&tagmgr=gtm%2Censighten
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&.yp=10030245&f=http%3A%2F%2Fgt.com.bo%2Flogin.php&enc=UTF-8&yv=1.13.0&et=custom&ec=Visit&ea=Public&tagmgr=gtm%2Censighten HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:38:21 GMT
expires: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBJ3aOWMCEGxKdRPcHXqarBp6r7UDzrcFEgEBAQEsO2NDYwAAAAAA_eMAAA&S=AQAAAufzjasXMenj9vitvfkZzJc; Expires=Tue, 3 Oct 2023 00:38:21 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2002%20Oct%202022%2018%3A38%3A20%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&.yp=10030245&f=http%3A%2F%2Fgt.com.bo%2Flogin.php&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Censighten
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2002%20Oct%202022%2018%3A38%3A20%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&.yp=10030245&f=http%3A%2F%2Fgt.com.bo%2Flogin.php&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Censighten
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Sun%2C%2002%20Oct%202022%2018%3A38%3A20%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C...%20huntington.com&.yp=10030245&f=http%3A%2F%2Fgt.com.bo%2Flogin.php&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Censighten HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:38:21 GMT
expires: Sun, 02 Oct 2022 18:38:21 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBJ3aOWMCEGfF0a7k94fqhsvVrtPv68oFEgEBAQEsO2NDYwAAAAAA_eMAAA&S=AQAAAp0R76SNh-6mieTyE8jP2MY; Expires=Tue, 3 Oct 2023 00:38:21 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1664735900521&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1664735900521&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=291554&time=1664735900521&url=http%3A%2F%2Fgt.com.bo%2Flogin.php&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gt.com.bo/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&f4abb0cf-4ab4-40a0-858b-4dce6ee59c40"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 02-Oct-2023 18:38:21 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2400:u=1:x=1:i=1664735901:t=1664822301:v=2:sig=AQE2hixAG-A3rKZsxtaDz0wIm4iApjwk"; Expires=Mon, 03 Oct 2022 18:38:21 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXqEYgKn1xFDUtqKYkCUg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B2D0CEC7B1F24E499E52FA56D3797344 Ref B: OSL30EDGE0214 Ref C: 2022-10-02T18:38:21Z
date: Sun, 02 Oct 2022 18:38:20 GMT
content-length: 0
X-Firefox-Spdy: h2
gt.com.bo/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
184.171.244.50200 OK 0 B URL HTTP/1.1 gt.com.bo/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
IP 184.171.244.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 HTTP/1.1
Host: gt.com.bo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gt.com.bo/login.php
Cookie: PHPSESSID=b0cbb80415e910d0fa7f4cc5d95dc493; _gcl_au=1.1.1166403827.1664735900; _uetsid=637b9d40428111edade749cf1a402f7a; _uetvid=637bb0f0428111eda0588325e7b07987; _fbp=fb.2.1664735900962.1450321158
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:38:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.sca1b.amazontrust.com/
108.138.212.135200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.138.212.135:0
Hash ccefe11ec930fdc0afa80e1c303aff8b
5832f77726de52189e5346089edfacc7487920b5
72d74c17b42f163d2ef4223e5b0e2bd65a3b4664085ce728e68f06ce238063d0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 18:38:25 GMT
Last-Modified: Sun, 02 Oct 2022 18:19:51 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 5f579649fb5bae8b4702b48b6acbf556.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: -bEe1TJMw3YUh6hIviH9NH9LqMv3NPyQRrc-AEatQxAp7VjfT_X5Zw==
Age: 1114
api.levelaccess.net/analytics/3.0/results
34.233.111.132200 OK 0 B URL HTTP/2 api.levelaccess.net/analytics/3.0/results
IP 34.233.111.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics/3.0/results HTTP/1.1
Host: api.levelaccess.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16689
Origin: http://gt.com.bo
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:38:26 GMT
content-length: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: JSESSIONID=D344E90B8110B10D31B4BE837F00AD18; Path=/; HttpOnly
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.206200 OK 0 B IP 188.125.94.206:0
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5AGEvmu1XK5sLMZwGTHoyjgiOBSITo/atmiXfCUiNycHcy+zk68nW5u/mG/kWBZjzy0nbEhxAFs=
x-amz-request-id: C2680YS182N7CZNW
date: Sun, 02 Oct 2022 18:27:21 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 661
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
63.34.68.24200 OK 0 B URL HTTP/2 ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
IP 63.34.68.24:0
Analyzer Verdict Alert fortinet Malware
GET /huntington/com/Bootstrap.js HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 18:38:19 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Oct 2021 18:17:36 GMT
etag: W/"acb90a8dcc077a2bf70edc482de99548"
x-amz-server-side-encryption: AES256
cache-control: max-age=300
x-amz-version-id: GoPThTOHJBOOoP3Gb7VkzXtDoWKDl3Pb
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7285dbd4c05f1133ea7048c8307b03ee.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: a6zxVjNe7AUPVyR0NGhuQzBuAnlVgheVlCrnZo9juGegT7h-XTasEA==
age: 1622700
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=l6jmegy&ref=http%3A%2F%2Fgt.com.bo%2Flogin.php&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1664735900325
35.71.131.137200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=l6jmegy&ref=http%3A%2F%2Fgt.com.bo%2Flogin.php&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1664735900325
IP 35.71.131.137:0
GET /track/up?adv=l6jmegy&ref=http%3A%2F%2Fgt.com.bo%2Flogin.php&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1664735900325 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gt.com.bo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 18:38:21 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2