| mfg-financial.com/ftp/xchange/login.php | 54.85.200.131 | 301 Moved Permanently | 170 B |
URL HTTP/1.1mfg-financial.com/ftp/xchange/login.php IP54.85.200.131:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash5bf3a62c4baec1d7339bb0a03f5b9211 24008e686ae1f0102891d02c994cd38a403f10bf 646f4cebed77580971f73047ec463a1010e25d0101be2354f1ca6ed119b5ff7f
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /ftp/xchange/login.php HTTP/1.1
Host: mfg-financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.10
Date: Tue, 27 Dec 2022 01:13:45 GMT
Content-Type: text/html
Content-Length: 170
Connection: keep-alive
Location: http://www.mfg-financial.com/ftp/xchange/login.php
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash96defe1601ba891731eee83f0830649d ba500679fd337488c3f60543561740ff0dfc1898 d2a320a9feb1a874af3da921db2a8619513968724ef8eb0715c010291c4cf8d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2A320A9FEB1A874AF3DA921DB2A8619513968724EF8EB0715C010291C4CF8D9"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3726
Expires: Tue, 27 Dec 2022 02:16:37 GMT
Date: Tue, 27 Dec 2022 01:14:31 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9cce060ddc316540d079e6816a1e7412 709a74969d1996d2b35ef0f7f34ae18455169f1e 6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6609
Expires: Tue, 27 Dec 2022 03:04:40 GMT
Date: Tue, 27 Dec 2022 01:14:31 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb2d59bdbb1ca6324590988ec031cf1fc bfd4e25af37dcde4bac38d9b178c5ac8e50f8834 cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12264
Expires: Tue, 27 Dec 2022 04:38:55 GMT
Date: Tue, 27 Dec 2022 01:14:31 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 27 Dec 2022 00:46:36 GMT
content-type: application/json
age: 1675
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aKYhBWbQrgjtH7+Zm5fdOxUAAWXExXnyWYfbXoWyWIuwqvLUD5dXyH1P8YFk8nqOnFLdKRv+FSs=
x-amz-request-id: ZC2TB23E4A1DJPYV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Dec 2022 00:57:39 GMT
age: 1012
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 01:14:31 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 27 Dec 2022 00:33:30 GMT
age: 2462
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.mfg-financial.com/ftp/xchange/login.php | 104.16.65.197 | 301 Moved Permanently | 168 B |
URL HTTP/1.1www.mfg-financial.com/ftp/xchange/login.php IP104.16.65.197:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash7fcef5af46c476aefdcff7248195cdfc ff5a3b84620fb8270ae6781fdc406f08f1b88c1f 946bde26daab13c238c8b580bd7f21a2fee4bf265cfff5de3f90bb220b0937e8
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /ftp/xchange/login.php HTTP/1.1
Host: www.mfg-financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Dec 2022 01:14:32 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.mfg-financial.com/ftp/xchange/login.php
X-StackifyID: V2|458dc239-07bb-4fe9-909e-d20170bed124|C78253|CD55236
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=qKb5_A6l30Qc_1XEE.m99NGQs7INQE2q95w_tk9wp8c-1672103672-0-AfT6tF/fCP4BLC60dB8QsAGCSs6v17yt/ElDeMh6Xd7krLZaPg4Hf0un+Bp8N7vSpMjw4OD40Ezvj4iky/VnoxnLHnF0LJe5A8l8uGzbOhET; path=/; expires=Tue, 27-Dec-22 01:44:32 GMT; domain=.www.mfg-financial.com; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 77fe332cad3cb4ee-OSL
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashaf1f72e0b005e5b93b4d5341aa18c9f5 a422e7e70d195d3c056ede27d91e807b0810d1b1 489af4154fc6a9e93cce0633071f033c15fcac680c1429e6768ca09290a42f04
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=97096
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:32 GMT
Etag: "63a91f40-117"
Expires: Wed, 28 Dec 2022 04:12:48 GMT
Last-Modified: Mon, 26 Dec 2022 04:12:48 GMT
Server: nginx
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash68ee4e2891b5a52719997e4ef8cb7aab ae2e49eff010551d7f3dcf005a51530ee2910480 2bae50a834a34f248f6a79cf6f191dcf709c24b884f2d3da7fa43985c6b2d48b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4872
Cache-Control: max-age=119608
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:32 GMT
Etag: "63a96428-1d7"
Expires: Wed, 28 Dec 2022 10:28:00 GMT
Last-Modified: Mon, 26 Dec 2022 09:06:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 44.242.41.15 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.242.41.15:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3HDQ77MjFMyeQjLgEz0d9Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SDtIQ93O/VpspzGAGOhjAjiopWE=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashae893eec23998fe856d6ee3df2163a80 d98cb1a1c82c429c2f6fdbbfb7461713c790da7a 24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash5d3978967108a479b633f820f75e3371 e8dba45f8d70fac26a8d3f4c05afce32231ca23d 29c90351aec95c22fbddc08ce6a1b8223186fc4215e2d522238bf4bff36f2d8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.jsdelivr.net/scrollreveal.js/3.1.4/scrollreveal.min.js | 151.101.129.229 | 200 OK | 2.9 kB |
URL HTTP/2cdn.jsdelivr.net/scrollreveal.js/3.1.4/scrollreveal.min.js IP151.101.129.229:0
File typeASCII text, with very long lines (8487), with no line terminators Hash7f7205a48c4dd9f9d3a7afd745cee35a e5b0d510fff64e1a33233d2ea024154a4dea0297 886406d8f1abe3c73a919f0ae135424c212c59df766cecbf4857db5f7fcb80f9
GET /scrollreveal.js/3.1.4/scrollreveal.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"2127-rqUEoxT8/cZfMBPhMhm4ySd2/9s"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Dec 2022 01:14:33 GMT
age: 4834167
x-served-by: cache-fra-eddf8230052-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2933
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-24680519-10 | 142.250.74.168 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-24680519-10 IP142.250.74.168:0
File typeASCII text, with very long lines (1921) Hashaaf7259da29f61dabffdc9132340b717 22a67cb4be898750f68764ae38d48bf337e83e91 2896ea7acd76d01c40f203a9ac18370bcd79a20e65701817e48f6cf30435ead8
GET /gtag/js?id=UA-24680519-10 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Dec 2022 01:14:33 GMT
expires: Tue, 27 Dec 2022 01:14:33 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashae893eec23998fe856d6ee3df2163a80 d98cb1a1c82c429c2f6fdbbfb7461713c790da7a 24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash5d3978967108a479b633f820f75e3371 e8dba45f8d70fac26a8d3f4c05afce32231ca23d 29c90351aec95c22fbddc08ce6a1b8223186fc4215e2d522238bf4bff36f2d8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 | 151.101.130.133 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP151.101.130.133:0
Hash085bdbd1cf793e6194d1eb74f49044cf 7f1b24fddf3eb3dfba8f28e37ce814aee3749c55 afaee58e1cb6c81f247f1fbb07e47c1620d3c6e55669208bf6e99af3c59ab056
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "ACB1FCDB2C7F0B06542438B80E4C56B093CF850B"
Expires: Tue, 27 Dec 2022 12:00:00 UTC
Last-Modified: Tue, 27 Dec 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Tue, 27 Dec 2022 01:14:33 GMT
Via: 1.1 varnish
Age: 3589
X-Served-By: cache-bma1674-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1672103673.397775,VS0,VE1
|
|
| static.fmgsuite.com/media/sourceImages/d0a75788-244f-4a14-8346-b0f82c5de81b.png?v=1 | 54.230.111.12 | 200 OK | 666 kB |
URL HTTP/2static.fmgsuite.com/media/sourceImages/d0a75788-244f-4a14-8346-b0f82c5de81b.png?v=1 IP54.230.111.12:0
File typePNG image data, 1383 x 1325, 8-bit/color RGBA, non-interlaced\012- data Size666 kB (666339 bytes) Hash8a5e83af60ea470d320acbe9c30e4176 6544a9d9c3f5a7b587f3e41c8e4a3ed887d0b3fd 1ae04324f6e37d8475a4e67f32d9e874e5f187326df33dbb4c32c6bd760e30ab
GET /media/sourceImages/d0a75788-244f-4a14-8346-b0f82c5de81b.png?v=1 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 666339
date: Mon, 26 Dec 2022 07:20:11 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 17 Sep 2018 20:56:10 GMT
etag: "8a5e83af60ea470d320acbe9c30e4176"
x-amz-version-id: Is37tVWycvjNiy_lRUSS.azsl5efiMfG
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NVBiqMsFRE8i6krcrZBbIzoGyQ2v0G38ncM93GIS7nyH8wmCQnYpYQ==
age: 64463
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/media/sourceImages/b87ccca4-20b6-40e2-8f23-5619bf1a0dac.png?v=1 | 54.230.111.12 | 200 OK | 154 kB |
URL HTTP/2static.fmgsuite.com/media/sourceImages/b87ccca4-20b6-40e2-8f23-5619bf1a0dac.png?v=1 IP54.230.111.12:0
File typePNG image data, 900 x 565, 8-bit/color RGBA, non-interlaced\012- data Size154 kB (153789 bytes) Hash9501320cc17c42e1c32f1c6e4f66c234 622a06a6f629837d35e01c81f283280085d1c3cc a0e1c61ed13296e782b3b2ced418becbb99a6bfde7e4afcb5b4ee56219506c4d
GET /media/sourceImages/b87ccca4-20b6-40e2-8f23-5619bf1a0dac.png?v=1 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 153789
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Sep 2018 23:37:31 GMT
x-amz-version-id: TLyZq7_nhgyyaRkzWVJP_17Nnx67gsyr
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Dec 2022 06:46:11 GMT
etag: "9501320cc17c42e1c32f1c6e4f66c234"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q_Qvca3XmYqawee43Mauc9WKH5BdBwNoiOqDGN3Nc1ENF8tlCn0tsQ==
age: 66502
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/site/templates/global/img/assets/largethumb/015-largethumb-a.jpg?v=1 | 54.230.111.12 | 200 OK | 154 kB |
URL HTTP/2static.fmgsuite.com/site/templates/global/img/assets/largethumb/015-largethumb-a.jpg?v=1 IP54.230.111.12:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x460, components 3\012- data Size154 kB (153934 bytes) Hash6f47f3a8ce384da88afa641cc61c7880 da527966e3b4deadc5e76b54c6132786f136be20 351ffd57253fe2fad7f34dbe8cb0007bc6cbc97b771740cf1ca1822041cb907d
GET /site/templates/global/img/assets/largethumb/015-largethumb-a.jpg?v=1 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 153934
x-amz-replication-status: COMPLETED
last-modified: Tue, 29 Mar 2022 22:54:21 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: d2cpCzumuoinZ.g8GgbMyhgZDH6pAX7B
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Dec 2022 23:58:11 GMT
etag: "6f47f3a8ce384da88afa641cc61c7880"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MutKwbVHHRSbxjoi_4-xe6CyGGDhwLn4pA4_BEHRegGlJL4XdU1Xew==
age: 4583
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/site/templates/global/img/assets/largethumb/195-largethumb-a.jpg?v=1 | 54.230.111.12 | 200 OK | 56 kB |
URL HTTP/2static.fmgsuite.com/site/templates/global/img/assets/largethumb/195-largethumb-a.jpg?v=1 IP54.230.111.12:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x460, components 3\012- data Hashb8686755e002e3b44e8e59f21fd34738 6f20cfcf2d9badfea75949c88e7ffa71346ce4be 78f2c0da5b951499b3759c10c254905cfc965bfb440a5dae9001faf32c820941
GET /site/templates/global/img/assets/largethumb/195-largethumb-a.jpg?v=1 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 56423
x-amz-replication-status: COMPLETED
last-modified: Tue, 29 Mar 2022 22:54:45 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 3tjU932VpMkQbcO04raEuRtJ.9Vw6LDz
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Dec 2022 23:58:11 GMT
etag: "b8686755e002e3b44e8e59f21fd34738"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zd0xZv5LQ2oU0Fq62T_bqj3B5vbS-5w6XgYDOlY44MLl6x6rw3bTIQ==
age: 4583
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/media/sourceImages/d3fd26e1-2ef1-4a13-a663-f9b955a6ec4c.png?v=1 | 54.230.111.12 | 200 OK | 278 kB |
URL HTTP/2static.fmgsuite.com/media/sourceImages/d3fd26e1-2ef1-4a13-a663-f9b955a6ec4c.png?v=1 IP54.230.111.12:0
File typePNG image data, 1579 x 1133, 8-bit/color RGBA, non-interlaced\012- data Size278 kB (277742 bytes) Hash6935235d36fe4dcc2bac1a3b97281e4b d36aa8952471ad8e55cccf170eb5bda8dba9cea3 364267d5fb647318ba3816ed66d16aa1468654bb1adeb41224a8703631cf6be5
GET /media/sourceImages/d3fd26e1-2ef1-4a13-a663-f9b955a6ec4c.png?v=1 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 277742
x-amz-replication-status: COMPLETED
last-modified: Fri, 14 Sep 2018 00:00:30 GMT
x-amz-version-id: sEI.B5MOU4GekIVDP1KGfwXW_x4YHB2R
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Dec 2022 00:29:12 GMT
etag: "6935235d36fe4dcc2bac1a3b97281e4b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k66M8ru9duAFYkNdAdWPOvkrPF2zUzK1INDB6kVgFwjMrfvGtLeVjw==
age: 2722
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash796e102a616f07b0de39f5476179ccd5 bf1d8b0944ffa91afc7d31d2ffb3291652f903c3 6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14757
Expires: Tue, 27 Dec 2022 05:20:30 GMT
Date: Tue, 27 Dec 2022 01:14:33 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash7b2f0cfcfe625e75a4915fc398045e12 294b8e6d2cec293a1d68c76964312cc591a39803 75b3f622cd2698afca60af7d10772f456488aaf63f707e505d5a67d36dbfee42
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136619
Date: Tue, 27 Dec 2022 01:14:33 GMT
Etag: "63a9a661-1d7"
Expires: Wed, 28 Dec 2022 15:11:32 GMT
Last-Modified: Mon, 26 Dec 2022 13:49:21 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZqCy1uoqWDAa6C9RtglLzhfDgEQQBybLI4qy9NyT4qRTJzifjECx3A==
Age: 4931
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash7b2f0cfcfe625e75a4915fc398045e12 294b8e6d2cec293a1d68c76964312cc591a39803 75b3f622cd2698afca60af7d10772f456488aaf63f707e505d5a67d36dbfee42
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136614
Date: Tue, 27 Dec 2022 01:14:33 GMT
Etag: "63a9a661-1d7"
Expires: Wed, 28 Dec 2022 15:11:27 GMT
Last-Modified: Mon, 26 Dec 2022 13:49:21 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: orNek7nukNGBtk6zocaupylydMt-rbgLfyqiHfywCK-2BxvxdXhFaA==
Age: 4926
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2714bb-b993-4a59-8060-2731a83cad48.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2714bb-b993-4a59-8060-2731a83cad48.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd1964c05c10407de7a80602733f4e740 ad4906adb14904182746eac5935433fba1c7783c 521aa22be37143a80eb3314f57cf9b99d48a9ad77bebb8012c96464b93530b63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2714bb-b993-4a59-8060-2731a83cad48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9772
x-amzn-requestid: 92ffab03-243e-432f-bbeb-be90fa5e0ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYDFvfIAMFajA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1299-7cb9a9b729db72b7550fcf7c;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MogTHBdmwt6knnv1C_t_LNy98cz8k61YRJqfbHrT8jNGXcj8VQCdYg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:37 GMT
age: 12596
etag: "ad4906adb14904182746eac5935433fba1c7783c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b0ab4bf-f3c8-452e-9d0c-46e00869cbfe.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b0ab4bf-f3c8-452e-9d0c-46e00869cbfe.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash31b0cbea79e21b8e76a6bf62bc3988a0 9488e99943c23fc9ba425a40859e51dbc939ab8e dd7d253c1cd0ba95849acecd6f4ff95aae87c15c309cf97a2f95a3fa07583833
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b0ab4bf-f3c8-452e-9d0c-46e00869cbfe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5013
x-amzn-requestid: 6dec2641-8f0e-481c-b059-881065e813c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dx7B1GklIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa3ed8-3745988a382f539a3ba82d06;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 00:39:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8l5oREhgoTWthGfU7N9gPuBKnGp_fPSU5Alo17q5HKz_uQntYxjD8A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 00:49:08 GMT
age: 1525
etag: "9488e99943c23fc9ba425a40859e51dbc939ab8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9658bc08-5e7a-4e2a-84f5-0d9e42e3b77c.jpeg | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9658bc08-5e7a-4e2a-84f5-0d9e42e3b77c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6fae1d3c96b2fb2de464bfa2ecac255e 24fd29d292ea53fb909dfa1829a0010b75de2f01 b4a82374d8ab68ae01bc170f8cd3159d0c23ee62c516c317a889ed0c0e575638
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9658bc08-5e7a-4e2a-84f5-0d9e42e3b77c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7289
x-amzn-requestid: c374bc19-82dd-4692-aaf8-613fb4ba62e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: do608EYMoAMF1qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a6a4ec-23632b8f1341ef9f2d82f5e4;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 07:06:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4vPGiDwu3oN4X9vaUd8DsEa_yn_zwyJTX-Q9B7S5HNMzFx4vhfJUPg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 01:26:49 GMT
age: 85664
etag: "24fd29d292ea53fb909dfa1829a0010b75de2f01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash7b2f0cfcfe625e75a4915fc398045e12 294b8e6d2cec293a1d68c76964312cc591a39803 75b3f622cd2698afca60af7d10772f456488aaf63f707e505d5a67d36dbfee42
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136618
Date: Tue, 27 Dec 2022 01:14:33 GMT
Etag: "63a9a661-1d7"
Expires: Wed, 28 Dec 2022 15:11:31 GMT
Last-Modified: Mon, 26 Dec 2022 13:49:21 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B1tOwUZkWNXBmgvkfdemIuERkLHlKvFXTNw_EsuxVuyCYTf5_miGcg==
Age: 4930
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2802b3e9-0a7b-4384-abe0-5d84d1cde92f.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2802b3e9-0a7b-4384-abe0-5d84d1cde92f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5b5bce6cae03ce2c843809467165891e 71a8a2440c66ae80bf577c4d7f32525b6597ed8f 59b0c452ef6bb9a68f7fb7ee2caca66d66d137f7cd498d1fd88bb5f2f4d90ace
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2802b3e9-0a7b-4384-abe0-5d84d1cde92f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 3e067f3c-c98a-4aa5-88f0-7ec61df01ea5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfXYF20IAMFU5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1295-0dfe81b80a016e59489b2980;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hBHFDq1KdoHcwMhNAX16o6ImLf9Xfrci_4t1nvdyuSU9UvxdHX3Weg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:37 GMT
age: 12596
etag: "71a8a2440c66ae80bf577c4d7f32525b6597ed8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F303678dc-bd95-4d91-9245-9a823889b144.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F303678dc-bd95-4d91-9245-9a823889b144.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashef4da8e896dc66221b42b1ad2d27362d ee833149ae2e7e3f263d501f88e8d2ee440ccc14 603915645628c23fc3b29eb1eed16b3cc2c8fc1b9954176f2527ccf7e2f3a07e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F303678dc-bd95-4d91-9245-9a823889b144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 45432186-7ea5-4826-8945-29aa4da0770c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dx7BvH1IIAMFZdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa3ed7-2c49291a56867ec902ad573d;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 00:39:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jR9IZBuLzRA6gOLjP5o9ikz6GigDnNWCt1s2k1JNLyB6sfLznu11rQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 00:49:03 GMT
age: 1530
etag: "ee833149ae2e7e3f263d501f88e8d2ee440ccc14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash7b2f0cfcfe625e75a4915fc398045e12 294b8e6d2cec293a1d68c76964312cc591a39803 75b3f622cd2698afca60af7d10772f456488aaf63f707e505d5a67d36dbfee42
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136609
Date: Tue, 27 Dec 2022 01:14:33 GMT
Etag: "63a9a661-1d7"
Expires: Wed, 28 Dec 2022 15:11:22 GMT
Last-Modified: Mon, 26 Dec 2022 13:49:21 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ekyiowLGi-R_I-dwu-A0_6UFuGNJgHsUbVpaV66_gf05yiPwAZWqBQ==
Age: 4921
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashbf353b055c5b241dc127a5f348288bd7 967babae78ca060a48978d1a29a20b459fa89aa2 4def932d04f53426b80ac7f3f366e1e8af0c76670f94c9ebd613309e2982d433
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 46bf3684-b3d9-4948-ab4b-09477cf5af0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxg-TEd2IAMF9jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1528-4eebb1950a70fb2d3a718426;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:42:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jP59GAuK5N7PI7Jc-h8aBot0Jn-HzbGMU6ryeShLogBboOApdUJKFw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:37 GMT
etag: "967babae78ca060a48978d1a29a20b459fa89aa2"
content-type: image/jpeg
age: 12596
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fmg-websites-custom.s3.amazonaws.com/364377-lewis/js/364377-lewis.js | 52.217.100.12 | 200 OK | 3.3 kB |
URL HTTP/1.1fmg-websites-custom.s3.amazonaws.com/364377-lewis/js/364377-lewis.js IP52.217.100.12:0
Hashf448749a26df1824c98578c627fa447a 104080f7a90c11902fbfa2de91161434952f9451 352125a8d3d51eca537dcd272c9246dc74bae48a765dca75a407f41eca1b36ea
GET /364377-lewis/js/364377-lewis.js HTTP/1.1
Host: fmg-websites-custom.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hHnQgmuD+ZqAGpKwxtiU8OiA28ZNg06I7CncHPgKipzBIuuH0AGxwxpkH2xiJyF/PxStTYXjV8I=
x-amz-request-id: 5VRF7DYRYJ511NPV
Date: Tue, 27 Dec 2022 01:14:34 GMT
Last-Modified: Thu, 17 Jan 2019 00:16:40 GMT
ETag: "f448749a26df1824c98578c627fa447a"
x-amz-version-id: 4jh_5HqPhQVhxqibCqYvVx18IMyPrpbi
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 3252
|
|
| fmg-websites-custom.s3.amazonaws.com/exclusive-setup/template-fix/theme-24b-manhattan-fix.css | 52.217.100.12 | 200 OK | 57 B |
URL HTTP/1.1fmg-websites-custom.s3.amazonaws.com/exclusive-setup/template-fix/theme-24b-manhattan-fix.css IP52.217.100.12:0
Hash19d99265437b7d88803512b852416b70 4dfb715f6f427be1dcf91e043cca18b082fd1e5d 0c0165308fb3ed8a4a50bc883430422bbc3ca5994732fe190e79e84ed0c82b64
GET /exclusive-setup/template-fix/theme-24b-manhattan-fix.css HTTP/1.1
Host: fmg-websites-custom.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: r87OI88KDZpeIYpyWTdhAGrjJqO4KwUUriW18oK7M4d5+TpXvzp3mL5669PuixeaOM78/kY3nGg=
x-amz-request-id: 5VR8B7YSF5WYYXM2
Date: Tue, 27 Dec 2022 01:14:34 GMT
Last-Modified: Wed, 13 Feb 2019 18:31:47 GMT
ETag: "19d99265437b7d88803512b852416b70"
x-amz-version-id: 5VD7sVAti71IVnvYdPKsXDvwUW4n0IWM
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 57
|
|
| fmg-websites-custom.s3.amazonaws.com/364377-lewis/js/scrollreveal.js | 52.217.100.12 | 200 OK | 1.2 kB |
URL HTTP/1.1fmg-websites-custom.s3.amazonaws.com/364377-lewis/js/scrollreveal.js IP52.217.100.12:0
Hash677ddd3d6626e41b98e201324c0c0348 0bc2a8a3f603f08581dedde2afa52866e2868fd0 448226a1b46607f9a5103e03a68f5982085e9cfd638c04eaffd17587fbf6bf23
GET /364377-lewis/js/scrollreveal.js HTTP/1.1
Host: fmg-websites-custom.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2r7F1Jzg5ZGgAIk8SsDTvA3Yx9DZQzewGoiq89sRElangtmACp5R5c3CxKe6HVfrJtJrecFy12M=
x-amz-request-id: 5VRB9JSBS8DH7CCQ
Date: Tue, 27 Dec 2022 01:14:34 GMT
Last-Modified: Thu, 17 Jan 2019 00:16:40 GMT
ETag: "677ddd3d6626e41b98e201324c0c0348"
x-amz-version-id: 99ikK76voR0YNhd6SMvqWSrHbupjBHi_
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 1180
|
|
| fmg-websites-custom.s3.amazonaws.com/364377-lewis/css/364377-lewis.css | 52.217.100.12 | 200 OK | 13 kB |
URL HTTP/1.1fmg-websites-custom.s3.amazonaws.com/364377-lewis/css/364377-lewis.css IP52.217.100.12:0
File typeASCII text, with very long lines (12932) Hash638c5ba8ba5f04f72d17e1cb48fd628c 5ceca77706e1567187f31c11214c7458eb6e426f f552fcee3f77c82bb1a0accc50a1ce699cea6451ba26ab09db8bf60c5711d8fe
GET /364377-lewis/css/364377-lewis.css HTTP/1.1
Host: fmg-websites-custom.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: QbpqUYPwZ5lA5Sig7d5z+SiLj6FWlLIDw542iGlFoXY7IXUdxWcgpLB18KTyMVOrhLwx9xP++bs=
x-amz-request-id: 5VR4MWG2HWNPWZ1Z
Date: Tue, 27 Dec 2022 01:14:34 GMT
Last-Modified: Fri, 22 Feb 2019 23:13:55 GMT
ETag: "638c5ba8ba5f04f72d17e1cb48fd628c"
x-amz-version-id: 5kGUp82_Se3w4Wt9lA7ms.T0bwsMyCbt
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 12978
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash7f2ed0d8a18af500682ec994cd3a5e15 48032c29ccc60c09f0c003042d059e83ea493ecb 8c49d81420b293298bd75222f60fbc608c322b36944963d93b6a15b12bcb0e8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.fmgsuite.com/media/images/30479605-3e1d-4270-99b3-a38bd6cd4232.png | 54.230.111.12 | 200 OK | 43 kB |
URL HTTP/2static.fmgsuite.com/media/images/30479605-3e1d-4270-99b3-a38bd6cd4232.png IP54.230.111.12:0
File typePNG image data, 300 x 135, 8-bit/color RGBA, non-interlaced\012- data Hashf4c4803b8746c1e2c7def9f51ed87ddb 1ed5c591232b82b7d16213cd7a2724f58a783d1e bcb613bfe0f63bc17156dde681711e7811c14d3d044cbbce7f73ef7a5adfa78a
GET /media/images/30479605-3e1d-4270-99b3-a38bd6cd4232.png HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 42728
date: Tue, 27 Dec 2022 01:14:34 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 May 2019 21:01:20 GMT
etag: "f4c4803b8746c1e2c7def9f51ed87ddb"
x-amz-version-id: Dx0ueDEqLw.nObmSM_ddMhzE3KLNePTD
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r5WpWB_V5sbe5ZbAQ0N7oar1l6oXMWGJWXVreLs5wWXTeyJA4pCxzA==
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.227 | 200 OK | 24 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mfg-financial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:12 GMT
expires: Sat, 23 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 301282
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586 | 54.230.111.116 | 200 OK | 22 kB |
URL HTTP/1.1static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586 IP54.230.111.116:0
File typeASCII text, with very long lines (32025) Hashb0fd95db87a9160b63509db19cd75ee1 0b282dadc2ab1905c30578680d1ff41b1d811edd 5c32d3ab26e5f71a0708e56081f2a8cc628cb16de2e08778f64670cb1bc94561
GET /beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586 HTTP/1.1
Host: static.site24x7rum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 26 Dec 2022 23:40:36 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Server: ZGS
Vary: accept-encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EDubtBE1L3Hqa1d5jYkLJhAlgfbOj73iA_MfWZRN8yj1yKv8eHQVXQ==
Age: 5637
|
|
| fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 216.58.207.227 | 200 OK | 23 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mfg-financial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:12 GMT
expires: Sat, 23 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 301282
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/site/templates/global/img/assets/largethumb/486-largethumb-a.jpg?v=1 | 54.230.111.12 | 200 OK | 65 kB |
URL HTTP/2static.fmgsuite.com/site/templates/global/img/assets/largethumb/486-largethumb-a.jpg?v=1 IP54.230.111.12:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], progressive, precision 8, 600x460, components 3\012- data Hash3d3e17da9c03b8f65f1ee42900f2f83c 11823cc1a7c325be66e66a9bf8b2fb1b49d18003 a394ddb109cc9f7a293e18a7f894ea6dfb70ea50792dd22e7943e12c5a7feff9
GET /site/templates/global/img/assets/largethumb/486-largethumb-a.jpg?v=1 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 65263
date: Tue, 27 Dec 2022 01:14:34 GMT
x-amz-replication-status: FAILED
last-modified: Wed, 02 Nov 2022 20:21:19 GMT
etag: "3d3e17da9c03b8f65f1ee42900f2f83c"
x-amz-server-side-encryption: AES256
x-amz-version-id: zMoqS6jdI2cnj4GHaxyHd.tDjBjzayg0
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ahYnuwtjTMGH_FDSL_bGK40jujt3PcHMF4Uw3jkSt0JSCTLDYo-Ijg==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash7f2ed0d8a18af500682ec994cd3a5e15 48032c29ccc60c09f0c003042d059e83ea493ecb 8c49d81420b293298bd75222f60fbc608c322b36944963d93b6a15b12bcb0e8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash4c6cbd3509e70379fb1b7666e93585a4 e6a5e3059f07367cf83f196c10deebe2fae5cff0 5f1ee219c407b141f9c3c1be1e7c636436353541f33289554263b684ada53861
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131600
Date: Tue, 27 Dec 2022 01:14:34 GMT
Etag: "63a992b2-1d7"
Expires: Wed, 28 Dec 2022 13:47:54 GMT
Last-Modified: Mon, 26 Dec 2022 12:25:22 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G8QVwNgJhxA43jwlFb4-5En89MzEVnc1ZJkHGamgEfjKoztSBCA8vA==
Age: 4952
|
|
| static.fmgsuite.com/media/images/d5549bfa-c8d0-4c6c-b679-e1ed71b20c6d.png | 54.230.111.12 | 200 OK | 168 B |
URL HTTP/2static.fmgsuite.com/media/images/d5549bfa-c8d0-4c6c-b679-e1ed71b20c6d.png IP54.230.111.12:0
File typePNG image data, 292 x 34, 8-bit/color RGBA, non-interlaced\012- data Hashcdd1015adf277e7dd28c51a94bd43f6e 304309145f7888a56893015417479140f2f2ea8d d6dd5fc86404df93ebf4fd148b2b2249377009622668808cc0ff5811233bfc6c
GET /media/images/d5549bfa-c8d0-4c6c-b679-e1ed71b20c6d.png HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 168
x-amz-replication-status: COMPLETED
last-modified: Fri, 14 Sep 2018 16:12:37 GMT
x-amz-version-id: OZdrjeDpF64qfLGqflCBeyR7G0HBMl28
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Dec 2022 07:53:39 GMT
etag: "cdd1015adf277e7dd28c51a94bd43f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: odyvLdS8frL6CaE9u-xwhkQCsaeaDCgGOQDvcflnbVTE5U5e5RThMw==
age: 62456
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/media/images/80a0a59d-37e9-4cac-9999-3b7f80029c37.png | 54.230.111.12 | 200 OK | 168 B |
URL HTTP/2static.fmgsuite.com/media/images/80a0a59d-37e9-4cac-9999-3b7f80029c37.png IP54.230.111.12:0
File typePNG image data, 292 x 34, 8-bit/color RGBA, non-interlaced\012- data Hashcdd1015adf277e7dd28c51a94bd43f6e 304309145f7888a56893015417479140f2f2ea8d d6dd5fc86404df93ebf4fd148b2b2249377009622668808cc0ff5811233bfc6c
GET /media/images/80a0a59d-37e9-4cac-9999-3b7f80029c37.png HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 168
x-amz-replication-status: COMPLETED
last-modified: Fri, 14 Sep 2018 16:12:29 GMT
x-amz-version-id: Up8CjEy78drhM2Cg4IuVmC9HzsRMf.Fz
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Dec 2022 00:29:12 GMT
etag: "cdd1015adf277e7dd28c51a94bd43f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lz9W2WLA3npse7Wa5V7y10nVRu1_KCHlHDUtYhJ5TMMQAvdo6__GDA==
age: 2723
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/media/images/5da9d55f-4874-4c04-b98b-442f93101464.png | 54.230.111.12 | 200 OK | 168 B |
URL HTTP/2static.fmgsuite.com/media/images/5da9d55f-4874-4c04-b98b-442f93101464.png IP54.230.111.12:0
File typePNG image data, 292 x 34, 8-bit/color RGBA, non-interlaced\012- data Hash10209bfe8cabf4c2e596031854cf8365 2371b6d25b98030dfa4bb2c47c0266d74d05877d 728d270b5c9b6c4bc87a34da5686c12c3d1201f94b4d0997a3823553bc305f6d
GET /media/images/5da9d55f-4874-4c04-b98b-442f93101464.png HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 168
x-amz-replication-status: COMPLETED
last-modified: Mon, 10 Sep 2018 17:50:01 GMT
x-amz-version-id: PmXH8lkRIsqv0xwMDW7KQMz5n9V9Jckd
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Dec 2022 12:14:48 GMT
etag: "10209bfe8cabf4c2e596031854cf8365"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3hFinoXHj8NfUXy8LfcqW1GIgo6rqlMXIn039Sgd0Atg5MKDLeQlBQ==
age: 46787
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/media/sourceImages/9afb8c86-9aa4-4046-9fda-ee754ad40546.png?v=1 | 54.230.111.12 | 200 OK | 419 kB |
URL HTTP/2static.fmgsuite.com/media/sourceImages/9afb8c86-9aa4-4046-9fda-ee754ad40546.png?v=1 IP54.230.111.12:0
File typePNG image data, 1335 x 1023, 8-bit/color RGBA, non-interlaced\012- data Size419 kB (418932 bytes) Hashb73f3b86926091289a5378309a27125e f2d6c699d486d48575ec51055d8b8c5b72f986af 8f61d7c5bc0614ab720ea6406862245b0a0064c69a2e91ed8712392ec3797d3a
GET /media/sourceImages/9afb8c86-9aa4-4046-9fda-ee754ad40546.png?v=1 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 418932
date: Tue, 27 Dec 2022 01:14:34 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Sep 2018 23:53:26 GMT
etag: "b73f3b86926091289a5378309a27125e"
x-amz-version-id: b5LJ33IzO_n8U4d4dJ74xcyteSUI7rLY
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _gDZsifvKop1PUXALcBQpD6r5cFRj8pFsYHgH-ThDfSmdAleEc7RTw==
X-Firefox-Spdy: h2
|
|
| s3.amazonaws.com/static.contentres.com/media/images/ff7f9876-3fba-4104-b6c4-195bf1641866.png | 52.216.78.142 | 200 OK | 17 kB |
URL HTTP/1.1s3.amazonaws.com/static.contentres.com/media/images/ff7f9876-3fba-4104-b6c4-195bf1641866.png IP52.216.78.142:0
File typePNG image data, 1198 x 328, 8-bit/color RGBA, non-interlaced\012- data Hashf42aee9b482dcb7962a091de97caedeb 1731bb19c7e74a1f1c442264a52263b9d1453438 6e43d5829103f07e97318e24f33221f5682037f31ca4800cb5811293a3ebb510
GET /static.contentres.com/media/images/ff7f9876-3fba-4104-b6c4-195bf1641866.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fmg-websites-custom.s3.amazonaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: qvMLMIe+6k5b+Cuv0tJwraPFqOXYxiJa1c1DwCPtHRem/vY6nDZU979qpx4OzDbDCXaSM8gdZ3w=
x-amz-request-id: THS7VVGVRQA164RG
Date: Tue, 27 Dec 2022 01:14:35 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Sep 2018 18:16:35 GMT
ETag: "f42aee9b482dcb7962a091de97caedeb"
x-amz-version-id: XzWSlVQ8qWa.PAOKIkSSDPaH.razXRCx
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 17159
|
|
| static.fmgsuite.com/site/templates/007/fonts/fontawesome-webfont.woff2?v=4.7.0 | 54.230.111.12 | 200 OK | 77 kB |
URL HTTP/2static.fmgsuite.com/site/templates/007/fonts/fontawesome-webfont.woff2?v=4.7.0 IP54.230.111.12:0
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /site/templates/007/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mfg-financial.com
Connection: keep-alive
Referer: https://static.fmgsuite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 77160
date: Tue, 27 Dec 2022 01:14:35 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: FAILED
last-modified: Wed, 21 Dec 2022 21:28:53 GMT
etag: "af7ae505a9eed503f8b8e6982036873e"
x-amz-server-side-encryption: AES256
x-amz-version-id: bf_IG2eroNv7OZWucnmRpoyTS8IX79Ld
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mFdKbShhkJNGAJ1Gizgk7jTBQeCy07RlehhBdi9lIoY_AUe365SW2Q==
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/media/images/f9736cc9-65fa-4dd3-9b06-38fa70329828.jpg | 54.230.111.12 | 200 OK | 272 kB |
URL HTTP/2static.fmgsuite.com/media/images/f9736cc9-65fa-4dd3-9b06-38fa70329828.jpg IP54.230.111.12:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2118x775, components 3\012- data Size272 kB (272070 bytes) Hash08764fbaf581510596ae79301f8e4f9c ef9c776eb056b5fd9959a107fa8e3158123522c5 714b89e2b79a42b2c9cfba894dd7f891c434bce63d44dadedd9c2c3fbeeef81c
GET /media/images/f9736cc9-65fa-4dd3-9b06-38fa70329828.jpg HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 272070
date: Tue, 27 Dec 2022 01:14:35 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 13 Feb 2019 17:19:20 GMT
etag: "08764fbaf581510596ae79301f8e4f9c"
x-amz-version-id: wk6GSmVOSUvgEMrCPW4OsbG_qgYn8I3_
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rk2FfnhoIWeKpNchj689wwvjWU0zoV5lVHX2E8YGnf90tC4pnNQuDA==
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 216.239.36.178 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP216.239.36.178:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 26 Dec 2022 23:34:02 GMT
expires: Tue, 27 Dec 2022 01:34:02 GMT
cache-control: public, max-age=7200
age: 6032
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/media/images/c47dc1be-4915-4b76-853f-fd35e457cc99.jpg | 54.230.111.12 | 200 OK | 1.3 MB |
URL HTTP/2static.fmgsuite.com/media/images/c47dc1be-4915-4b76-853f-fd35e457cc99.jpg IP54.230.111.12:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2321x1440, components 3\012- data Size1.3 MB (1258678 bytes) Hash41a6e3876efddf12f46c659cb630af88 dd8770908c0580e472927a4439b9909c9c0e3f4c 58e1ac745c19b44f6a4673e9960051058386c3ee261b5a91334b5092f9771f4f
GET /media/images/c47dc1be-4915-4b76-853f-fd35e457cc99.jpg HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1258678
date: Tue, 27 Dec 2022 01:14:35 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 31 Jan 2019 16:35:44 GMT
etag: "41a6e3876efddf12f46c659cb630af88"
x-amz-version-id: wVepZlnDlan_sPhf0Vqdpe_.MT_tfzh1
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WjW4K67EtiR8X6HFbD-7pp-WA8KwUWpU5CyvuzuP6tf11CNC2kTI0g==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash3af81a4a724e07b85af443dd0f8259bf b4373b435185a44c195a479645583304229dfd0d fa25756164d1964b223357b760ad589af9781d599686a751248ea9a44dcc30cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24680519-10&cid=767634323.1672103671&jid=2031676677&gjid=1169910355&_gid=468190440.1672103671&_u=YEBAAUAAAAAAACAAI~&z=1062653449 | 209.85.233.154 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24680519-10&cid=767634323.1672103671&jid=2031676677&gjid=1169910355&_gid=468190440.1672103671&_u=YEBAAUAAAAAAACAAI~&z=1062653449 IP209.85.233.154:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24680519-10&cid=767634323.1672103671&jid=2031676677&gjid=1169910355&_gid=468190440.1672103671&_u=YEBAAUAAAAAAACAAI~&z=1062653449 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.mfg-financial.com
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.mfg-financial.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Dec 2022 01:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash3af81a4a724e07b85af443dd0f8259bf b4373b435185a44c195a479645583304229dfd0d fa25756164d1964b223357b760ad589af9781d599686a751248ea9a44dcc30cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashef35a967130819482bf79983026b3a9b 0845387b4c8cb449bb49c3043a1f08ed5e56c591 7a5ad67169f590576e243582e867b3d16848c17e3ad05ef6d406d0750fc37eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash06de8e10f49328a0b04f3fb06d028d60 0561a19916976adaef1d8139a8942233e871682d 8a4b46928517e9362c444919e4486e8ddf5cba661df78c4cbcc736da6e18c7f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24680519-10&cid=767634323.1672103671&jid=2031676677&_u=YEBAAUAAAAAAACAAI~&z=1344213343 | 142.250.74.132 | 200 OK | 42 B |
URL HTTP/2www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24680519-10&cid=767634323.1672103671&jid=2031676677&_u=YEBAAUAAAAAAACAAI~&z=1344213343 IP142.250.74.132:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24680519-10&cid=767634323.1672103671&jid=2031676677&_u=YEBAAUAAAAAAACAAI~&z=1344213343 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 01:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24680519-10&cid=767634323.1672103671&jid=2031676677&_u=YEBAAUAAAAAAACAAI~&z=1344213343 | 142.250.74.163 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24680519-10&cid=767634323.1672103671&jid=2031676677&_u=YEBAAUAAAAAAACAAI~&z=1344213343 IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24680519-10&cid=767634323.1672103671&jid=2031676677&_u=YEBAAUAAAAAAACAAI~&z=1344213343 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 01:14:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash06de8e10f49328a0b04f3fb06d028d60 0561a19916976adaef1d8139a8942233e871682d 8a4b46928517e9362c444919e4486e8ddf5cba661df78c4cbcc736da6e18c7f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 01:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.45.38595.378 | 54.230.111.12 | 200 OK | 91 kB |
URL HTTP/2static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.45.38595.378 IP54.230.111.12:0
Hash61a68720a8b90e394dcd5d23aded95f9 13e294d72d795e9e4263628b49e7bdbe6fb84bdf 6393ab4442dec1a3b9173521d81ab3c16ba62ab3105bbeae40dd8c7bb77ec8a8
GET /site/templates/007/dist/scripts.js?v=2.86.45.38595.378 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
x-amz-replication-status: FAILED
last-modified: Wed, 21 Dec 2022 21:28:52 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: aNf6PrZs5Bs34LV.JTSJYOAcPHII4sSJ
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Dec 2022 01:14:33 GMT
etag: W/"7d0d00bac8094e49d74d4afb64c370e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3Si0JRU2UxZWyYfYJpmU1oiu5PnE0l_2P_o6PkwpL4LeUYkeF-jqPQ==
age: 13006
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/media/images/92d7e6bf-10a6-424b-876e-6d626e69d74f.ico | 54.230.111.12 | 200 OK | 4.2 kB |
URL HTTP/2static.fmgsuite.com/media/images/92d7e6bf-10a6-424b-876e-6d626e69d74f.ico IP54.230.111.12:0
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Hashe338cca5f3614abe4255fd0c64b41d6c 71f416a1b0fbd19ef80f7bc74c0dfaf998b6cf09 278329fac12f4c5b91fa85d964dc0404298fd6d0becec4743a3b92f967c64cd0
GET /media/images/92d7e6bf-10a6-424b-876e-6d626e69d74f.ico HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 4158
date: Tue, 27 Dec 2022 01:14:36 GMT
x-amz-replication-status: COMPLETED
last-modified: Fri, 02 Nov 2018 19:12:26 GMT
etag: "e338cca5f3614abe4255fd0c64b41d6c"
x-amz-version-id: K06K08oKzcGpBu8.7r9eLuG1bP.GXMuc
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L5zRxcDysojfbcis6---iVBtVRa52Tmo3w1mexcTdTeJ8KsDJuQ-JQ==
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash591ad35813a3f08bdfe94e84f2a8f7f7 8ac2bcbed3e7273bc820da4f797b30b01efd13b4 4af22ca75c153968cde272c16c559a633832a28a7c27fcdb96afc83685e756ba
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Dec 2022 01:14:35 GMT
Etag: "63a927ce-1d7"
Last-Modified: Mon, 26 Dec 2022 23:33:52 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tcj_a5PiSA4SjOdg6sxtgxcZOcQrsc_lGtn30mHibmGT7pct8M8mlQ==
Age: 6043
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg | 34.120.237.76 | 200 OK | 15 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha4b903e264b412e69e5f22091bf423ea 92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f 8d5d90968489731604a2286d9e2b9a307147a3cc0b1ffd32f1186ceea9b8fcff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15371
x-amzn-requestid: 63d10011-ae3d-48fb-b892-26d94dc6ef83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs8EVDIAMFTOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-3da712a621773d56567c014f;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UeMu2JuyiBhp1D-T8We8YZFCLFeqnJ0EeAVrLZN047WMREZyCzOOVg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 07:27:20 GMT
age: 64040
etag: "92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.mfg-financial.com/ftp/xchange/login.php | 104.16.66.197 | 302 Found | 0 B |
URL HTTP/2www.mfg-financial.com/ftp/xchange/login.php IP104.16.66.197:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /ftp/xchange/login.php HTTP/1.1
Host: www.mfg-financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 27 Dec 2022 01:14:32 GMT
content-type: text/html; charset=utf-8
location: https://www.mfg-financial.com/?redirectUrl=/ftp/xchange/login.php
x-stackifyid: V2|87c49f16-7d76-4ce4-a393-d198d8d0c1f9|C78253|CD55763
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=AG1DvIFT4UMwk_grC7TPbFFoW4icuxi7nzlVgy1En9Q-1672103672-0-ARbL8EoZiA7sN5frSf0k/1YtZjgVaFPXLBt2CsbCgHbgzBhjwpO++OSvMYh6CKyUY6HcHuivtc/nxEu64vV0dsTQTOEJid4XM5m3TkxeaYYa; path=/; expires=Tue, 27-Dec-22 01:44:32 GMT; domain=.www.mfg-financial.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 77fe332fdd62b4f4-OSL
X-Firefox-Spdy: h2
|
|
| www.mfg-financial.com/?redirectUrl=/ftp/xchange/login.php | 104.16.66.197 | 200 OK | 0 B |
URL HTTP/2www.mfg-financial.com/?redirectUrl=/ftp/xchange/login.php IP104.16.66.197:0
GET /?redirectUrl=/ftp/xchange/login.php HTTP/1.1
Host: www.mfg-financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=AG1DvIFT4UMwk_grC7TPbFFoW4icuxi7nzlVgy1En9Q-1672103672-0-ARbL8EoZiA7sN5frSf0k/1YtZjgVaFPXLBt2CsbCgHbgzBhjwpO++OSvMYh6CKyUY6HcHuivtc/nxEu64vV0dsTQTOEJid4XM5m3TkxeaYYa
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 01:14:33 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-stackifyid: V2|22de764b-b8f4-4524-8385-7955e8c12f3c|C78253|CD55236
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77fe33336f58b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Lato:400,700 | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Lato:400,700 IP142.250.74.106:0
GET /css?family=Lato:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Dec 2022 01:14:33 GMT
date: Tue, 27 Dec 2022 01:14:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.45.38595.378 | 54.230.111.12 | 200 OK | 0 B |
URL HTTP/2static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.45.38595.378 IP54.230.111.12:0
GET /site/templates/007/dist/7ac.css?v=2.86.45.38595.378 HTTP/1.1
Host: static.fmgsuite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mfg-financial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
x-amz-replication-status: FAILED
last-modified: Wed, 21 Dec 2022 21:28:51 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ylLT8EEz5h6LMXBZzU6XsMlsb6gqeO2c
server: AmazonS3
content-encoding: gzip
date: Mon, 26 Dec 2022 19:17:13 GMT
etag: W/"aa5ea1476a006e88dffc501820b5b5ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A2T0Wn3dTvXeKigZrVkANQsg7XJg70WzN0CUxxy6kHNppxjRrvdKGg==
age: 21441
X-Firefox-Spdy: h2
|
|