urlscan.io logo urlscan.io
SecurityTrails logo

server08-mitalerts.duckdns.org Open in urlscan Pro
34.102.13.39  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://server08-mitalerts.duckdns.org/
Submission: On August 09 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 34.102.13.39, located in Los Angeles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is server08-mitalerts.duckdns.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 4th 2022. Valid for: 3 months.
This is the only time server08-mitalerts.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
14 34.102.13.39 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.206.231.55 14618 (AMAZON-AES)
19 4
Apex Domain
Subdomains		 Transfer
14 duckdns.org
server08-mitalerts.duckdns.org
880 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
31 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2137
47 KB
1 abstractapi.com
ipgeolocation.abstractapi.com — Cisco Umbrella Rank: 60738
1 KB
19 4
Domain Requested by
14 server08-mitalerts.duckdns.org server08-mitalerts.duckdns.org
2 cdnjs.cloudflare.com server08-mitalerts.duckdns.org
2 stackpath.bootstrapcdn.com server08-mitalerts.duckdns.org
1 ipgeolocation.abstractapi.com server08-mitalerts.duckdns.org
19 4

This site contains no links.

Subject Issuer Validity Valid
server08-mitalerts.duckdns.org
cPanel, Inc. Certification Authority		 2022-08-04 -
2022-11-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
ipgeolocation.abstractapi.com
Amazon		 2022-05-23 -
2023-06-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://server08-mitalerts.duckdns.org/
Frame ID: D6A7FEFA8B5C2E22B7475AD8DEB4FF01
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to Online Banking | M&T Bank

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

959 kB
Transfer

1213 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
server08-mitalerts.duckdns.org/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
ebc4e65286e9d70a8dc53096165b7653f34db3034036b6622c33ebf68a9e39ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
12539
Content-Type
text/html
Date
Tue, 09 Aug 2022 01:21:31 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Fri, 08 Oct 2021 01:57:23 GMT
Server
Apache
config1.js
server08-mitalerts.duckdns.org/ 		90 B
343 B 		Script
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/config1.js
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
0c4459b89cc2402f86e6cde87ace6105d95da8f883cd9435c0d50ae26fd123e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:32 GMT
Last-Modified
Thu, 04 Aug 2022 16:21:52 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
90
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 01:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
16904356
cdn-cachedat
2021-06-08 14:32:30
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9ed56df573b0a0450b2905292d644980
cf-ray
737cacf2f8ac9201-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 01:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
881539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27277
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwJMkHsTm4Ka1mTIGPUzAIV%2B0oFOUEOtakydYmwxvo%2FKaNGhaBngh%2BaOdCwEY%2BK4x5FZhAX%2BU9fKF8Qz3nfa00gF2C3bM2uPdULkXU4Gc0f4qItdyhA4Cw9XQrKi0UO5xkDZFZGnPJ1XLd2JK6c5nQwo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
737cacf2f8479b4c-FRA
expires
Sun, 30 Jul 2023 01:21:32 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 01:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
4221288
cdn-cachedat
12/27/2021 07:28:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5a4f218ff2cc791bfca3e2943b0791a7
cf-ray
737cacf2f8ab9201-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.0.3/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 01:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
888892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3438
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-549a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqRL2vgkCDUowqY9CmKQabeyFjytZ1vANpeGMJLpYTWM0OFp4obIU1886XLJFo4bfmdYVbrfLywL6S7%2F4g%2BE%2BUsGNhIql%2BRWysGIZcoVDQRipY14CAIsmK87MoN4Yj9vkV9zkW%2FCUwZl30kYnYrW%2FnDH"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
737cacf2f8469b4c-FRA
expires
Sun, 30 Jul 2023 01:21:32 GMT
mtb_app_wbk.js
server08-mitalerts.duckdns.org/Assets/js/ 		290 KB
291 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/Assets/js/mtb_app_wbk.js
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
728e5538904a321d04249480a2dc3e3ce1a569ea89074aa89bb6ae5b3470c065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:32 GMT
Last-Modified
Thu, 30 Sep 2021 07:03:58 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
297262
css.css
server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/ 		252 KB
253 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/css.css
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
43c39397049f7d1c410c398d1560e60022ae158d6c1fa9cc304c240fb9ab2a7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:32 GMT
Last-Modified
Thu, 30 Sep 2021 07:10:12 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
258508
tealium_prod.js
server08-mitalerts.duckdns.org/Assets/js/ 		389 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/Assets/js/tealium_prod.js
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
de3f384270454aba186a8d86a63f5940fed82a2c41a3dd3669aeaf42c3e7ca46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:33 GMT
Last-Modified
Thu, 30 Sep 2021 07:04:20 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
389
mtb-logo.svg
server08-mitalerts.duckdns.org/rr/Assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server08-mitalerts.duckdns.org/rr/Assets/img/mtb-logo.svg
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:37 GMT
Last-Modified
Thu, 30 Sep 2021 06:03:14 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2039
mtb-equalhousinglender.svg
server08-mitalerts.duckdns.org/rr/Assets/img/ 		230 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server08-mitalerts.duckdns.org/rr/Assets/img/mtb-equalhousinglender.svg
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:37 GMT
Last-Modified
Thu, 30 Sep 2021 06:03:12 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
230
mtb-entrust.svg
server08-mitalerts.duckdns.org/rr/Assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server08-mitalerts.duckdns.org/rr/Assets/img/mtb-entrust.svg
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:37 GMT
Last-Modified
Thu, 30 Sep 2021 06:03:14 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1349
js.js
server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/ 		315 KB
315 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/js.js
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
6ef98ef294d03000d904d5f868598dc98667a0d00338cee40b3080a9d725d1cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:35 GMT
Last-Modified
Thu, 30 Sep 2021 06:03:14 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
322405
Index.js
server08-mitalerts.duckdns.org/Assets/scripts/Login/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/Assets/scripts/Login/Index.js
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
cac8eb3a05acfb3072223f055a17a244e27db461b7aff4c442f0547823b1ce31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:37 GMT
Last-Modified
Thu, 30 Sep 2021 06:03:14 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3792
undefined
server08-mitalerts.duckdns.org/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/undefined
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/Assets/js/tealium_prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://server08-mitalerts.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
mandtbaltoweb-book.woff
server08-mitalerts.duckdns.org/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/assets/fonts/mandtbaltoweb-book.woff
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/css.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash

Request headers

Referer
https://server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/css.css
Origin
https://server08-mitalerts.duckdns.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
mandtpg-iconfont.woff
server08-mitalerts.duckdns.org/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/assets/fonts/mandtpg-iconfont.woff
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/css.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash

Request headers

Referer
https://server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/css.css
Origin
https://server08-mitalerts.duckdns.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
mandtbaltoweb-medium.woff
server08-mitalerts.duckdns.org/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://server08-mitalerts.duckdns.org/assets/fonts/mandtbaltoweb-medium.woff
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/css.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.13.39 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.13.102.34.bc.googleusercontent.com
Software
Apache /
Resource Hash

Request headers

Referer
https://server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/css.css
Origin
https://server08-mitalerts.duckdns.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 01:21:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
/
ipgeolocation.abstractapi.com/v1/ 		995 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipgeolocation.abstractapi.com/v1/?api_key=1be9a6884abd4c3ea143b59ca317c6b2
Requested by
Host: server08-mitalerts.duckdns.org
URL: https://server08-mitalerts.duckdns.org/rr/r/simple-layout-responsive/js.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.231.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-231-55.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
24bd2eaf05186d59bb7caf59bdcbdd0c6e97b2635c8fc1c8832b41dd9bcb8e10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://server08-mitalerts.duckdns.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 01:21:38 GMT
referrer-policy
same-origin
server
nginx/1.14.0 (Ubuntu)
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
allow
GET, HEAD, OPTIONS
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie, Origin
content-length
995
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| key_k string| id_id string| infodata object| bootstrap function| $ function| jQuery string| APPID object| List object| s function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort undefined| ProxyCollector function| BlackberryLocationCollector function| detectFields undefined| SEP undefined| PAIR undefined| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint undefined| HTML5 undefined| BLACKBERRY undefined| UNDEFINED undefined| GEO_LOCATION_DEFAULT_STRUCT undefined| geoLocator undefined| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector undefined| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath undefined| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://server08-mitalerts.duckdns.org/assets/fonts/mandtbaltoweb-book.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://server08-mitalerts.duckdns.org/assets/fonts/mandtpg-iconfont.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://server08-mitalerts.duckdns.org/assets/fonts/mandtbaltoweb-medium.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://server08-mitalerts.duckdns.org/undefined
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)