test.atomicvalidation.com Open in urlscan Pro
192.3.204.194  Malicious Activity! Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response test.atomicvalidation.com/	98 KB 98 KB	574ms 112ms	Document text/html	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash b6467c1102dfc4795d0a19626b6fd7797d243b622edef63f36a325ac1285f5d8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 100278 Content-Type text/html Date Sun, 02 Oct 2022 13:03:12 GMT Keep-Alive timeout=5, max=100 Last-Modified Fri, 30 Sep 2022 20:25:54 GMT Server Apache
GET H/1.1	200 OK	clientlib-base.css test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/	424 KB 425 KB	113ms 113ms	Stylesheet text/css	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash 12cd2afe7213983539cadf46622dc114df910baade9807c421ff109309f99ce3 Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:12 GMT Last-Modified Wed, 28 Sep 2022 20:28:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 434661
GET H/1.1	200 OK	mtb_app_wbk.js Show response test.atomicvalidation.com/onlinebanking.mtb.com/Assets/js/	290 KB 290 KB	335ms 112ms	Script application/javascript	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash e83279a6bc054a051b5a8ff9e5e5031cd2419482d691b53e5b5cbe6c7fad1086 Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:13 GMT Last-Modified Fri, 30 Sep 2022 17:47:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 296457
GET H/1.1	200 OK	cdsession.js Show response test.atomicvalidation.com/content/dam/mtb-web/scripts/	605 KB 605 KB	335ms 112ms	Script application/javascript	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/content/dam/mtb-web/scripts/cdsession.js Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash 302462d4283c45e7405dcaf5036c9f1e34982c47baaa0a39c2b45e6cb9a203f4 Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:13 GMT Last-Modified Fri, 04 Feb 2022 16:45:50 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 619717
GET H/1.1	200 OK	vendor.js Show response test.atomicvalidation.com/etc.clientlibs/axp-common/clientlibs/	236 KB 237 KB	336ms 112ms	Script application/javascript	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/etc.clientlibs/axp-common/clientlibs/vendor.js Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash c5bac5c06dfc6a8b1547af4e6dfa0d784f70db7c92cfe1e97c45e962f0283d0c Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:13 GMT Last-Modified Thu, 21 Apr 2022 21:02:30 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 242127
GET H/1.1	404 Not Found	utag.sync.js test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/	0 0	338ms 111ms	Script text/html	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:13 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	status.js Show response test.atomicvalidation.com/content/dam/mtb-web/scripts/	18 KB 19 KB	409ms 112ms	Script application/javascript	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/content/dam/mtb-web/scripts/status.js Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash d0760c79fd13959928a7061bd3d619b27daebee47ae94483439a70a8de198a3b Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:13 GMT Last-Modified Wed, 28 Sep 2022 14:22:00 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 18783
GET H/1.1	200 OK	white%20logo.png test.atomicvalidation.com/content/dam/mtb-web/logos/	5 KB 5 KB	112ms 112ms	Image image/png	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://test.atomicvalidation.com/content/dam/mtb-web/logos/white%20logo.png Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash 68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652 Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Last-Modified Thu, 16 Apr 2020 22:07:44 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4936
GET H/1.1	200 OK	axp.js Show response test.atomicvalidation.com/content/dam/mtb-web/scripts/	3 KB 3 KB	112ms 111ms	Script application/javascript	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/content/dam/mtb-web/scripts/axp.js Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash 74b2301f83da81152130c5ada202f02c790977b4fe669ed0b6c0b59ffba63174 Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:13 GMT Last-Modified Wed, 01 Jun 2022 22:08:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3269
GET H/1.1	200 OK	allAlertobject.js Show response test.atomicvalidation.com/content/dam/mtb-web/scripts/alert_scripts/	24 KB 24 KB	114ms 114ms	Script application/javascript	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash b52491c27cecf65625609e90b2e38241196e162ade5ba7f4c280d2fb6c00d8a9 Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Last-Modified Thu, 22 Sep 2022 17:19:04 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 24249
GET H/1.1	200 OK	equal-housing-lender-logo.png test.atomicvalidation.com/content/dam/mtb-web/coupon/	1 KB 2 KB	113ms 113ms	Image image/png	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://test.atomicvalidation.com/content/dam/mtb-web/coupon/equal-housing-lender-logo.png Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash 46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3 Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Last-Modified Wed, 31 Mar 2021 12:58:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1509
GET H/1.1	200 OK	clientlib-base.js Show response test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/	395 KB 395 KB	114ms 114ms	Script application/javascript	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash 3960cdb6b4a1c46d19d1d974c8bd8c429b12fbd7dde63617fd008b6b5c0671da Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Last-Modified Wed, 29 Jun 2022 20:38:00 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 404045
GET H/1.0	200 OK	1 Show response ponos.zeronaught.com/	921 B 1 KB	413ms 27ms	XHR text/plain	107.162.179.174 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A3YWg4-DAQAAc8igJhAJwx6ZrdjsbMU6Zt_yxcQX5fOCR9HRS35VGdG3iqeAAWaBmLp4z6G0wH8AAEB3AAAAAA==&c=-583944288 Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js Protocol HTTP/1.0 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.179.174 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 458216affb8da8f44e7c8549bfe4a35bd5194130e3655387a5052c3642e6956b Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Connection close Content-Length 921 Content-Type text/plain; charset=UTF-8
GET H/1.1	404 Not Found	utag.js test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/	0 0	116ms 116ms	Script text/html	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.js Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	mandtbaltoweb-book.woff test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/	66 KB 66 KB	112ms 112ms	Font font/woff	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash 4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2 Request headers Referer https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css Origin https://test.atomicvalidation.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Last-Modified Thu, 30 Jan 2020 22:52:24 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 67671
GET BLOB	200 OK	fc49d011-cd1f-4534-ba57-432c0e4d128a https://test.atomicvalidation.com/	165 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://test.atomicvalidation.com/fc49d011-cd1f-4534-ba57-432c0e4d128a Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Content-Length 169098
GET H2	200	chevron_down.8adc6731.svg locations.mtb.com/permanent-b0b701/assets/images/	970 B 1 KB	435ms 120ms	Image image/svg+xml	2606:4700::6812:7034 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6812:7034 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03cc12570299da2da582ed1f055f77f31f7d77899f1ada7ced1dfeea50068298 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Sun, 02 Oct 2022 13:03:14 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains cf-cache-status HIT x-amz-version-id null x-amz-request-id CFPV64X512BNFMN5 x-amz-server-side-encryption AES256 x-yext-subendpoint static alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 568 x-amz-id-2 jEBdHqO0HvschBmuhZ1/1JnGcSAAs5cUQ1ApLG4zB9uLTiVKrmzoRNzU7YDeEZwSJMsT+zOPXlo= surrogate-key locations.mtb.com locations.mtb.com%2Fpermanent-b0b701%2Fassets%2Fimages%2Fchevron_down.8adc6731.svg last-modified Fri, 27 Aug 2021 20:52:43 GMT server cloudflare etag "050cee664fbeeeea1650f8360bc400ef"-gzip vary Accept-Encoding content-type image/svg+xml x-yext-site us2 cache-control max-age=31536000 accept-ranges bytes cf-ray 753da3146a819158-FRA owner sitescog-19087
GET H/1.1	200 OK	mandtbaltoweb-light.woff test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/	65 KB 65 KB	112ms 112ms	Font font/woff	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash 18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a Request headers Referer https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css Origin https://test.atomicvalidation.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Last-Modified Thu, 30 Jan 2020 22:52:24 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 66170
GET H/1.1	200 OK	mandtbaltoweb-medium.woff test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/	63 KB 63 KB	160ms 110ms	Font font/woff	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc Request headers Referer https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css Origin https://test.atomicvalidation.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Last-Modified Thu, 30 Jan 2020 22:52:24 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 64318
GET H/1.1	200 OK	Login-Minimal-Modal-Background.jpg test.atomicvalidation.com/content/dam/mtb-web/logos/	27 KB 27 KB	140ms 112ms	Image image/jpeg	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Show image Full URL https://test.atomicvalidation.com/content/dam/mtb-web/logos/Login-Minimal-Modal-Background.jpg Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash 60f064cd48214cb73f54404a2eda28d731f49bf853509d47da070174784e11b9 Request headers accept-language de-DE,de;q=0.9 Referer https://test.atomicvalidation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Last-Modified Thu, 16 Apr 2020 22:07:42 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 27608
GET H/1.1	404 Not Found	articles Show response test.atomicvalidation.com/bin/wcm/	315 B 515 B	112ms 112ms	XHR text/html	192.3.204.194 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://test.atomicvalidation.com/bin/wcm/articles Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.3.204.194 Denver, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS wgh5.wghservers.com Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Accept */* Referer https://test.atomicvalidation.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Sun, 02 Oct 2022 13:03:14 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET BLOB	200 OK	532d322a-6579-440f-8436-e58402c593dd https://test.atomicvalidation.com/	2 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://test.atomicvalidation.com/532d322a-6579-440f-8436-e58402c593dd Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Content-Length 2479 Content-Type text/javascript
GET H2	200	crossdomain.html Show response 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 2D8A	221 B 556 B	193ms 27ms	Document text/html	2600:9000:2070:f200:a:6cdf:4440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/content/dam/mtb-web/scripts/cdsession.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2070:f200:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6 Request headers Referer https://test.atomicvalidation.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 76352 content-length 221 content-type text/html date Sat, 01 Oct 2022 15:50:44 GMT etag "21e34cf6a03f570df49e212018a567d0" last-modified Tue, 13 Oct 2020 12:04:25 GMT server AmazonS3 via 1.1 750d61457617565702159ec33a988964.cloudfront.net (CloudFront) x-amz-cf-id bwLiO780oWiVTwpZGMN8O1ovRDjRrTS6pHreBPCKCCN2sZqtLw329A== x-amz-cf-pop HAM50-C3 x-amz-version-id null x-cache Hit from cloudfront
GET H2	200	crossdomain.html Show response 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 3324	221 B 555 B	287ms 16ms	Document text/html	2600:9000:223f:f400:1e:54f1:26c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/content/dam/mtb-web/scripts/cdsession.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:f400:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6 Request headers Referer https://test.atomicvalidation.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 44975 content-length 221 content-type text/html date Sun, 02 Oct 2022 00:33:41 GMT etag "21e34cf6a03f570df49e212018a567d0" last-modified Tue, 13 Oct 2020 12:04:25 GMT server AmazonS3 via 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront) x-amz-cf-id yHm0ziTd59Y_PsxlJjMKmMgyJyIK21-uIssiykpRX5eADBSM2EEk4w== x-amz-cf-pop FRA56-P5 x-amz-version-id null x-cache Hit from cloudfront
GET H2	200	crossdomain.html Show response 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 1964	221 B 555 B	285ms 16ms	Document text/html	2600:9000:2250:fa00:13:ab57:d440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html Requested by Host: test.atomicvalidation.com URL: https://test.atomicvalidation.com/content/dam/mtb-web/scripts/cdsession.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:fa00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6 Request headers Referer https://test.atomicvalidation.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 43004 content-length 221 content-type text/html date Sun, 02 Oct 2022 01:06:32 GMT etag "21e34cf6a03f570df49e212018a567d0" last-modified Tue, 13 Oct 2020 12:04:25 GMT server AmazonS3 via 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront) x-amz-cf-id KHWy-5Tpxlmph_ptrupRHoXXLftzhOlVt6p7BxsOO9IHV8I0abjSoQ== x-amz-cf-pop FRA60-P2 x-amz-version-id null x-cache Hit from cloudfront
GET DATA	200 OK	truncated /	89 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	crossdomain2.12.0.5273.b96c35cc.min.js Show response 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 2D8A	3 KB 3 KB	23ms 23ms	Script application/javascript	2600:9000:2070:f200:a:6cdf:4440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js Requested by Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2070:f200:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622 Request headers accept-language de-DE,de;q=0.9 Referer https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Sat, 01 Oct 2022 15:50:45 GMT x-amz-version-id null via 1.1 750d61457617565702159ec33a988964.cloudfront.net (CloudFront) last-modified Tue, 13 Oct 2020 12:04:25 GMT server AmazonS3 x-amz-cf-pop HAM50-C3 age 76351 etag "9ee48a4da9c402e8a23ad085fb71f28f" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 3227 x-amz-cf-id WH7XHots7RQP0PmORyWX2cRqbHtqb0QOWfzfUeIyags75Rvbz_680A==
GET H2	200	crossdomain2.12.0.5273.b96c35cc.min.js Show response 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 1964	3 KB 3 KB	17ms 16ms	Script application/javascript	2600:9000:2250:fa00:13:ab57:d440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js Requested by Host: 1.c81358859121583b7adf2ace89cb39f44.com URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:fa00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622 Request headers accept-language de-DE,de;q=0.9 Referer https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers x-amz-version-id null date Sun, 02 Oct 2022 01:06:30 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront) last-modified Tue, 13 Oct 2020 12:04:25 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 43006 etag "9ee48a4da9c402e8a23ad085fb71f28f" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 3227 x-amz-cf-id UxrvuhGkuA4KYr98xpwgM9TXJ41wV6-0vewTkjI2QD-gutZSPsW7ZA==
GET H2	200	crossdomain2.12.0.5273.b96c35cc.min.js Show response 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 3324	3 KB 3 KB	16ms 16ms	Script application/javascript	2600:9000:223f:f400:1e:54f1:26c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js Requested by Host: 1.b406929acabac9b095f124c81bdfcf57f.com URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:f400:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622 Request headers accept-language de-DE,de;q=0.9 Referer https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Sun, 02 Oct 2022 00:33:42 GMT x-amz-version-id null via 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront) last-modified Tue, 13 Oct 2020 12:04:25 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 44974 etag "9ee48a4da9c402e8a23ad085fb71f28f" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 3227 x-amz-cf-id WeJf44W4pqLtr0nz53BW72X25Op7K5Ry62xqXOQxPbKogiQd-UHdYA==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| UIEvent object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cdwpb object| cdApi object| Utils object| customEventsObject object| cookiesUtils object| modalObject object| tealiumUtils function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| $ function| jQuery function| Cookies function| forceIE89Synchronicity object| lazySizes function| getPageName object| utag_data function| mainNavActiveChecker object| homepages function| moveAlertBanner function| DownSlider function| getPageAlertHtml function| getLoginAlertHtml function| alertActiveCheck function| showAlert function| ShowPageAlert function| ShowLoginAlert function| removeBadAlerts function| fixColWhiteBg function| showCustomAlert function| showCustomLoginAlert function| showFormsPanel object| allAlerts object| allArticlesInCategory function| setArticles function| loadMoreArticles function| makePullQ function| bindEmailShare function| setArticleShare function| setBgImgFromAttr object| $body object| $modalContainer object| $modalClose undefined| $currentModal undefined| $originalModalLocation object| $openModalButton object| $firstActionableModalElement undefined| $modalAnchor number| $eventFired object| modalLibrary function| applyCustomColWidths object| articleCarouselLibrary function| SetMinMaxDateAttr function| FormatTelOnBlurBind function| FormatTelOnBlur function| CustomDateFldValidation function| ValidateDateOnBlur function| evenItemsH function| setBreakPointBodyAttr object| $jscomp string| style undefined| d undefined| t undefined| m undefined| s

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.atomicvalidation.com/	1969-12-31 23:59:59	Name: cdContextId Value: 1
			.atomicvalidation.com/	1970-01-20 15:10:51	Name: bmuid Value: 1664715794223-72D48A7A-D31A-49E6-95D7-389DD3707CC6
			.locations.mtb.com/	1970-01-20 06:25:17	Name: __cf_bm Value: zZQoPQCwUVW0Ckp9sdbxUgzfnOblNw4n34koupj2N3s-1664715794-0-Aa4twQMVG9QZDy2nAPI6A+DIqAa7s+e4oVQKyuckesNBiKiFd8C4DNREiTqhdRxIWbyKKFcq+p5GguRb7vHZ0YQ=
			.atomicvalidation.com/	1970-01-20 15:10:51	Name: cdSNum Value: 1664715794763-sjn0000254-bb4a87a0-f7cc-4eb5-9ccd-22adaa25d2cc

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://test.atomicvalidation.com/bin/wcm/articles Message: Failed to load resource: the server responded with a status of 404 (Not Found)
rendering	warning	URL: https://test.atomicvalidation.com/onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://test.atomicvalidation.com/onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1.b406929acabac9b095f124c81bdfcf57f.com
1.c81358859121583b7adf2ace89cb39f44.com
locations.mtb.com
ponos.zeronaught.com
test.atomicvalidation.com
107.162.179.174
192.3.204.194
2600:9000:2070:f200:a:6cdf:4440:93a1
2600:9000:223f:f400:1e:54f1:26c0:93a1
2600:9000:2250:fa00:13:ab57:d440:93a1
2606:4700::6812:7034
03cc12570299da2da582ed1f055f77f31f7d77899f1ada7ced1dfeea50068298
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
12cd2afe7213983539cadf46622dc114df910baade9807c421ff109309f99ce3
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6
302462d4283c45e7405dcaf5036c9f1e34982c47baaa0a39c2b45e6cb9a203f4
3960cdb6b4a1c46d19d1d974c8bd8c429b12fbd7dde63617fd008b6b5c0671da
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
458216affb8da8f44e7c8549bfe4a35bd5194130e3655387a5052c3642e6956b
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
60f064cd48214cb73f54404a2eda28d731f49bf853509d47da070174784e11b9
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
74b2301f83da81152130c5ada202f02c790977b4fe669ed0b6c0b59ffba63174
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
b52491c27cecf65625609e90b2e38241196e162ade5ba7f4c280d2fb6c00d8a9
b6467c1102dfc4795d0a19626b6fd7797d243b622edef63f36a325ac1285f5d8
c5bac5c06dfc6a8b1547af4e6dfa0d784f70db7c92cfe1e97c45e962f0283d0c
d0760c79fd13959928a7061bd3d619b27daebee47ae94483439a70a8de198a3b
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e83279a6bc054a051b5a8ff9e5e5031cd2419482d691b53e5b5cbe6c7fad1086