mtbsecurityalert.myftp.org Open in urlscan Pro
79.141.173.183 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mtbsecurityalert.myftp.org/
Submission: On June 25 via automatic, source certstream-suspicious (June 25th 2023, 11:34:04 pm UTC) — Scanned from DE

Summary HTTP 126 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 29 domains to perform 126 HTTP transactions. The main IP is 79.141.173.183, located in Dallas, United States and belongs to HZ-US-AS, BG. The main domain is mtbsecurityalert.myftp.org.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 25th 2023. Valid for: 3 months.

This is the only time mtbsecurityalert.myftp.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	79.141.173.183 79.141.173.183	202015 (HZ-US-AS) (HZ-US-AS)
10	2600:9000:205... 2600:9000:2057:9600:b:2146:1340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	24.75.29.69 24.75.29.69	16490 (MTB) (MTB)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2600:9000:225... 2600:9000:225e:c00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.175.158.142 54.175.158.142	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.122.58 18.66.122.58	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:7434	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:249... 2600:9000:2490:4000:18:15b9:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2490:c600:a:6cdf:4440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21f... 2600:9000:21f3:fe00:1e:54f1:26c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:2250:ac00:13:ab57:d440:93a1	() ()
7	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a02:26f0:310... 2a02:26f0:3100::1735:28c0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:10:... 2606:4700:10::6816:35fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
1	44.209.137.118 44.209.137.118	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:20e... 2600:9000:20eb:1a00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	18.210.229.244 18.210.229.244	14618 (AMAZON-AES) (AMAZON-AES)
1 5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
6	34.72.33.225 34.72.33.225	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.66.3.160 34.66.3.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	44.235.191.156 44.235.191.156	16509 (AMAZON-02) (AMAZON-02)
1	35.81.162.201 35.81.162.201	() ()
126	41

1 79.141.173.183 (Dallas, United States)

ASN202015 (HZ-US-AS, BG)
PTR: glaubnichtdaran.site

mtbsecurityalert.myftp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2057:9600:b:2146:1340:93a1 (United States)

ASN16509 (AMAZON-02, US)

www3.mtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 24.75.29.69 (Buffalo, United States)

ASN16490 (MTB, US)

onlinebanking.mtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:225e:c00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.158.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-158-142.compute-1.amazonaws.com

api4921.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-58.fra60.r.cloudfront.net

cdn-0.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7434 (United States)

ASN13335 (CLOUDFLARENET, US)

locations.mtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:4000:18:15b9:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2490:c600:a:6cdf:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.a79ab95c1589a13f8a4cab612bc71f9f7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:fe00:1e:54f1:26c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.b406929acabac9b095f124c81bdfcf57f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:ac00:13:ab57:d440:93a1 (United States)

ASN- ()

1.c81358859121583b7adf2ace89cb39f44.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:28c0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.137.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-137-118.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.229.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-229-244.compute-1.amazonaws.com

18.210.229.244	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.72.33.225 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 225.33.72.34.bc.googleusercontent.com

mtb-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.66.3.160 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.3.66.34.bc.googleusercontent.com

rl.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.191.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-191-156.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.162.201 (None, )

ASN- ()

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1059	84 KB
12	mtb.com www3.mtb.com — Cisco Umbrella Rank: 113761 onlinebanking.mtb.com — Cisco Umbrella Rank: 110848 locations.mtb.com — Cisco Umbrella Rank: 200201	569 KB
9	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 1948 mtb-app.quantummetric.com — Cisco Umbrella Rank: 75900 rl.quantummetric.com — Cisco Umbrella Rank: 3636	92 KB
8	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2890 www.google.com — Cisco Umbrella Rank: 3	2 KB
8	segreencolumn.com ob.segreencolumn.com — Cisco Umbrella Rank: 16635 obs.segreencolumn.com — Cisco Umbrella Rank: 12750	35 KB
6	google.de www.google.de — Cisco Umbrella Rank: 4835	1000 B
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124	8 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	280 B
6	bing.com bat.bing.com — Cisco Umbrella Rank: 389	13 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 408 www.linkedin.com — Cisco Umbrella Rank: 563 px4.ads.linkedin.com — Cisco Umbrella Rank: 6542	5 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	391 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 6171 px.mountain.com — Cisco Umbrella Rank: 6349 gs.mountain.com	8 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	177 KB
3	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1156	1 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 531	7 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 960	6 KB
2	c81358859121583b7adf2ace89cb39f44.com 1.c81358859121583b7adf2ace89cb39f44.com — Cisco Umbrella Rank: 26140	4 KB
2	b406929acabac9b095f124c81bdfcf57f.com 1.b406929acabac9b095f124c81bdfcf57f.com — Cisco Umbrella Rank: 26209	4 KB
2	a79ab95c1589a13f8a4cab612bc71f9f7.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com — Cisco Umbrella Rank: 26230	4 KB
2	d41.co api4921.d41.co — Cisco Umbrella Rank: 147573 cdn-0.d41.co — Cisco Umbrella Rank: 20589	26 KB
1	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3944	267 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 721	396 B
1	t.co t.co — Cisco Umbrella Rank: 504	379 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 768	15 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 172	2 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1027	369 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 10934	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	28 KB
1	myftp.org mtbsecurityalert.myftp.org	16 KB
126	29

	Domain	Requested by
16	tags.tiqcdn.com	mtbsecurityalert.myftp.org tags.tiqcdn.com
10	www3.mtb.com	mtbsecurityalert.myftp.org www3.mtb.com cdn.quantummetric.com
7	obs.segreencolumn.com	ob.segreencolumn.com mtbsecurityalert.myftp.org onlinebanking.mtb.com
6	mtb-app.quantummetric.com	cdn.quantummetric.com
6	www.google.de	mtbsecurityalert.myftp.org
6	www.facebook.com	mtbsecurityalert.myftp.org
6	bat.bing.com	tags.tiqcdn.com bat.bing.com mtbsecurityalert.myftp.org
5	www.google.com	1 redirects mtbsecurityalert.myftp.org
5	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
5	www.googletagmanager.com	tags.tiqcdn.com ob.segreencolumn.com www.googletagmanager.com
4	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
3	region1.analytics.google.com	www.googletagmanager.com
3	sp.analytics.yahoo.com	mtbsecurityalert.myftp.org
3	px.ads.linkedin.com	3 redirects
3	s.yimg.com	tags.tiqcdn.com onlinebanking.mtb.com
2	px.mountain.com	dx.mountain.com mtbsecurityalert.myftp.org
2	rl.quantummetric.com	cdn.quantummetric.com
2	snap.licdn.com	tags.tiqcdn.com snap.licdn.com
2	1.c81358859121583b7adf2ace89cb39f44.com	www3.mtb.com 1.c81358859121583b7adf2ace89cb39f44.com
2	1.b406929acabac9b095f124c81bdfcf57f.com	www3.mtb.com 1.b406929acabac9b095f124c81bdfcf57f.com
2	1.a79ab95c1589a13f8a4cab612bc71f9f7.com	www3.mtb.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1	gs.mountain.com	mtbsecurityalert.myftp.org
1	pixel.sitescout.com	mtbsecurityalert.myftp.org
1	analytics.twitter.com	mtbsecurityalert.myftp.org
1	t.co	mtbsecurityalert.myftp.org
1	static.ads-twitter.com	tags.tiqcdn.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	px4.ads.linkedin.com	mtbsecurityalert.myftp.org
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	onlinebanking.mtb.com
1	dx.mountain.com	tags.tiqcdn.com
1	up.pixel.ad	tags.tiqcdn.com
1	cdn.quantummetric.com	tags.tiqcdn.com
1	ob.segreencolumn.com	tags.tiqcdn.com
1	locations.mtb.com	mtbsecurityalert.myftp.org
1	cdn-0.d41.co	tags.tiqcdn.com
1	api4921.d41.co	tags.tiqcdn.com
1	cdnjs.cloudflare.com	mtbsecurityalert.myftp.org
1	onlinebanking.mtb.com	mtbsecurityalert.myftp.org
1	mtbsecurityalert.myftp.org
126	41

This site contains links to these domains. Also see Links.

Domain
www3.mtb.com
library.mtb.com
locations.mtb.com
onlinebanking.mtb.com
mtb.com
myaccountviewonline.com
commercialservices.mtb.com
www.youraccessone.com
weborders.brinksinc.com
www.centresuite.com
paynow.peoples.com
www.mtbsupplierpay.com
asset.mtb.com

Subject Issuer	Validity	Valid
mtbsecurityalert.myftp.org ZeroSSL RSA Domain Secure Site CA	`2023-06-25` - `2023-09-23`	3 months	crt.sh
www.mtb.com Entrust Certification Authority - L1M	`2023-05-26` - `2024-06-02`	a year	crt.sh
onlinebanking.mtb.com Entrust Certification Authority - L1M	`2022-07-25` - `2023-08-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.d41.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-05`	a year	crt.sh
locations.mtb.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-03`	a year	crt.sh
*.segreencolumn.com Amazon RSA 2048 M02	`2023-02-23` - `2023-09-15`	7 months	crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-26` - `2024-04-04`	a year	crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-02` - `2024-04-07`	a year	crt.sh
*.c81358859121583b7adf2ace89cb39f44.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-02` - `2024-04-07`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.pixel.ad GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-24` - `2024-02-02`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
18.210.229.244 Sectigo RSA Domain Validation Secure Server CA	`2023-02-13` - `2024-02-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-18` - `2024-02-13`	a year	crt.sh
rl.quantummetric.com R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://mtbsecurityalert.myftp.org/
Frame ID: 4F8FEA577DD8BB8860C13EF9A184682E
Requests: 112 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: EBAC242B00F72041E410828FFE4203D1
Requests: 2 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: 67DB0411190EF2FFB3668CC7B49081C0
Requests: 2 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: 9C8155420F8B0B75B5EA025FBDE07BE3
Requests: 2 HTTP requests in this frame

Frame: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Frame ID: D94F544AE3F41CF8E0E547CDAF4ED02F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to M&T Online Banking or Commercial Treasury CenterNavigation Menu

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

90 %
HTTPS

56 %
IPv6

29
Domains

41
Subdomains

41
IPs

5
Countries

1496 kB
Transfer

5276 kB
Size

30
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://www3.mtb.com/

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal
Title: Personal

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial
Title: Commercial

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united
Title: People's United

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/personal-banking/checking-accounts-mandt-bank
Title: Checking Accounts

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/personal-banking/debit-card
Title: Debit Cards

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/personal-banking/savings-and-certificate-of-deposit-cds/savings-account-and-cd-options
Title: Savings Account & CD Options

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/mortgages-and-loans
Title: Mortgages & Loans

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/personal-banking/credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/insurance-investments-and-insurance
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/wilmington-advisors
Title: Investments & Retirement

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/driving-change/multicultural-banking
Title: Multicultural Banking

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/education-portal
Title: Financial Education Center

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/premium-services
Title: Premium Services

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-banking-checking-and-service-options
Title: Bank

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/cash-management-for-business
Title: Manage Cash Flow

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/online---mobile-services
Title: Online & Mobile Services

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-financing
Title: Finance

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-resources---insights
Title: Resources & Insights

Search URL Search Domain Scan URL

URL: https://library.mtb.com/tag/cybersecurity-risk/
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-education-portal
Title: Business Education Center

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-banking-welcome
Title: Business Banking Welcome

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-banking
Title: Bank

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-financing-and-lending-solutions
Title: Finance

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-banking-industry-solutions
Title: Industry Solutions

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-insurance
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/corporate-investment-services
Title: Invest & Grow

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/resources-and-insights
Title: Resources & Insights

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/m-t-financial-services
Title: M&T Financial Services

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-financing-and-lending-solutions/mt-capital-leasing-corporation
Title: M&T Capital and Leasing Corporation

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-financing-and-lending-solutions/equipment-finance-corporation
Title: M&T Equipment Finance Corporation

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/es
Title: Español

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/es/spanish-speaking-branches
Title: Representantes Bancarios Minoristas

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/es/spanish-business
Title: Gerentes de Relaciones Bancarias Comerciales

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united/personal-banking-faqs
Title: Personal FAQs

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united/business
Title: Business Welcome

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united/business/business-owner-faqs
Title: Business FAQs

Search URL Search Domain Scan URL

URL: https://locations.mtb.com/
Title: Locations

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/covid-19-response
Title: COVID-19 Updates

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/mortgages-and-loans/mortgage/manage/paying/assistance
Title: Mortgage Assistance Programs

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/mandt-bank-faqs
Title: F A Qs

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/discover-top-banking-tasks
Title: Common Banking Tasks

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us
Title: About M&T

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/bank-security-tips-and-best-practices
Title: Banking Security

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united/mobile-and-online-resource-center-personal#firsttime
Title: Personal Accounts

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united/business/mobile-and-online-resource-center-business
Title: Business banking services

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united/business/commercial/treasury-management-services-guide
Title: Treasury Services

Search URL Search Domain Scan URL

URL: https://onlinebanking.mtb.com/Login/PasscodeReset
Title: Reset your M&T Online Banking passcode

Search URL Search Domain Scan URL

URL: https://onlinebanking.mtb.com/login/selfserviceresetsecurity
Title: Unlock your M&T Online Banking account/reset your security questions

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in/help-with-user-id-passcode
Title: Help with User ID or Passcode

Search URL Search Domain Scan URL

URL: https://mtb.com/olb-enroll
Title: Enroll in M&T Online Banking

Search URL Search Domain Scan URL

URL: https://onlinebanking.mtb.com/Login/MTBSignOn
Title: Online Banking

Search URL Search Domain Scan URL

URL: https://myaccountviewonline.com/
Title: Account View

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in/various
Title: View All

Search URL Search Domain Scan URL

URL: https://commercialservices.mtb.com/auth/forgot-password.html
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://www.youraccessone.com/1590mtb
Title: AccessOne

Search URL Search Domain Scan URL

URL: https://weborders.brinksinc.com/
Title: Cash Order

Search URL Search Domain Scan URL

URL: https://www.centresuite.com/Centre/Public/Logon/Index?ReturnUrl=%2fCentre%3fsite%3d2129&site=2129
Title: CentreSuite

Search URL Search Domain Scan URL

URL: https://paynow.peoples.com/ebpp/PCLC/
Title: M&T Capital and Leasing Corporation Payment

Search URL Search Domain Scan URL

URL: https://www.mtbsupplierpay.com/UserLogin/UserLogin.do?ino=mtb
Title: M&T Supplier Pay

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/bank-policies/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/html/DSA.htm
Title: Digital Service Agreement

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/html/ESign.htm
Title: ESign Consent

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/bank-policies/terms-of-use-policy
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/pdf/treasury-center/tm-system-requirements-updated-final-mt2019.pdf
Title: Browser Requirements

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/bank-policies/digital-privacy-notice
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/treasury-management
Title: General Disclaimer

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/help-center/banking-security
Title: Fraud Information

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/pdf/treasury-center-sms-alerts.pdf
Title: SMS Alerts

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66618%26time%3D1687736037154%26url%3Dhttps%253A%252F%252Fmtbsecurityalert.myftp.org%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQLNdKFpJJD6DAAAAYj06DH7A1yqfMrQTb4MKysOrVnn2g1XeAex94d0cyGz_Tg783wD9yJH

Request Chain 101

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=1100905546&cv=11&fst=1687736037344&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5c6YZNXeHLqf7_UPouKW4A0&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh5YzVKdXl6QUhzR1lZa09LVkxZOFFyVmVwMWF0b0x3RDJGRjNpOHJfNUllQncaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU04djlPeWxfOVRiX2I0MHpyZ2F2MkdIRHctR3UwOEdoNjRRUmNZbUFiWHBMRE5WWGwwX2xxQllCZyITCJXl89fK3_8CFbrPuwgdIrEF3A HTTP 302
https://www.google.com/pagead/1p-conversion/875517505/?random=1100905546&cv=11&fst=1687736037344&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh5YzVKdXl6QUhzR1lZa09LVkxZOFFyVmVwMWF0b0x3RDJGRjNpOHJfNUllQncaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU04djlPeWxfOVRiX2I0MHpyZ2F2MkdIRHctR3UwOEdoNjRRUmNZbUFiWHBMRE5WWGwwX2xxQllCZyITCJXl89fK3_8CFbrPuwgdIrEF3A&is_vtc=1&ocp_id=5c6YZNXeHLqf7_UPouKW4A0&cid=CAQSKQBygQiDmH7hwYWmdz7yPvsPpttPEMXWKsQZmui2sY-jtR2cWlEecK_K&random=72052511 HTTP 302
https://www.google.de/pagead/1p-conversion/875517505/?random=1100905546&cv=11&fst=1687736037344&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh5YzVKdXl6QUhzR1lZa09LVkxZOFFyVmVwMWF0b0x3RDJGRjNpOHJfNUllQncaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU04djlPeWxfOVRiX2I0MHpyZ2F2MkdIRHctR3UwOEdoNjRRUmNZbUFiWHBMRE5WWGwwX2xxQllCZyITCJXl89fK3_8CFbrPuwgdIrEF3A&is_vtc=1&ocp_id=5c6YZNXeHLqf7_UPouKW4A0&cid=CAQSKQBygQiDmH7hwYWmdz7yPvsPpttPEMXWKsQZmui2sY-jtR2cWlEecK_K&random=72052511&ipr=y

126 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mtbsecurityalert.myftp.org/ 65 KB
16 KB 537ms
263ms Document
text/html 79.141.173.183
HZ-US-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mtbsecurityalert.myftp.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 79.141.173.183 Dallas, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS: glaubnichtdaran.site
Software: nginx /
Resource Hash: 856a1e73956e20dcf21c21234ab1dfee59a119e0a2afe618234bc5424e013991

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 16481
Content-Type: text/html
Date: Sun, 25 Jun 2023 23:33:54 GMT
ETag: "1040b-5fefbca42ec02-gzip"
Last-Modified: Sun, 25 Jun 2023 22:31:07 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 clientlib-base.css
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/ 425 KB
57 KB 67ms
9ms Stylesheet
text/css 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 22:47:23 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3083
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 57814
last-modified: Mon, 27 Mar 2023 20:28:19 GMT
server: Apache
etag: "6a323-5f7e7955d9ec0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=3600, public, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: eVagQ2m4dRF-aqQmSilwpX5KHCFsVnkNVvYocE3EXHwN1Qff0KK2lA==

GET
H/1.1 200
OK mtb_app_wbk.js Show response
onlinebanking.mtb.com/Assets/js/ 291 KB
169 KB 779ms
121ms Script
application/javascript 24.75.29.69
MTB

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.75.29.69 Buffalo, United States, ASN16490 (MTB, US),
Reverse DNS
Software: /
Resource Hash: d649b34216ef1c7d1b0b5805fdb73a76f04f046bf1c1995868cfc1ad8022e3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 23:33:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
X-Ion-Hop: 1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 cdsession.js Show response
www3.mtb.com/content/dam/mtb-web/scripts/ 772 KB
130 KB 75ms
18ms Script
application/javascript 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

44dcbf43dacaa97b37e8a5979617c1eed7431d180ee242fa5be8c939a99f88fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Sun, 25 Jun 2023 22:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2778
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
last-modified: Wed, 18 Jan 2023 18:39:59 GMT
server: Apache
etag: "c0e95-5f28e24b9fdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: 1zaMC7RR5aGeuKq1NOWzCDLdm54tY4FxeoFlcDxmcNJvO6nAmf60fQ==

GET
H2 200 vendor.js Show response
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/ 237 KB
72 KB 67ms
10ms Script
application/javascript 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/vendor.js

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7146e4edda9b9a7502b1b6935983787c3bba8a34a95cebde1577409a9e33cd54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Sun, 25 Jun 2023 23:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1538
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
last-modified: Mon, 27 Mar 2023 20:28:18 GMT
server: Apache
etag: "3b2b1-5f7e7954e5c80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=3600, public, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: Eyyoaj7vjd5NA0NPtBERLhBtIpQ0_WuZIoSkxppaiNpd9BOUYy69Ow==

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 88 KB
28 KB 39ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://mtbsecurityalert.myftp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1397621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27990
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63091225-6d56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrDEqKeXB35xsRlnR%2B4Uo5T6slpH48E%2FcEs%2FHMAzZ4OIycEq9uOQq2rWQMqHKjEgYxuKH%2B7eS%2FxwtfLQEW4VnfdKscxBIIW1sGoeGW%2Bu72m8yl82yvYBNU9MGU39NZuj%2BeZQX5oAejLiGDe6YINawcWB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7dd104a708186987-FRA
expires: Fri, 14 Jun 2024 23:33:54 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 79 KB
28 KB 67ms
11ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60128d066e656ac5ff2434c57f8c77ef7f6fb0b666ddd344d027cd26afc3b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: k8rhGvDZY518cOnD7_JtoSHQzo4tM7Aq
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:54 GMT
last-modified: Tue, 20 Jun 2023 21:14:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 141
x-amz-server-side-encryption: AES256
etag: W/"6b20ee8dd8a4cdafec7af22469b1ed31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 1dSRnKGfm1YPPmbVEVQXa4zXjnO7TORAawWG1lEnTEFAJzx8liAVDQ==

GET
H2 200 status.js Show response
www3.mtb.com/content/dam/mtb-web/scripts/ 13 KB
5 KB 84ms
30ms Script
application/javascript 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/content/dam/mtb-web/scripts/status.js

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

cdd596ad803da277a633da49dd1c73df472137945d7128436a5b77affb609bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 23:33:54 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 50
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 4247
last-modified: Fri, 19 May 2023 19:35:05 GMT
server: Apache
etag: "33b1-5fc110493ec40-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: mfcRoARfyO616sv_W_UDK2NOTNkr4cBOWqoqS_p69C3yH7HVCbdE9Q==

GET
H2 200 white%20logo.png
www3.mtb.com/content/dam/mtb-web/logos/ 5 KB
5 KB 12ms
12ms Image
image/png 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/dam/mtb-web/logos/white%20logo.png

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Sun, 25 Jun 2023 23:33:54 GMT
x-content-type-options: nosniff
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 678
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 4936
last-modified: Thu, 16 Apr 2020 22:07:44 GMT
server: Apache
etag: "1348-5a36fa9802c00"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: egDvfl2Ffd1b3HWZ0u7v5rSEpPQpctPVl5vtcZxNzNpM84MJ0BRQtw==

GET
H2 200 axp.js Show response
www3.mtb.com/content/dam/mtb-web/scripts/ 3 KB
2 KB 12ms
12ms Script
application/javascript 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/content/dam/mtb-web/scripts/axp.js

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

74b2301f83da81152130c5ada202f02c790977b4fe669ed0b6c0b59ffba63174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 23:33:54 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 679
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 1195
last-modified: Wed, 01 Jun 2022 22:08:06 GMT
server: Apache
etag: "cc5-5e06a1faadd80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: bGAHdD6JCf-GsJEZL9ZvyQp3QyZSJG07fRJh3k7chkObcJ-duVDSpg==

GET
H2 200 allAlertobject.js Show response
www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/ 20 KB
3 KB 13ms
13ms Script
application/javascript 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

4a90371c52eb6313b34531d9a81df1fff265100eacb87585cf96bae4a96295a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 23:33:54 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 50
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 2391
last-modified: Sat, 20 May 2023 13:28:14 GMT
server: Apache
etag: "5081-5fc2002761780-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: 7n9NLL8s9JnmDD7dPlPHpDDcFGwmO0_7ndo04MptMa2Gxocmjg0boA==

GET
H2 200 equal-housing-lender-logo.png
www3.mtb.com/content/dam/mtb-web/coupon/ 1 KB
2 KB 12ms
12ms Image
image/png 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/dam/mtb-web/coupon/equal-housing-lender-logo.png

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Sun, 25 Jun 2023 23:33:54 GMT
x-content-type-options: nosniff
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 677
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 1509
last-modified: Wed, 31 Mar 2021 12:58:53 GMT
server: Apache
etag: "5e5-5bed4ad46dd40"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: 54W99RNfb8e0Sdq6RX0SFBCxpldo1YsN5RYarG9iXi2CLQUGShhQYQ==

GET
H2 200 clientlib-base.js Show response
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/ 395 KB
95 KB 12ms
12ms Script
application/javascript 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

214ff4ff3b58301ae203976343469f27e626a7dbfac984ed87d9fdf040746201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 23:33:54 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 766
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
last-modified: Tue, 13 Dec 2022 21:29:21 GMT
server: Apache
etag: "62a18-5efbc50244e40-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=3600, public, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: m3IMqkGoMXgQpKG-2etT3jqspK34_UVvG3zXpBWDbyFV_zsI03P_bg==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 57 KB
12 KB 386ms
386ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3ac54871f3ef8e5dc30b4cbeff418688b5860e7f8ab62ace4e8904e2f455c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: _k5gm1VlFJCepTRrdn_RW2__tvkOIKjd
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
etag: W/"a2e912b3bedf6275b0b67b5323d38ea9"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: KvMZH_Qo1qZ05cJ4tfL_5baxtFqNuWUC0i4v8BhP9F5JptOpwT9MBw==

GET
H/1.1 204
No Content / Show response
api4921.d41.co/sync/ 0
518 B 501ms
119ms Script
text/plain 54.175.158.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api4921.d41.co/sync/

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.158.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-158-142.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 23:33:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
access-control-allow-origin: https://mtbsecurityalert.myftp.org
Cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dnb_coretag_v5.min.js Show response
cdn-0.d41.co/tags/ 74 KB
25 KB 53ms
11ms Script
application/javascript 18.66.122.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/dnb_coretag_v5.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
Date: Sun, 25 Jun 2023 23:29:52 GMT
Last-Modified: Thu, 18 Nov 2021 14:57:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 245
ETag: W/"13bc1e6c74c25b3098a3b54b58b70b3c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: FvkcIVlX5aHPFgKkhOltjZXmNOBDkWh2u51LavyhcawB3dCYJlZsVg==

GET
BLOB 200
OK 392ce717-b182-485a-bac1-bd6a821f31d7
https://mtbsecurityalert.myftp.org/ 184 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mtbsecurityalert.myftp.org/392ce717-b182-485a-bac1-bd6a821f31d7
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11fde77846300adaafcf48b5958b04bc7742a609139209ec3b0dddde0ac4a17b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 188704
Content-Type

GET mandtbaltoweb-book.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET
H2 200 chevron_down.8adc6731.svg
locations.mtb.com/permanent-b0b701/assets/images/ 970 B
1 KB 219ms
129ms Image
image/svg+xml 2606:4700::6812:7434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:7434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03cc12570299da2da582ed1f055f77f31f7d77899f1ada7ced1dfeea50068298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-version-id: null
x-amz-request-id: EAMA73H5HMR7YRDP
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
content-length: 568
x-amz-id-2: UQTeKDtRLudVAiO59LJI0H9o0ZWj9P+YvP0LqgIm7q3pU9CXxHOQe3qO8xcmiVMu+XxTGM0ILcdRJtSgskyNAQ==
surrogate-key: locations.mtb.com locations.mtb.com%2Fpermanent-b0b701%2Fassets%2Fimages%2Fchevron_down.8adc6731.svg
last-modified: Fri, 27 Aug 2021 20:52:43 GMT
server: cloudflare
etag: "050cee664fbeeeea1650f8360bc400ef"-gzip
vary: Accept-Encoding
content-type: image/svg+xml
x-yext-site: us2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7dd104b1a8bb3829-FRA
owner: sitescog-19087

GET mandtbaltoweb-light.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-medium.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET
H2 200 Login-Minimal-Modal-Background.jpg
www3.mtb.com/content/dam/mtb-web/logos/ 27 KB
28 KB 14ms
13ms Image
image/jpeg 2600:9000:2057:9600:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/dam/mtb-web/logos/Login-Minimal-Modal-Background.jpg

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

60f064cd48214cb73f54404a2eda28d731f49bf853509d47da070174784e11b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Sun, 25 Jun 2023 23:33:56 GMT
x-content-type-options: nosniff
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 590
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 27608
last-modified: Thu, 16 Apr 2020 22:07:43 GMT
server: Apache
etag: "6bd8-5a36fa970e9c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: zz4RAHUrCb0tlY_9XgKMuCVarEqtIF-Js5nOFTcGAPUck_4IPmTckw==

GET mandtbaltoweb-book.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-light.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-medium.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET
BLOB 200
OK 12846ce0-f1fd-4903-b638-3722ffc357bb
https://mtbsecurityalert.myftp.org/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mtbsecurityalert.myftp.org/12846ce0-f1fd-4903-b638-3722ffc357bb
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8032d93d154e4517e5e5e20fa9c27d7b.js Show response
ob.segreencolumn.com/i/ 91 KB
33 KB 54ms
9ms Script
text/javascript 2600:9000:2490:4000:18:15b9:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js?utv=ut4.49.202303152118
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:4000:18:15b9:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 62c7a62b05196ff971ed4e0caf2d269422a612e077f6f4d402c936d4dc93615a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 20:32:23 GMT
content-encoding: gzip
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P6
age: 11053
etag: "16b94-H3AFMD3LwuIVpTO8xq2N2HtAeYI"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 33872
x-amz-cf-id: UDv53CmlGNeULJtvi_Smm0JvKLBQlDCvXJY-aI01xna3O3Ry6ND4Tw==
expires: Mon, 26 Jun 2023 08:29:43 GMT

GET
H2 200 crossdomain.html Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame EBAC 221 B
556 B 55ms
7ms Document
text/html 2600:9000:2490:c600:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by: Host: www3.mtb.com
URL: https://www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:c600:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer: https://mtbsecurityalert.myftp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22892
content-length: 221
content-type: text/html
date: Sun, 25 Jun 2023 17:12:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
x-amz-cf-id: 5lgBA6dv-3a6U_iWJGEJH1cV7-qy37_byC7WpnCX6sGaEnQ9okfKWA==
x-amz-cf-pop: FRA56-P6
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 67DB 221 B
555 B 72ms
7ms Document
text/html 2600:9000:21f3:fe00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by: Host: www3.mtb.com
URL: https://www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer: https://mtbsecurityalert.myftp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22166
content-length: 221
content-type: text/html
date: Sun, 25 Jun 2023 17:24:31 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-cf-id: gmx8wtIeBzv_9v716knOpQ68Azez4bPK9OVrrx_meX1PPvfihrL2Kw==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 9C81 221 B
555 B 64ms
7ms Document
text/html 2600:9000:2250:ac00:13:ab57:d440:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by: Host: www3.mtb.com
URL: https://www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:13:ab57:d440:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer: https://mtbsecurityalert.myftp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 80632
content-length: 221
content-type: text/html
date: Sun, 25 Jun 2023 01:10:05 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: lCNbQ6S47g5h6xPgIx5ps5CFj-UGPxQQ1hMD4yoRipgW_QQaArkXWQ==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame EBAC 3 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:2490:c600:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:c600:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 25 Jun 2023 17:11:06 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 22971
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: sOHeRAiwtebRvi8jZlAx_btHlGFRG_-M__4FKMxcVj5ngcjo1KlCFg==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 9C81 3 KB
3 KB 7ms
7ms Script
application/javascript 2600:9000:2250:ac00:13:ab57:d440:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.c81358859121583b7adf2ace89cb39f44.com
URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:13:ab57:d440:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:30:02 GMT
x-amz-version-id: null
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 79435
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: gx9TXRto29a4Q_pQSofQOZtCd8OybgUjva3WfOogNV1s24qoBl7rLQ==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 67DB 3 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:fe00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.b406929acabac9b095f124c81bdfcf57f.com
URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 07:17:53 GMT
x-amz-version-id: null
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 58564
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: 99ZgTjWj7iGsjxnsGvOia0SxMBn9d7rtu-CeOfcdRp5YdrCLATLFVw==

GET
H2 200 ct Show response
obs.segreencolumn.com/ 3 KB
1 KB 355ms
119ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/ct?id=40173&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1687736036720&hl=2&op=0&ag=2178561998&rand=1497257272510116172180509902585284881245157056237227592000899372212211616676718&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDg3XSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjo0LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MzY5ODUxODcxMCxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCw2LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIzLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxNCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw3LDAsMCwwLDAiXSxbLTEsIi0iXSxbLTIsIjUsZWNYR1gxOW5ucnZWTzJKZGxOaHhCS1FrTHZTRmRBUUJDbGgxNFZVVkZBbEY3K0NBSXFYUkJGQ0UxNkZZa29WVXBBV2hBU0lEMmtaNU50VSs2OWIvMSs1ODdjeldSSkFQbEdsOSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjI5NDAwMDAwLFwidWpoc1wiOjIwNTAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS40LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY4NzczNjAzNjY5NCwwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwwLDAsMSwwLDE1LDI1OCwyNjUsLTEsMCwyMTUyLjIsMjE3NS42LDI4NjgsMjg2OCJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzLGZhbHNlXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMFwiLFwiMTEzNzgyNTAyOFwiLFwiMzg1NTIzMTE5M1wiLFwiMjk1NjI5MzI5N1wiXSxcInNcIjoxfSJdLFstNTUsIjAiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRNElBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkalN4a1JVVTFOU1VvREZoWldXeGRLWEY1TFhGeFhXbFpWVEZSWEYxcFdWQlpRRmdFSkNndGRBQXBkQ0F3TlhBME1DQTVjREZ3TVhBc0pYMWdBV2dzT1hRNWJGMU5LQmt4TlR3Uk1UUTBYRFFBWEN3a0xDZ2tLQ0F3TENBZ0JBd2dERHdvT0RRa1FGVmhOR1UwWFhFRkpWa3ROU2hrUlVVMU5TVW9ERmhaV1d4ZEtYRjVMWEZ4WFdsWlZURlJYRjFwV1ZCWlFGZ0VKQ2d0ZEFBcGRDQT09Il0sWy01OCwiLSJdLFstNTksImRlZmF1bHQiXSxbLTYwLDE3OV0sWyJkZGIiLCIwLDQsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDIsNSwwLDE0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAiXSxbImJuY2giLDg2XSxbImFibmNoIiw4Nl1d&dep=0&pre=0&sdd=%7B%7D&cri=RrfMnQVoM5&pto=2895&ver=54&gac=-&mei=&ap=&fe=1&duid=1.1687736036.uQt5mwlOmcXRXTTj&suid=1.1687736036.BApbrE2Vq75cdU5u&tuid=1.1687736036.DOe1AEcyiRUDxRsj&fbc=-&gtm=-&it=20%2C2530%2C58&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js?utv=ut4.49.202303152118
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 7739c5bccbfbac98c110b25d526de57bc8f44cfb47fbb990117988a9d7c2ec88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1189
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utag.40.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 21 KB
7 KB 15ms
14ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.40.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f8cf242bf9f45dd47ce3cd9344ea1415d5a9e95b98ef6557a5eaf973a446fb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: r3zMZsTg_hfNVI6kDd_CxvtrerJZI9XH
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 52
x-amz-server-side-encryption: AES256
etag: W/"1493917155b9e979681ba199db579e3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 8AhW-6Cxn43_PE1GDbwIO4W56wmB7NmAUtfFOeHNJuJ64jFvbgxDRA==

GET
H2 200 utag.41.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 25 KB
5 KB 11ms
9ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.41.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f63bbe8fa84707f1cbeac2739ae18fcd047f4fd4533e342d3dc8bfe5187229c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: P0ASiLH_5siE0qzr2bE4bIlwU.ok7sQu
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 196
x-amz-server-side-encryption: AES256
etag: W/"db109ebeebc8d242b6da5e952418e1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: SKb-w6dpOfnlOmLf_bJqk1VvGuHWGTtaPl-1v7Dihl8guZC20UOXrw==

GET
H2 200 utag.42.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 11ms
10ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.42.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d59f3d120f9a2a9147d19c1a573b7d829977630c10ae5b456a25d8a3b03bce50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 3UK1k5wa1VTlBPFyj57brcOxNM4pGuTp
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 75
x-amz-server-side-encryption: AES256
etag: W/"08221ce13f21b41a414f856211758e98"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: NXbGUMOZIOBm3s89_J1U_FW4vFb3Rgkc4-t-bIcalx8DxoxESaIK5A==

GET
H2 200 utag.43.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 10 KB
3 KB 401ms
400ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.49.202006232100
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a1fa20a744a18629441f9e4b48e310b30023477b8a8561f76c9db20b7e8e3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: O2cUJQHSr2YZ.kLwDH5jA1c_yMTEFS0P
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:58 GMT
last-modified: Tue, 20 Jun 2023 21:14:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
etag: W/"f683691d0161658f46ef39dd68b32dee"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: -mnp0TbwiUjS2oaMoyTZiWPzECJaz42DIkT9Q0V-fSxJhJ0fvpcY4A==

GET
H2 200 utag.44.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 12ms
10ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.44.js?utv=ut4.49.202109282124
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0502ad262d50bbaf9aa2a89b56decb38e061e6b45bc167cbb227eefaa057cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: siW0ElZpobmrefDQSI4.5JqxVdijC_uM
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 75
x-amz-server-side-encryption: AES256
etag: W/"526a4f896f7563ac0b53e33f12645552"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: wIQ7q_e6TA0Wtwk2WLjspmTNVzciT1YonPvSP8ZHtXxauNuKHChoXw==

GET
H2 200 utag.46.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 21 KB
7 KB 12ms
10ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.46.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e24f451a1bab01a5acbbed619264b335bc9a1c42eab28fb7d464ca11d34bc6b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 3ujZjklN27xf1znONwzJnDEsVznU72Qd
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 52
x-amz-server-side-encryption: AES256
etag: W/"d3fdaa0ddb982eb5ba8b8452543e26a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 3BFPxUL8u1kwRsdBQbBwTAxJdpHsURXmyhZU3fw8vDSZW2rgHXld_Q==

GET
H2 200 utag.47.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 13ms
11ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.47.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0b577245b1fd7be3bcaf0f7c59ed5803e0067b2cd93aeb28beee93c4fc41226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 7rOUmqQ6RA4iVbD94YFWFb1wR31Z2K_D
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 254
x-amz-server-side-encryption: AES256
etag: W/"9583b0db79313c6c780f7887eb4d0e9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: nCxWZywFGpZCJ6fR_wONJKXgeg0ruJlpY1QseJRn6R_segYWPqUTeA==

GET
H2 200 utag.70.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 6 KB
2 KB 11ms
10ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.70.js?utv=ut4.49.202302282213
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30cc0f7387758a7968700c9f94164bee74947f185a73b8e7b56ee28dfab35307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: WRb3WR.4cQZBwow5vkJhodr9dKd6Y8Ad
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 263
x-amz-server-side-encryption: AES256
etag: W/"0cd534b0811c5506cf63dd52f3489145"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: VQosCOs5k0A7nMe_SfH1NJPutep8ypLT5PMhxIjpdsJxn4r7zRNv9w==

GET
H2 200 utag.76.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 12 KB
4 KB 13ms
12ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.76.js?utv=ut4.49.202212072210
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 828f6c87253cf13ec4d3cb6be4374e5403dce50c0963d4e17c2417fd5674796a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 2ko.TH4Tq8cXH9pvPTmTUIAwYCf3GGKU
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 116
x-amz-server-side-encryption: AES256
etag: W/"821b181bfa640fe1d8ce2c66442d91c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 69kHSY88yYKmu4ZAFH5k6b-A_yvYjjCi1kCZ2T875hEt-ImwDwOpQQ==

GET
H2 200 utag.190.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 12 KB
4 KB 14ms
13ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.190.js?utv=ut4.49.202301172220
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e37c097abfd5008fcec62eda895ffb51133f44ac1a703c5292686ea2b7f6521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 4s5btnaYavipKuYXRGP4wou3PzEu5wKy
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 109
x-amz-server-side-encryption: AES256
etag: W/"45f26acefe4738dd4638beca375a936d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Cqs39ggKd2CifxXFMhCRRS8DB6lAIdzrt0FeSf_gwmd8OdWKGRT_Vg==

GET
H2 200 utag.199.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 2 KB
1 KB 15ms
14ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.199.js?utv=ut4.49.202209122156
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 651f710f6c0a455e0ab059369a8fd7972fb9236c9f8ee58592282b590c53dc77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 0Ugy3Sog0b4_FA6hqOEnHQZBW5TeCNaj
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 109
x-amz-server-side-encryption: AES256
etag: W/"85a3d2b7f754146cdcb5222e177939c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: QfC_U8M-CjS7686J4W6LjB5gxvod9O0VZ51Ynx26dC9KFqOTXCdY9A==

GET
H2 200 utag.214.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 17 KB
5 KB 15ms
14ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.214.js?utv=ut4.49.202306012132
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7019b0287198e884a7dd3c196e60267a0d75478c90b456844c5465e7301a247a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Tq5pOBG4snBhLFJb1TdZ68EXRqPuqhdy
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 63
x-amz-server-side-encryption: AES256
etag: W/"d82c2fd825d7d3119ab7331052c7d1a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 9IruUciuUpnvmLx09RTMPus5hiLYZeG0MeRB_68sbN_PV5ScpXHFdg==

GET
H2 200 utag.215.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 16ms
16ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.215.js?utv=ut4.49.202304242124
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 553084bcec2eb2972e62654cc0285906137749ac89fa5b9875f766c05768c5e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: FcTt37SZlZpAHnlGHQ0Ti542ewxuLLLk
content-encoding: br
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 23:33:57 GMT
last-modified: Tue, 20 Jun 2023 21:14:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 63
x-amz-server-side-encryption: AES256
etag: W/"bb9817793ef7313f04302fe7ad83404e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: -r1tz2pD8H3HB7m4og19P7Wk5kZHTXi2biFN70AcVURzzGw3aCYjYQ==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 82ms
22ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e4164edd6af46ad5e9c02a482bdcd2a9c3e9eb199cee06bcd12cc751ce73de87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:30:06 GMT
x-amz-version-id: pM_8Podf2LG1oYqe3ugSKxJX2zCnEaDh
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 676KJNZFF268KW9H
age: 232
x-amz-server-side-encryption: AES256
x-amz-id-2: 3qXLm6CsbfGbPYYCOKGxalQsCK8eiCfoU7jPLW+BSCe0VKyUxNNcnMdr97GgxG7gt05kcWyIFXg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 12 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 07 Jun 2023 11:01:50 GMT
server: ATS
etag: "62d9fe1cc1697022ba0fe2a4d038b308-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
775 B 56ms
8ms Script
application/x-javascript 2a02:26f0:3100::1735:28c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

77cf16e1867991ea4ed7fb6d470e613528693de636fb0f1352936cc480e180ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 17:56:59 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32435
accept-ranges: bytes
content-length: 562

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 59ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 25 Jun 2023 23:33:56 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 812143D21A6D42ADACB5D8115B7FFE33 Ref B: FRAEDGE1314 Ref C: 2023-06-25T23:33:57Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 quantum-mtb.js Show response
cdn.quantummetric.com/qscripts/ 326 KB
88 KB 826ms
798ms Script
text/javascript 2606:4700:10::6816:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be361a3bad89164bd790e478df021d31cee779f1b55e7f9cc30ecf43bf3398a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: no-sniff
cf-cache-status: EXPIRED
content-encoding: br
server: cloudflare
etag: W/"168746149019816863315538441687680002963"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray: 7dd104b7ae7703d8-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 112 KB
29 KB 33ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21d4a80744b439cb8dd504b6d5f1dd6fd9fe1ddcca9e46ab98d156f51e893c1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28307
x-xss-protection: 0
pragma: public
x-fb-debug: IKBIG9EKtP5RLhqXhMOGDRiwqhZvsZ2demn1X4TGrp07hdcErS9Qr627B+CHpQGjN0ZImCJqRs/zgeIQ5Ll6tA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 202ms
117ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-948713993

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

726b3a02a2ece846145c3f042e182c604e7d1efbb35a35caa3512608a0ce5e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70800
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Jun 2023 23:33:57 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 89ms
15ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 401117
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 1d82b12b33ed381c3c1807d07f652e20

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 17 KB
4 KB 452ms
114ms Script
application/javascript 44.209.137.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cb=38037256052911240
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.137.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-137-118.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 41b31b2ea1ca3dd08459f4dd48324fdbae66c9f9a91681e4ef6cc0cf6bf67ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:56 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 3
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
92 KB 181ms
138ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0

Requested by

Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js?utv=ut4.49.202303152118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afcd2ef962f6da03849a7160d636c30e9e11840160a7445eaa76682feafeac2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Jun 2023 23:33:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 94ms
52ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-875517505

Requested by

Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js?utv=ut4.49.202303152118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c0a2ce8298a1cb81ae33e80cb4b4cb98fc9b319229add5dacadf2eb8dfafc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70022
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Jun 2023 23:33:57 GMT

GET
H2 200 tc_imp.gif
obs.segreencolumn.com/tracker/ 43 B
79 B 112ms
112ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001362e9c036ec47899a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f674ed7878e012c3b18aa787502d26d8d33c402350727945a535836500cc3be3d4b77be26bb25cb43e2916af05165ad5f2f7a1bda53ec40f4c1d7de3cbb2807ff7ecaa8556d8e0e3143714493d60262a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4908677a0d8d959ee489d5b3d72aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7dadc21663ebdafc72da03f943b4804b941dcbca7f913e64c79126d163c383bcfb9df3f1477fe425b0bcf92d4d26f9913f82be50eb0102419457459a8d95c8d0fb8427d821c685b6867ffe6a373b9f7c3d86d89c5e229da83deb07e0d315c539ef6d454845c13aff558d96f531f886789f5cc1a89c95278e191c3eb31e03503e112889ec73b341d3dc9723b5de3dbdd0629a83e3be25cff0a91f6a7d9ce25b47cdbc045642acacee74b828cdbb2fb3b97bec38d9658759c609c5b42e914854b8f7c7387b46341120194105b6f3ce30c008dc44525e2ff9b253dc9a1e10fdbbd6a6a16fc5e4f8e180f8aeed56493cff5b9bb55f6a9f5e661dd77f40776cf416b3644d87b295718072d63b8aad24cabf0e9f7b0c273e471d57999da387432606f27a2df1b783a9acd81040c7e4af7784ce6d7adeda153b6aff91da503fc556c50ddd6fe159da15de9b479dbf77f0879a96dd1e36fdea29629c77a085b7ac159a6c37101be0171651c0d60cc6b576afedd3aa1797959b214c7711ac37c068b647f0c5308438433d536e2c3bb026d1d26211e0309ec5a0628090139e7e72b3032879ddfadb0959e76de7ce4d8b153b0156ae7b71c0bddd368e0b6286974ce28c8ced8a43c64f0a6146b0652f0cd9cc5040a865a487815fd38cbf550422f5782a5e55935405ab&cri=RrfMnQVoM5&ts=374&cb=1687736037094
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 1c4c02c6-b7a9-47d6-b760-46ed976e38e5
https://mtbsecurityalert.myftp.org/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mtbsecurityalert.myftp.org/1c4c02c6-b7a9-47d6-b760-46ed976e38e5
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372ffb83021104e6f3e58b5b7884cb8ce34bd14a2b4e5b37529861ae888ce166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
H2 200 290387871401930 Show response
connect.facebook.net/signals/config/ 74 KB
21 KB 57ms
57ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/290387871401930?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

300d6f7a71e21db6a07bcddca872e7fd8cbb26a8cf0bf9b391c34c7b270fd6fd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: j+BSZt+ViHmCqukX1UHFm/jMP6Y5w+Q4CffelTSbGZN4osnV+wnAWFeEYqt4p/x9lAQwuqpszrg/wI2rEzyxjg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3100::1735:28c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=18431
accept-ranges: bytes
content-length: 4807

GET
H2 204 5564484.js Show response
bat.bing.com/p/action/ 0
118 B 99ms
98ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5564484.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 25 Jun 2023 23:33:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A0C8A81CEF9421A94D4B3C05B24E9B4 Ref B: FRAEDGE1314 Ref C: 2023-06-25T23:33:57Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
230 B 81ms
80ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5564484&Ver=2&mid=80942af5-c199-4b25-8d5d-1791ba37bf7f&sid=c12e8b4013b011ee887b19af8c24e9ca&vid=c12edc7013b011ee85fc7599474f56a2&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&r=&lt=2268&evt=pageLoad&sv=1&rn=811564

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 25 Jun 2023 23:33:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 243FDC9633BB4F34BC3F703544552932 Ref B: FRAEDGE1314 Ref C: 2023-06-25T23:33:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
288 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5564484&Ver=2&mid=80942af5-c199-4b25-8d5d-1791ba37bf7f&sid=c12e8b4013b011ee887b19af8c24e9ca&vid=c12edc7013b011ee85fc7599474f56a2&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=760542

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 25 Jun 2023 23:33:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 618C77B300FA4F3D9964951DB505F4A9 Ref B: FRAEDGE1314 Ref C: 2023-06-25T23:33:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 331000312.js Show response
bat.bing.com/p/action/ 0
119 B 105ms
105ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/331000312.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 25 Jun 2023 23:33:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8DB9F5C395EC4C20A4FCFB2F36DF5819 Ref B: FRAEDGE1314 Ref C: 2023-06-25T23:33:57Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
230 B 74ms
74ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=331000312&Ver=2&mid=d7978d29-6c36-4457-845f-85ff898dab57&sid=c12e8b4013b011ee887b19af8c24e9ca&vid=c12edc7013b011ee85fc7599474f56a2&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&r=&lt=2268&evt=pageLoad&sv=1&rn=914570

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 25 Jun 2023 23:33:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A073E798FA442448A1EDFB026F57E09 Ref B: FRAEDGE1314 Ref C: 2023-06-25T23:33:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10087193.json Show response
s.yimg.com/wi/config/ 2 B
253 B 165ms
123ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10087193.json

Requested by

Host: onlinebanking.mtb.com
URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 530ZWB72D6PTQG69
age: 0
content-length: 22
x-amz-id-2: Vw3NqHapiy4sc6O9EjT4XZTB7sVPWk8J6hdjNkqyOLUWKuU8sJo74BgdcLMvDackLZZrDEdYbzc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10108773.json Show response
s.yimg.com/wi/config/ 2 B
450 B 65ms
23ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10108773.json

Requested by

Host: onlinebanking.mtb.com
URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:47:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: V1WPDVX8NPRAK19E
age: 2798
content-length: 2
x-amz-id-2: r2COYzRLg7Ew2ZHKlR3nAMrympejtvvSj/lbMBBuGZpa1cKULcYB2r8oKMexjxAmiYJ2TomkQ+k=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/66618/domain/mtbsecurityalert.myftp.org/ 36 B
369 B 208ms
154ms XHR
application/json 2600:9000:20eb:1a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/66618/domain/mtbsecurityalert.myftp.org/token
Requested by: Host: onlinebanking.mtb.com
URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://mtbsecurityalert.myftp.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: ww9_RPSjhO_Sqv5Zgb0Py7Bx-1oA3cOL2QKnV2M5EUO2jT1LYS5n8Q==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66618%26time%3D1687736037154%26url%3Dhttps%253A%252F%252Fmtbsecurityalert.myftp.o...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQLNdKFpJJD6DAAAAYj06DH7A1yqfMrQTb4M...

0
266 B

220ms
176ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQLNdKFpJJD6DAAAAYj06DH7A1yqfMrQTb4MKysOrVnn2g1XeAex94d0cyGz_Tg783wD9yJH
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5A3371405FBC430DB1B417174566D8F0 Ref B: FRAEDGE1907 Ref C: 2023-06-25T23:33:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX+/KsGhIiWAk9s/2bKww==

Redirect headers

date: Sun, 25 Jun 2023 23:33:57 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 37BD8DCA62A24A5083FBD73EF2AA3A21 Ref B: FRAEDGE1316 Ref C: 2023-06-25T23:33:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1687736037154&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQLNdKFpJJD6DAAAAYj06DH7A1yqfMrQTb4MKysOrVnn2g1XeAex94d0cyGz_Tg783wD9yJH
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX+/KsDJvpaO4/izFXELg==

GET
H3 200 293418718495934 Show response
connect.facebook.net/signals/config/ 150 KB
42 KB 107ms
107ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/293418718495934?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fdd804adb1f70945628d001730067b4e2ecd8dd662ab63c416f4b844d0c1128

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 5UySafnMXlwi/keylDAlUA98gEDxeSSOS/fUwedV4rJ6RGPxdohcItauxPK9AnGYXw+dPFuQfdkcC10P2UpFUw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 53ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=290387871401930&ev=PageView&dl=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&rl=&if=false&ts=1687736037182&sw=1600&sh=1200&v=2.9.109&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.2.1687736037181.492733433&it=1687736037109&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 1994534667524888 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 60ms
59ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1994534667524888?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d6c886d559b279734ef2067b3d4288d244a9f54eb182e4ae19f65a0e075e3d9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: uaXWYDy508HkKdE9k/YKfoY8W/pVy6a3EBGF2RIvsPV71PCBp2SB/PcffJICEPHjceUvWK5FBObvHAdg87J1uQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=293418718495934&ev=PageView&dl=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&rl=&if=false&ts=1687736037304&sw=1600&sh=1200&v=2.9.109&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.2.1687736037181.492733433&cs_est=true&it=1687736037109&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-948713993&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

169f6117b0d300246675d16d69feab16d675ba140453f3b9a79f0a666ea269a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70849
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Jun 2023 23:33:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/ 3 KB
1 KB 166ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=1687736037324&cv=11&fst=1687736037324&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59bcdf2b1a69e4354c28acea1562303a03890fb699bcd7cb04dfee9a949236ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/ 3 KB
1 KB 164ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=1687736037336&cv=11&fst=1687736037336&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fb42aac3ac44d08d1f19b9e24699df82d6cbe6ece32a15fb6ac2a812356fa27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
92 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f7c06e9e3644bd5c5aafff14e3d32da9f876969fc25fd3e91b4cc42c1964986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Jun 2023 23:33:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/ 3 KB
2 KB 157ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=1687736037340&cv=11&fst=1687736037340&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

434b9ce5fbe0d95e8da33ce62a62c9b95627e20c24a4e6d2b329a3066dfd1d8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1356
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/875517505/ 3 KB
2 KB 164ms
51ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/875517505/?random=1687736037344&cv=11&fst=1687736037344&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

cd22e626249425b3cc60069abc688241f46539e12c75bce4359a97cdb40441b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1622
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 127ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2025%20Jun%202023%2023%3A33%3A57%20GMT&n=0&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&enc=UTF-8&yv=1.15.0&et=custom&tagmgr=tealium%2Cgtm

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Jun 2023 23:33:57 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
636 B 125ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10087193&f=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&enc=UTF-8&yv=1.15.0&tagmgr=tealium%2Cgtm

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Jun 2023 23:33:57 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 126ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&enc=UTF-8&yv=1.15.0&et=custom&tagmgr=tealium%2Cgtm

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Jun 2023 23:33:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/ 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/?random=1687736037365&cv=11&fst=1687736037365&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-948713993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cd3793dbbe08c6071df3d2709300bb2db9ad94ab075d2999372c1032cf78f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
263 B 48ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0&gtm=45je36l0&_p=847274012&_gaz=1&gdid=dYmQxMT&cid=2102989485.1687736037&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687736037&sct=1&seg=0&dl=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=1NBdu9MyXkwGvu5S&ep.channelmix_event_id=1NBdu9MyXkwGvu5S&ep.channelmix_conv_id=1NBdu9MyXkwGvu5S-1NBdu9MyXkwGvu5S
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mtbsecurityalert.myftp.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
263 B 70ms
18ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZTNQ6ZK8T0&cid=2102989485.1687736037&gtm=45je36l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mtbsecurityalert.myftp.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 125ms
46ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=2102989485.1687736037&gtm=45je36l0&aip=1&z=930398961

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
55 B 29ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0&gtm=45je36l0&_p=847274012&gdid=dYmQxMT&cid=2102989485.1687736037&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1687736037&sct=1&seg=0&dl=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=CQ&_ee=1&_et=4&up.cq_category=bots
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mtbsecurityalert.myftp.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=290387871401930&ev=CHEQ&dl=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&rl=&if=false&ts=1687736037478&sw=1600&sh=1200&v=2.9.109&r=stable&a=tmtealium&ec=1&o=28&fbp=fb.2.1687736037181.492733433&it=1687736037109&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=293418718495934&ev=CHEQ&dl=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&rl=&if=false&ts=1687736037478&sw=1600&sh=1200&v=2.9.109&r=stable&a=tmtealium&ec=1&o=28&fbp=fb.2.1687736037181.492733433&it=1687736037109&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1994534667524888&ev=CHEQ&dl=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&rl=&if=false&ts=1687736037479&sw=1600&sh=1200&v=2.9.109&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.2.1687736037181.492733433&it=1687736037109&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 41ms
8ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.49.202006232100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230109-FRA

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 7ms
7ms Script
application/javascript 2600:9000:225e:c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/main/202306202112&cb=1687736037494
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sun, 25 Jun 2023 23:32:51 GMT
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 67
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: RSsRaf_EzGVstMb4q72RW3geInNUgFqjZlV4oWjovdaDgzRA6x2wmw==

GET
H/1.1 200
OK is Show response
18.210.229.244/ 32 B
437 B 450ms
113ms Fetch
text/plain 18.210.229.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://18.210.229.244/is
Requested by: Host: onlinebanking.mtb.com
URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.210.229.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-229-244.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 616e538683a31b1d929d58af916bcb8ca2a91f934b56a5f0ff11734491b589df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:57 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2 200 /
www.google.com/pagead/1p-user-list/875517505/ 42 B
109 B 142ms
56ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875517505/?random=1687736037340&cv=11&fst=1687734000000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3267944816&rmt_tld=0&ipr=y

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/875517505/ 42 B
109 B 104ms
48ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/875517505/?random=1687736037340&cv=11&fst=1687734000000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3267944816&rmt_tld=1&ipr=y

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/875517505/ 42 B
109 B 135ms
54ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875517505/?random=1687736037324&cv=11&fst=1687734000000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=165959059&rmt_tld=0&ipr=y

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/875517505/ 42 B
155 B 77ms
47ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/875517505/?random=1687736037324&cv=11&fst=1687734000000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=165959059&rmt_tld=1&ipr=y

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
132 B 112ms
111ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: onlinebanking.mtb.com
URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mtbsecurityalert.myftp.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mtbsecurityalert.myftp.org
date: Sun, 25 Jun 2023 23:33:57 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 /
www.google.com/pagead/1p-user-list/875517505/ 42 B
456 B 111ms
51ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875517505/?random=1687736037336&cv=11&fst=1687734000000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3674338044&rmt_tld=0&ipr=y

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/875517505/ 42 B
109 B 65ms
48ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/875517505/?random=1687736037336&cv=11&fst=1687734000000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3674338044&rmt_tld=1&ipr=y

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/875517505/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=1100905546&cv=11&fst=1687736037344&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbs...
https://www.google.com/pagead/1p-conversion/875517505/?random=1100905546&cv=11&fst=1687736037344&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.or...
https://www.google.de/pagead/1p-conversion/875517505/?random=1100905546&cv=11&fst=1687736037344&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org...

42 B
109 B

73ms
72ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/875517505/?random=1100905546&cv=11&fst=1687736037344&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh5YzVKdXl6QUhzR1lZa09LVkxZOFFyVmVwMWF0b0x3RDJGRjNpOHJfNUllQncaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU04djlPeWxfOVRiX2I0MHpyZ2F2MkdIRHctR3UwOEdoNjRRUmNZbUFiWHBMRE5WWGwwX2xxQllCZyITCJXl89fK3_8CFbrPuwgdIrEF3A&is_vtc=1&ocp_id=5c6YZNXeHLqf7_UPouKW4A0&cid=CAQSKQBygQiDmH7hwYWmdz7yPvsPpttPEMXWKsQZmui2sY-jtR2cWlEecK_K&random=72052511&ipr=y

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/875517505/?random=1100905546&cv=11&fst=1687736037344&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=1620018496.1687736037&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh5YzVKdXl6QUhzR1lZa09LVkxZOFFyVmVwMWF0b0x3RDJGRjNpOHJfNUllQncaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU04djlPeWxfOVRiX2I0MHpyZ2F2MkdIRHctR3UwOEdoNjRRUmNZbUFiWHBMRE5WWGwwX2xxQllCZyITCJXl89fK3_8CFbrPuwgdIrEF3A&is_vtc=1&ocp_id=5c6YZNXeHLqf7_UPouKW4A0&cid=CAQSKQBygQiDmH7hwYWmdz7yPvsPpttPEMXWKsQZmui2sY-jtR2cWlEecK_K&random=72052511&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948713993/ 42 B
109 B 91ms
52ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948713993/?random=1687736037365&cv=11&fst=1687734000000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2566382430&rmt_tld=0&ipr=y

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948713993/ 42 B
109 B 49ms
47ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948713993/?random=1687736037365&cv=11&fst=1687734000000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&frm=0&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2566382430&rmt_tld=1&ipr=y

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
379 B 156ms
111ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=deed5080-45c7-4ff4-beef-c08305562430&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ec7d12f8-c321-4573-a0cc-3c8734247d90&tw_document_href=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvk8o&type=javascript&version=2.3.29

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 25 Jun 2023 23:33:57 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6f6b982b759defd9
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2b7a34cf752d7e13c45b1b966a1bdd78d5e04f326c6d7be84aff6e3718637227
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 182ms
124ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=deed5080-45c7-4ff4-beef-c08305562430&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ec7d12f8-c321-4573-a0cc-3c8734247d90&tw_document_href=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvk8o&type=javascript&version=2.3.29

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 110
date: Sun, 25 Jun 2023 23:33:57 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: cbabc6103749e16a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: bf334f5bc54fe3f5582360425077267c8c1e702bf56c8dfe065b6f3dcf228900
content-length: 43

GET
H2 200 25028cba0dd99983
pixel.sitescout.com/up/ 43 B
267 B 73ms
22ms Image
image/gif 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/25028cba0dd99983?cntr_url=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:33:57 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1994534667524888&ev=Microdata&dl=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&rl=&if=false&ts=1687736037981&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center%22%2C%22meta%3Adescription%22%3A%22Click%20here%20to%20log%20in%20to%20M%26T%20Online%20Banking%2C%20M%26T%20Online%20Banking%20for%20Business%2C%20or%20M%26T%20Commercial%20Treasury%20Center.%22%7D&cd[OpenGraph]=%7B%22article%3Apublished_time%22%3A%222022-11-10T20%3A09%3A17%2B0000%22%2C%22article%3Amodified_time%22%3A%222022-11-10T15%3A01%3A34%2B0000%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.109&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.2.1687736037181.492733433&it=1687736037109&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Jun 2023 23:33:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
40 B 113ms
112ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: onlinebanking.mtb.com
URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mtbsecurityalert.myftp.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mtbsecurityalert.myftp.org
date: Sun, 25 Jun 2023 23:33:58 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
16 B 112ms
112ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: onlinebanking.mtb.com
URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mtbsecurityalert.myftp.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mtbsecurityalert.myftp.org
date: Sun, 25 Jun 2023 23:33:58 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
BLOB 200
OK 52742e0d-e22e-4b93-bb4d-a2f72ba27477
https://mtbsecurityalert.myftp.org/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mtbsecurityalert.myftp.org/52742e0d-e22e-4b93-bb4d-a2f72ba27477
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26d9f2c6032180a4a5a0db4985dbe6d3385516ea8bb0d21cff9e60a32b341877

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

GET clientlib-base.css
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/ Frame D94F 0
0

GET
H2 200 / Show response
mtb-app.quantummetric.com/ Frame D94F 0
656 B 361ms
113ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?QUANTUM_WARNING=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&CORS_LINK=https%3A%2F%2Fwww3.mtb.com%2Fetc.clientlibs%2Fmtb-web%2Fclientlibs%2Fclientlib-base.css&hit=undefined&s=null

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Jun 2023 23:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://mtbsecurityalert.myftp.org
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 / Show response
mtb-app.quantummetric.com/ Frame D94F 90 B
920 B 114ms
114ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&t=1687736038310&v=1687736039452&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

09d1e56944f615af0bc9fa39bc1a1f2d87823c5ee6fe55e2f2207c7332028020

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Jun 2023 23:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mtbsecurityalert.myftp.org
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 200 / Show response
mtb-app.quantummetric.com/ Frame D94F 0
655 B 205ms
205ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&t=1687736038310&v=1687736039454&z=1&Q=1&Y=1&X=a580b7e919484333e21010832fd3e31a

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Jun 2023 23:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://mtbsecurityalert.myftp.org
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 200 / Show response
mtb-app.quantummetric.com/ Frame D94F 28 B
741 B 114ms
113ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?s=b74bf1279e992b2837b738698c2a84b9&H=7c291cabbd38c00a353d0613&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mtbsecurityalert.myftp.org
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 200 / Show response
mtb-app.quantummetric.com/ Frame D94F 0
655 B 114ms
113ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&t=1687736038310&v=1687736039699&H=7c291cabbd38c00a353d0613&s=b74bf1279e992b2837b738698c2a84b9&U=0a2670a28d827c9535f4fd93be49972a&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Jun 2023 23:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://mtbsecurityalert.myftp.org
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 / Show response
mtb-app.quantummetric.com/ Frame D94F 0
655 B 114ms
114ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&t=1687736038310&v=1687736039825&H=7c291cabbd38c00a353d0613&s=b74bf1279e992b2837b738698c2a84b9&z=1&S=1186&N=6&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Jun 2023 23:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://mtbsecurityalert.myftp.org
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 112ms
111ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: onlinebanking.mtb.com
URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mtbsecurityalert.myftp.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mtbsecurityalert.myftp.org
date: Sun, 25 Jun 2023 23:34:00 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 hash-check Show response
rl.quantummetric.com/mtb/ Frame D94F 2 B
235 B 352ms
119ms XHR
text/plain 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/mtb/hash-check

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Jun 2023 23:34:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://mtbsecurityalert.myftp.org
access-control-allow-credentials: true
content-length: 2

OPTIONS
H2 200 hash-check
rl.quantummetric.com/mtb/ Frame 0
0 374ms
122ms Preflight 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/mtb/hash-check

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mtbsecurityalert.myftp.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: https://mtbsecurityalert.myftp.org
content-length: 0
date: Sun, 25 Jun 2023 23:34:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 744ms
184ms Script
application/javascript 44.235.191.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?shpt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&ga_info=%7B%22status%22%3A%22One%20or%20more%20failures%22%2C%22shpt%22%3A%22Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center%22%2C%22dcm_cid%22%3A%222102989485.1687736037%22%2C%22mntnis%22%3A%2250AKZReKpP5sncnSRIiIdWXY8O6jd99L%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getTrackingIdByGA%22%3A%22FAILED%22%2C%22getTrackingIdByOther1%22%3A%22FAILED%22%2C%22getTrackingIdByOther2%22%3A%22FAILED%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=2102989485.1687736037&hardcoded_ga=&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cb=38037256052911240
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cb=38037256052911240
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-191-156.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 2589bcf1d3972aacc416bc1f392745ef165d8ba0668e78d4dd9d55d10d723f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:34:01 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 2
connection: close

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 787ms
191ms Script
application/javascript 35.81.162.201

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.162.201 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: 25d3b07f771038af388d75b2b508651e203ce33dbd7de2df0c042540d45e08ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:34:01 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 578ms
208ms Script
application/javascript 44.235.191.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?shpt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&ga_info=%7B%22status%22%3A%22One%20or%20more%20failures%22%2C%22shpt%22%3A%22Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center%22%2C%22dcm_cid%22%3A%222102989485.1687736037%22%2C%22mntnis%22%3A%2250AKZReKpP5sncnSRIiIdWXY8O6jd99L%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getTrackingIdByGA%22%3A%22FAILED%22%2C%22getTrackingIdByOther1%22%3A%22FAILED%22%2C%22getTrackingIdByOther2%22%3A%22FAILED%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=2102989485.1687736037&hardcoded_ga=&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&cb=1687736041166669&shguid=a421e065-3ac2-305b-8645-f00f98daa12c&shgts=1687736041960
Requested by: Host: mtbsecurityalert.myftp.org
URL: https://mtbsecurityalert.myftp.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-191-156.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:34:02 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 13
connection: close

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 112ms
111ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: onlinebanking.mtb.com
URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mtbsecurityalert.myftp.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mtbsecurityalert.myftp.org
date: Sun, 25 Jun 2023 23:34:02 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0&gtm=45je36l0&_p=847274012&gdid=dYmQxMT&cid=2102989485.1687736037&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1687736037&sct=1&seg=0&dl=https%3A%2F%2Fmtbsecurityalert.myftp.org%2F&dt=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtbsecurityalert.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 23:34:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mtbsecurityalert.myftp.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mtbsecurityalert.myftp.org/	1970-01-20 21:34:32	Name: bmuid Value: 1687736035946-84D20928-AB3B-4CCB-A099-CE54246CC010
mtbsecurityalert.myftp.org/	1970-01-20 12:48:56	Name: cdSessionId Value: 4d7a688d-db09-4770-b1bf-7cad1beb0cfb
.mtbsecurityalert.myftp.org/	1969-12-31 23:59:59	Name: cdContextId Value: 2
.locations.mtb.com/	1970-01-20 12:48:57	Name: __cf_bm Value: cJpNqrAfgvSrNOMHpz8LNOQu1pN54Th51f8bpz3ZKDQ-1687736036-0-AZ+EkApk2hTc29NgoBDrUOSNF+Z3pUV1BkCB8xfMxSPJN/afK7sl0wojAwslLErF75jIVMHxmgl5VXZuioVq2ac=
.mtbsecurityalert.myftp.org/	1970-01-20 12:48:59	Name: cdSNum Value: 1687736036342-sjn0000209-6bff32da-12e1-43bb-aae9-e62bb35b9641
obs.segreencolumn.com/	1970-01-20 20:52:46	Name: cg_uuid Value: 7e476043d026efba3652478c73dc50f4
.mtbsecurityalert.myftp.org/	1970-01-20 12:50:22	Name: _uetsid Value: c12e8b4013b011ee887b19af8c24e9ca
.mtbsecurityalert.myftp.org/	1970-01-20 22:10:32	Name: _uetvid Value: c12edc7013b011ee85fc7599474f56a2
.mtbsecurityalert.myftp.org/	1970-01-20 14:58:32	Name: _fbp Value: fb.2.1687736037181.492733433
.bing.com/	1970-01-20 22:10:32	Name: MUID Value: 019E2DC5ADEF60F433703EFEAC3D6137
.mtbsecurityalert.myftp.org/	1970-01-20 14:58:32	Name: _gcl_au Value: 1.1.1620018496.1687736037
.linkedin.com/	1970-01-20 14:58:32	Name: li_sugr Value: a1775b13-41b8-4b0f-8dce-ec001f962678
.linkedin.com/	1970-01-20 21:34:32	Name: bcookie Value: "v=2&6d673781-28fd-4f3e-8cde-7a4432ed78a9"
.linkedin.com/	1970-01-20 12:50:22	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2907:u=1:x=1:i=1687736037:t=1687822437:v=2:sig=AQG1kiXl8wA-D6b4hBbCr-WkI4GY8s3H"
mtbsecurityalert.myftp.org/	1970-01-20 12:50:22	Name: ln_or Value: eyI2NjYxOCI6ImQifQ%3D%3D
.mtbsecurityalert.myftp.org/	1970-01-20 22:24:56	Name: _ga Value: GA1.1.2102989485.1687736037
.mtbsecurityalert.myftp.org/	1970-01-20 22:24:56	Name: _ga_ZTNQ6ZK8T0 Value: GS1.1.1687736037.1.0.1687736037.60.0.0
.yahoo.com/	1970-01-20 21:34:53	Name: A3 Value: d=AQABBOXOmGQCEM6i80iayiAhMDiqD7wtZL8FEgEBAQEgmmSiZOANyiMA_eMAAA&S=AQAAAqPDdaGopi2NlyaqIXimYIY
.doubleclick.net/	1970-01-20 22:10:32	Name: IDE Value: AHWqTUkwV1Vt54TNORWCbfzKR_BskhNY09CivmsiOx0KVh5ZYENoXx_LBTzSspDg
.linkedin.com/	1970-01-20 13:32:08	Name: UserMatchHistory Value: AQK9XZERIoR9hQAAAYj06DB6bteTbCEjHuQOpT-pXD2E1z3xDZOXubCNdq6E02Uh5BUsywr1ttTFVg
.linkedin.com/	1970-01-20 13:32:08	Name: AnalyticsSyncHistory Value: AQK_qNsMOCaWAwAAAYj06DB6Nai_UxpV1CBgZ_bOCI0HJ5IVFPyXr-wIxUVVYhnT-gBbpSPCQYbhlBcAVt6BKQ
.t.co/	1970-01-20 22:24:56	Name: muc_ads Value: fa1e815e-46ec-4f10-9416-f76977269505
.www.linkedin.com/	1970-01-20 21:34:32	Name: bscookie Value: "v=1&20230625233357a9072a4b-d9e2-4001-8103-82170c091c90AQES893wsWcorazbBBQV84Q3Ycl_zlpw"
.linkedin.com/	1970-01-20 17:08:08	Name: li_gc Value: MTswOzE2ODc3MzYwMzc7MjswMjH3wdVbzAPeiwgVYZiPCoPKUxLuRx+oBWB1QCS22BTkcQ==
.twitter.com/	1970-01-20 22:24:56	Name: personalization_id Value: "v1_ClrwLfJTyzbXwxBBFdfJNg=="
mtb-app.quantummetric.com/	1969-12-31 23:59:59	Name: s Value: b74bf1279e992b2837b738698c2a84b9
mtb-app.quantummetric.com/	1970-01-20 21:34:32	Name: U Value: 0a2670a28d827c9535f4fd93be49972a
.mtbsecurityalert.myftp.org/	1970-01-20 12:48:57	Name: QuantumMetricSessionID Value: b74bf1279e992b2837b738698c2a84b9
.mtbsecurityalert.myftp.org/	1970-01-20 21:34:32	Name: QuantumMetricUserID Value: 0a2670a28d827c9535f4fd93be49972a
.mountain.com/	1970-01-20 22:24:56	Name: guid Value: c3968f58-13b0-11ee-8a65-df10e60e40c2

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://mtbsecurityalert.myftp.org/(Line 1398) Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff' from origin 'https://mtbsecurityalert.myftp.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mtbsecurityalert.myftp.org/(Line 1398) Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff' from origin 'https://mtbsecurityalert.myftp.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mtbsecurityalert.myftp.org/(Line 1440) Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff' from origin 'https://mtbsecurityalert.myftp.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mtbsecurityalert.myftp.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff' from origin 'https://mtbsecurityalert.myftp.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff Message: Failed to load resource: net::ERR_FAILED
rendering	warning	URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
javascript	error	URL: https://mtbsecurityalert.myftp.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff' from origin 'https://mtbsecurityalert.myftp.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff Message: Failed to load resource: net::ERR_FAILED
rendering	warning	URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
javascript	error	URL: https://mtbsecurityalert.myftp.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff' from origin 'https://mtbsecurityalert.myftp.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff Message: Failed to load resource: net::ERR_FAILED
worker	verbose	URL: blob:https://mtbsecurityalert.myftp.org/1c4c02c6-b7a9-47d6-b760-46ed976e38e5(Line 1) Message: Error
javascript	error	URL: about:blank Message: Access to CSS stylesheet at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css' from origin 'https://mtbsecurityalert.myftp.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1.b406929acabac9b095f124c81bdfcf57f.com
1.c81358859121583b7adf2ace89cb39f44.com
analytics.twitter.com
api4921.d41.co
bat.bing.com
cdn-0.d41.co
cdn.linkedin.oribi.io
cdn.quantummetric.com
cdnjs.cloudflare.com
connect.facebook.net
dx.mountain.com
googleads.g.doubleclick.net
gs.mountain.com
locations.mtb.com
mtb-app.quantummetric.com
mtbsecurityalert.myftp.org
ob.segreencolumn.com
obs.segreencolumn.com
onlinebanking.mtb.com
pixel.sitescout.com
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
region1.analytics.google.com
rl.quantummetric.com
s.yimg.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.tiqcdn.com
up.pixel.ad
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www3.mtb.com
www3.mtb.com
104.244.42.131
104.244.42.133
13.107.42.14
142.250.185.66
146.75.116.157
178.79.242.16
18.210.229.244
18.66.122.58
2001:4860:4802:32::36
212.82.100.181
24.75.29.69
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:2057:9600:b:2146:1340:93a1
2600:9000:20eb:1a00:2:53b2:240:93a1
2600:9000:21f3:fe00:1e:54f1:26c0:93a1
2600:9000:2250:ac00:13:ab57:d440:93a1
2600:9000:225e:c00:7:2bfb:7c00:93a1
2600:9000:2490:4000:18:15b9:5a80:93a1
2600:9000:2490:c600:a:6cdf:4440:93a1
2606:4700:10::6816:35fc
2606:4700::6811:180e
2606:4700::6812:7434
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0a::9c
2a02:26f0:3100::1735:28c0
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.66.3.160
34.72.33.225
35.81.162.201
44.209.137.118
44.235.191.156
54.175.158.142
79.141.173.183
98.98.134.243
03cc12570299da2da582ed1f055f77f31f7d77899f1ada7ced1dfeea50068298
09d1e56944f615af0bc9fa39bc1a1f2d87823c5ee6fe55e2f2207c7332028020
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
0cd3793dbbe08c6071df3d2709300bb2db9ad94ab075d2999372c1032cf78f8c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f8cf242bf9f45dd47ce3cd9344ea1415d5a9e95b98ef6557a5eaf973a446fb5
0fb42aac3ac44d08d1f19b9e24699df82d6cbe6ece32a15fb6ac2a812356fa27
0fdd804adb1f70945628d001730067b4e2ecd8dd662ab63c416f4b844d0c1128
11fde77846300adaafcf48b5958b04bc7742a609139209ec3b0dddde0ac4a17b
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
169f6117b0d300246675d16d69feab16d675ba140453f3b9a79f0a666ea269a6
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
214ff4ff3b58301ae203976343469f27e626a7dbfac984ed87d9fdf040746201
21d4a80744b439cb8dd504b6d5f1dd6fd9fe1ddcca9e46ab98d156f51e893c1b
2589bcf1d3972aacc416bc1f392745ef165d8ba0668e78d4dd9d55d10d723f6d
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
25d3b07f771038af388d75b2b508651e203ce33dbd7de2df0c042540d45e08ae
26d9f2c6032180a4a5a0db4985dbe6d3385516ea8bb0d21cff9e60a32b341877
2c0a2ce8298a1cb81ae33e80cb4b4cb98fc9b319229add5dacadf2eb8dfafc61
300d6f7a71e21db6a07bcddca872e7fd8cbb26a8cf0bf9b391c34c7b270fd6fd
30cc0f7387758a7968700c9f94164bee74947f185a73b8e7b56ee28dfab35307
372ffb83021104e6f3e58b5b7884cb8ce34bd14a2b4e5b37529861ae888ce166
3d6c886d559b279734ef2067b3d4288d244a9f54eb182e4ae19f65a0e075e3d9
3e37c097abfd5008fcec62eda895ffb51133f44ac1a703c5292686ea2b7f6521
41b31b2ea1ca3dd08459f4dd48324fdbae66c9f9a91681e4ef6cc0cf6bf67ab0
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
434b9ce5fbe0d95e8da33ce62a62c9b95627e20c24a4e6d2b329a3066dfd1d8c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44dcbf43dacaa97b37e8a5979617c1eed7431d180ee242fa5be8c939a99f88fd
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3
4a90371c52eb6313b34531d9a81df1fff265100eacb87585cf96bae4a96295a8
4be361a3bad89164bd790e478df021d31cee779f1b55e7f9cc30ecf43bf3398a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
553084bcec2eb2972e62654cc0285906137749ac89fa5b9875f766c05768c5e0
59bcdf2b1a69e4354c28acea1562303a03890fb699bcd7cb04dfee9a949236ba
60f064cd48214cb73f54404a2eda28d731f49bf853509d47da070174784e11b9
616e538683a31b1d929d58af916bcb8ca2a91f934b56a5f0ff11734491b589df
62c7a62b05196ff971ed4e0caf2d269422a612e077f6f4d402c936d4dc93615a
651f710f6c0a455e0ab059369a8fd7972fb9236c9f8ee58592282b590c53dc77
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
6a1fa20a744a18629441f9e4b48e310b30023477b8a8561f76c9db20b7e8e3de
6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720
7019b0287198e884a7dd3c196e60267a0d75478c90b456844c5465e7301a247a
7146e4edda9b9a7502b1b6935983787c3bba8a34a95cebde1577409a9e33cd54
726b3a02a2ece846145c3f042e182c604e7d1efbb35a35caa3512608a0ce5e57
74b2301f83da81152130c5ada202f02c790977b4fe669ed0b6c0b59ffba63174
7739c5bccbfbac98c110b25d526de57bc8f44cfb47fbb990117988a9d7c2ec88
77cf16e1867991ea4ed7fb6d470e613528693de636fb0f1352936cc480e180ae
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
828f6c87253cf13ec4d3cb6be4374e5403dce50c0963d4e17c2417fd5674796a
856a1e73956e20dcf21c21234ab1dfee59a119e0a2afe618234bc5424e013991
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
9f7c06e9e3644bd5c5aafff14e3d32da9f876969fc25fd3e91b4cc42c1964986
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afcd2ef962f6da03849a7160d636c30e9e11840160a7445eaa76682feafeac2a
b0b577245b1fd7be3bcaf0f7c59ed5803e0067b2cd93aeb28beee93c4fc41226
b3ac54871f3ef8e5dc30b4cbeff418688b5860e7f8ab62ace4e8904e2f455c9f
b60128d066e656ac5ff2434c57f8c77ef7f6fb0b666ddd344d027cd26afc3b86
c0502ad262d50bbaf9aa2a89b56decb38e061e6b45bc167cbb227eefaa057cdc
cd22e626249425b3cc60069abc688241f46539e12c75bce4359a97cdb40441b9
cdd596ad803da277a633da49dd1c73df472137945d7128436a5b77affb609bfe
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d59f3d120f9a2a9147d19c1a573b7d829977630c10ae5b456a25d8a3b03bce50
d649b34216ef1c7d1b0b5805fdb73a76f04f046bf1c1995868cfc1ad8022e3de
e24f451a1bab01a5acbbed619264b335bc9a1c42eab28fb7d464ca11d34bc6b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4164edd6af46ad5e9c02a482bdcd2a9c3e9eb199cee06bcd12cc751ce73de87
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f63bbe8fa84707f1cbeac2739ae18fcd047f4fd4533e342d3dc8bfe5187229c2

mtbsecurityalert.myftp.org Open in urlscan Pro 79.141.173.183 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

126 Requests

90 %HTTPS

56 %IPv6

29 Domains

41 Subdomains

41 IPs

5 Countries

1496 kBTransfer

5276 kBSize

30 Cookies

72 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mtbsecurityalert.myftp.org Open in urlscan Pro
79.141.173.183 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

90 %
HTTPS

56 %
IPv6

29
Domains

41
Subdomains

41
IPs

5
Countries

1496 kB
Transfer

5276 kB
Size

30
Cookies

126 HTTP transactions
1 data transactions