infocons.ro Open in urlscan Pro
2606:4700:3034::ac43:9d46 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://infocons.ro/mt3/rdr/
Effective URL:
https://infocons.ro/mt3/rdr/
Submission: On November 14 via manual (November 14th 2022, 7:06:22 am UTC) from RO — Scanned from DE

Summary HTTP 41 Redirects Links 77 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3034::ac43:9d46, located in United States and belongs to CLOUDFLARENET, US. The main domain is infocons.ro.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2022. Valid for: a year.

This is the only time infocons.ro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:861	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2606:4700:303... 2606:4700:3034::ac43:9d46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
41	2

1 2606:4700:3031::6815:861 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

infocons.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:3034::ac43:9d46 (United States)

ASN13335 (CLOUDFLARENET, US)

infocons.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	infocons.ro 1 redirects infocons.ro	360 KB
10	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
41	2

	Domain	Requested by
32	infocons.ro	1 redirects infocons.ro
10	www.google.com	infocons.ro
41	2

This site contains links to these domains. Also see Links.

Domain
www3.mtb.com
library.mtb.com
locations.mtb.com
onlinebanking.mtb.com
myaccountviewonline.com
commercialservices.mtb.com
weborders.brinksinc.com
www.centresuite.com
www.youraccessone.com
www.mtbsupplierpay.com
asset.mtb.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://infocons.ro/mt3/rdr/
Frame ID: E3A9D79B78056E1C5024847D3E782A2F
Requests: 40 HTTP requests in this frame

Frame: https://infocons.ro/mt3/rdr/index_files/saved_resource.html
Frame ID: C84C43E27931EE3F369889EC5DFC4D3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Recover your M&T Online BankingNavigation Menu

Page URL History Show full URLs

http://infocons.ro/mt3/rdr/ HTTP 301
https://infocons.ro/mt3/rdr/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*aem-Grid

Page Statistics

41
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

361 kB
Transfer

774 kB
Size

1
Cookies

77 Outgoing links

These are links going to different origins than the main page.

URL: https://www3.mtb.com/

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal
Title: Personal

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial
Title: Commercial

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united
Title: People's United

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#hamburger-nav
Title: Navigation Menu

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#personal
Title: Personal

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/personal-banking/checking-accounts-mandt-bank
Title: Checking Accounts

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/personal-banking/apply-for-a-debit-card
Title: Debit Cards

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/personal-banking/savings-and-certificate-of-deposit-cds/savings-account-and-cd-options
Title: Savings Account & CD Options

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/mortgages-and-loans
Title: Mortgages & Loans

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/personal-banking/credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/insurance-investments-and-insurance
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/wilmington-advisors
Title: Investments & Retirement

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/driving-change/multicultural-banking
Title: Multicultural Banking

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/education-portal
Title: Financial Education Center

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/premium-services
Title: Premium Services

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#business
Title: Business

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-banking-checking-and-service-options
Title: Bank

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/cash-management-for-business
Title: Manage Cash Flow

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/online---mobile-services
Title: Online & Mobile Services

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-financing
Title: Finance

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-resources---insights
Title: Resources & Insights

Search URL Search Domain Scan URL

URL: https://library.mtb.com/tag/cybersecurity-risk/
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-education-portal
Title: Business Education Center

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/business/business-banking-welcome
Title: Business Banking Welcome

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#commercial
Title: Commercial

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-banking
Title: Bank

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-financing-and-lending-solutions
Title: Finance

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-banking-industry-solutions
Title: Industry Solutions

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/commercial-insurance
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/corporate-investment-services
Title: Invest & Grow

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/resources-and-insights
Title: Resources & Insights

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/m-t-financial-services
Title: M&T Financial Services

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#es
Title: Español

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/es
Title: Español

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/es/spanish-speaking-branches
Title: Representantes Bancarios Minoristas

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/es/spanish-business
Title: Gerentes de Relaciones Bancarias Comerciales

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#peoples-united
Title: People's United

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united/personal-banking-faqs
Title: Personal FAQs

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united/business
Title: Business Welcome

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us/welcome-to-mandt/peoples-united/business/business-owner-faqs
Title: Business FAQs

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#search-modal
Title: Search

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#location
Title: Locations

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#info-modal
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in
Title: Log In

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/covid-19-response
Title: COVID-19 Updates

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/personal/mortgages-and-loans/mortgage/manage/paying/assistance
Title: Mortgage Assistance Programs

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/mandt-bank-faqs
Title: F A Qs

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/discover-top-banking-tasks
Title: Common Banking Tasks

Search URL Search Domain Scan URL

URL: https://locations.mtb.com/
Title: Locations & ATMs

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/about-us
Title: About M&T

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/bank-security-tips-and-best-practices
Title: Banking Security

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/personal-and-business-banking-mortgages-and-more/community-involvement/multicultural-banking
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#personal-business-form
Title: Personal

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in/help-with-user-id-passcode

Search URL Search Domain Scan URL

URL: https://onlinebanking.mtb.com/Login/MTBSignOn
Title: Online Banking

Search URL Search Domain Scan URL

URL: https://myaccountviewonline.com/
Title: Account View

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in/various
Title: View All

Search URL Search Domain Scan URL

URL: https://commercialservices.mtb.com/auth/forgot-password.html
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#more-commercial
Title: More Commercial Services

Search URL Search Domain Scan URL

URL: https://weborders.brinksinc.com/
Title: Cash Order

Search URL Search Domain Scan URL

URL: https://www.centresuite.com/Centre/Public/Logon/Index?ReturnUrl=%2fCentre%3fsite%3d2129&site=2129
Title: CentreSuite

Search URL Search Domain Scan URL

URL: https://www.youraccessone.com/1590mtb
Title: AccessOne

Search URL Search Domain Scan URL

URL: https://www.mtbsupplierpay.com/UserLogin/UserLogin.do?ino=mtb
Title: M&T Supplier Pay

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/bank-policies/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/html/DSA.htm
Title: Digital Service Agreement

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/html/ESign.htm
Title: ESign Consent

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/bank-policies/terms-of-use-policy
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/pdf/treasury-center/tm-system-requirements-updated-final-mt2019.pdf
Title: Browser Requirements

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/explore-the-m-and-t-bank-help-center/bank-policies/digital-privacy-notice
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/commercial/treasury-management
Title: General Disclaimer

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/help-center/banking-security
Title: Fraud Information

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/pdf/treasury-center-sms-alerts.pdf
Title: SMS Alerts

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/log-in#continue
Title: Continue

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://infocons.ro/mt3/rdr/ HTTP 301
https://infocons.ro/mt3/rdr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
infocons.ro/mt3/rdr/
Redirect Chain

http://infocons.ro/mt3/rdr/
https://infocons.ro/mt3/rdr/

54 KB
13 KB

164ms
127ms

Document
text/html

2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac4d275afc3c909f6b58c4f1a134c3ce02fa5c1160e32193c089c48c7401f8d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 769de732ca9c9c0a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 07:06:12 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Sun, 19 Jun 2022 19:20:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsmhfYZMc2GT3IygNLLu5usNQffGCVGbwOuZ6bFNIPiOuIlYpSHefOhxBFXB55PSA0RSRC5olsWXK9lzChoI7RwHqNicKUCFGy%2FMU7dUkOCqN9p76%2F2q2tb5Ja9NjOlgdO2yYVXU4D7zow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 769de731ec7491e1-FRA
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 14 Nov 2022 07:06:12 GMT
Location: https://infocons.ro/mt3/rdr/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvU%2BHTM1X2aMqCZ5b12Htusme0%2BccfOGNubgWNVM8KG3cE0srvJBUeMb8hQUA6ot%2BS8JH%2FlbLrkB7HUbdVjmiUmRNaL9pSUCDlF9JejyQ%2BFSNEh9ua6ig0esIn%2F%2B%2FGwjOBRbXUbRXILfXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-base.css
infocons.ro/mt3/rdr/index_files/ 421 KB
45 KB 2142ms
2139ms Stylesheet
text/css 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885e54a09dc5b4463a5df3dd88c1430b3a739546df4d10852abc0c2979c0536a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Jun 2022 07:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUWFy4Rf%2B%2BB8lsj%2FKg7AwyUd%2B3h8fX9MWbFRUgDuowKpff04PUvlrOCvfJgtV1r0w52ymQzebzyTnq9ABOggEGTd2cmRycuFBCtfutAY%2BTC%2ByZE41cbrovTWQpXlOgoq4IQDykaUeayOJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 769de7339c969c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 f(1).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
1 KB 124ms
122ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(1).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92633dfcc0a572f8f3ec3316d71d9a0bb862b32dabbaa4c0732b5192c3e2cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66030f-6e0-5e1c84a4fb600"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avbJEMBqyYchUcSy5ZHqkxLUcFnf6cFWz9RndnPLIPS5aX7HJ2XxzWx1Z3XWaIsQMTCRWA3E1h8g0EIOnNngSPYQ6QAQECrzShBm%2BftXlQEo%2FWGgcT4z%2BNZ3aJSTRYaOTuglZVNzk5Et5g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de7339c979c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f(2).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
1 KB 1188ms
1186ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(2).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89d2121e332301dca7d32fcd96e6fb378a523656e9b4c5f365654f687ad858c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660315-6e0-5e1c84a4fb600"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjl6twHFopPnT3n%2FyobDL%2BQodicGhXwDkRa9G1YnJdTpTsIudKsvHaIysvSja83NmiiVQKKcUomPwAbHCOimSAccKRVohGS8ZuJ5YxWx7%2FR6IJLMcG7YHZEfpHJytaNKFM6c%2B4Ti0LRO9g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de7339c999c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f(3).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
1 KB 125ms
123ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(3).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44efb9a1666e17d9c4caca48a4ef4bf640c45815ae78188d5a3ea95eae342a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660316-6e0-5e1c84a4fb600"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4%2BT0eZpaY6UIRIH1WsVz9QikdXR%2BStdsVOMKxwQ0eBEbDZdiYMsIqEgh57uA9afKN0pykfuJu6DlTv7caUZcsEY9WRannCeMX062ZvXG7CkZPwrVfzJUcM4iJ8%2B%2FopN0voJNDoI95X%2FMA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de7339c9d9c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f(4).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
1 KB 902ms
900ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(4).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84828987da9be61980e9a5c6fc7ed572c9abe0dc7b619d8649d785abc7f24d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660317-6e0-5e1c84a6e3a80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQb3PLlBmrguqkHM%2F%2BqXkz0VjpyZDY1PwH1EfmVe1stmjY%2BpK6uFASNXMgspt3POTsZKeAqUqhOzyMNXPYSMqmSbBt3eybxdC90fXe%2FzHv0F1QgG4bAuEKt8KRSz26YEieFq8YhaMisByA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de7339c9e9c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f(5).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
1 KB 292ms
290ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(5).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3312c3cdf569ad506ab56d68a8c4ea8994e8aec580e4bf61b272d59cb8f596f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660318-6f3-5e1c84a6e3a80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xwpca3okeVLr%2FU01QNqDkmj%2BPE5BCzOqQcC3YQGWZcnk1nQ%2BD4BzHCHfRmg%2BiOS3PbL7ZBFUCX9EomsNPAaH4ert%2FI1n%2F%2F3e09dWVoeJauKq8a3XPxJe7aqmV%2FoMi6MoHkn6QrcwN5SyOg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de7339c9f9c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f(6).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
1 KB 168ms
167ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(6).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c43598338b52f40ca5da785b88ee3336b1a59b716dfb1367a5d098234b1f4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660319-6e0-5e1c84a6e3a80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3NnZeTvnZbf0QKTOcXIdHI4MxzOw3Z0Xu3xD97p75dYQDnXeOnEOyoaYv7sQcxLpHUpJMwA72Q1IN3Bf8d3AGet5ZoYHFDWNOc6US6yci9qkAgQFiA8j6LlkFf1rX1FPeFig6e%2BZLubmA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de7339ca19c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f(7).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
1 KB 2111ms
2109ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(7).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0cba06286128bb606b9be011a8c6cf90a63ad73fc7ef65d01da11a3976e017a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66031a-6dd-5e1c84a6e3a80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nY4p0FeO%2FBlRdo%2BA2EX0raQSeUEb2zbFRl%2FjlnrP6TYXAW8NmeqhNpLlY6l3ZROpxYEIEs9EuD4DCwZIg%2B4zKVTBl3Vllfu%2BzpZDR%2BUy%2FyRqlz8APkWdzH404g56t6SzfKUcVL4551TqA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de7339ca29c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f(8).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
1 KB 120ms
118ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(8).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abf5f7e93367d66a529a213f3706306e58a0e4c9c16b304ee0f17bfee84b77a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66031e-6e0-5e1c84a6e3a80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czr38zlsQ6wccvAcuaJAxjPTkB8zIsgW3Gk7aEhnYVUlqbIEek1FzNIz5TN8H9DuzKmAaY%2FQMQ5q%2BpGk66Fm5OcGsM7MyfA31%2ByGxOXGU%2FJRIy%2F9PG%2FYhuBrFGfUoK%2BFt2naq%2FzYJISfNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de7339ca39c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f(9).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
2 KB 1188ms
1187ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(9).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cd0943c5114fde394828fc8baefd103f7a8efc1dcdf6e64ca40e8bcf7a3e40a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66031f-6f2-5e1c84a8cbf00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vuy2kpkMLPZtZ%2BxeccDkJv5387TCpAiEKvYmlpz5vzPcHWIgXmQPWCOQe6IodzyLFY5oqxwI58NBt366r%2Bw%2FxcuUCy%2BJR8bXj%2BaHZxhkFAH2CyhDpE6yV01wf3%2FrVI061WtlK3aR%2FJNiA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de7339ca59c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f(10).txt Show response
infocons.ro/mt3/rdr/index_files/ 2 KB
1 KB 2137ms
2136ms Script
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/f(10).txt
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3336e5a696e1cb9126a7e79fb62f01ee9cf82d3b21784aab5626e50e9e6824cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660310-6e0-5e1c84a8cbf00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FxfNHhG34zmlOHf13yqfEt3lvinoEVtBJBhkz%2FS1xB%2FdeiNHi8PAPr7QE7XBXAaenzP7B2wf%2FXfZOS9%2BZDp8c9MrugF8psg3%2FvyPSvnoEo9oOs%2FgZMkXLLV%2FHymDiBFmmDPq0Y3%2FJuG7w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
content-type: text/plain
cf-ray: 769de733bcd99c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 white%20logo.png
infocons.ro/mt3/rdr/index_files/ 5 KB
5 KB 133ms
129ms Image
image/png 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/white%20logo.png
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4936
last-modified: Sun, 19 Jun 2022 07:54:04 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3QFSxqVE087Rhson0HDxZ24VMsJhY5e7a2mDHcFGyManKTYIKJhMk4jJN%2FeiMJpu2rdaCHAhaBuwvqKUBsVZpHobreLW6J%2F%2FM1T%2BGDddS%2BZ31IF%2BiH9qeYxkIyJJyb4X4ZooZdTj%2BuVQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 769de7410ce2bb89-FRA
expires: max-age=A10368000, public

GET
H3 200 equal-housing-lender-logo.png
infocons.ro/mt3/rdr/index_files/ 1 KB
2 KB 136ms
136ms Image
image/png 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/equal-housing-lender-logo.png
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1509
last-modified: Sun, 19 Jun 2022 07:54:04 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RNVvh7fJ8gZN5KZN2yB4Ys%2FmLYdvnS5XgawXu%2BbyAP%2FsKZ%2F7%2BWJPUPfykhhB5kYQ5XTYsZSf1Az220q5DqTLkFknydz3NEjfDf9X389TchgYGI2ujXFqJUgJVfVf1A3U3znzA0qZJruYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 769de7410ce9bb89-FRA
expires: max-age=A10368000, public

GET
H3 200 kensington-mural-olb-desktop.jpeg
infocons.ro/mt3/rdr/index_files/ 111 KB
112 KB 191ms
185ms Image
image/jpeg 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/kensington-mural-olb-desktop.jpeg
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3600cc522d109bf4d7aeb56960790240e80d9f22f6ae99e9a77d020bdf8f3cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 113904
last-modified: Sun, 19 Jun 2022 07:54:06 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLpj7ubUTk%2FvxzjW74YZ%2FhT6%2B%2BrudpOIKYMLfteKBtcl3%2FcHSKQLIwysHbqfcUt8jrp4k8VsL9R3c%2B8PwCty5qQXhNiaJVvufNupsKX6akoa2hBgzLby1Le2Q9VXq9uRwscO9ahGxB1ffQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 769de7413d52bb89-FRA
expires: max-age=A10368000, public

GET
H3 200 kensington-mural-olb-mobile.jpeg
infocons.ro/mt3/rdr/index_files/ 15 KB
15 KB 1263ms
1256ms Image
image/jpeg 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/kensington-mural-olb-mobile.jpeg
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0ebd4a04dc4040c44e7d68b56fbfcc1dbcccf03de96771a60e26f21a76359a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14941
last-modified: Sun, 19 Jun 2022 07:54:06 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pN6Nxl6LCoaLD8LgH2cKudzpbGHifOpiiDXWdcPtBv4PqXRuuk4Sp3dOT5pSC%2FqMACV7uw%2Bq0T8y6oO3qmbMO8mLjlB9eXWCo1Ov9jSoeWY4BHlCWUniyy6pXj%2BcaNiYfrbUwbh0txgSKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 769de7413d56bb89-FRA
expires: max-age=A10368000, public

GET
H3 200 kensington-mural-olb-desktop(1).jpeg
infocons.ro/mt3/rdr/index_files/ 111 KB
112 KB 562ms
556ms Image
image/jpeg 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/kensington-mural-olb-desktop(1).jpeg
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3600cc522d109bf4d7aeb56960790240e80d9f22f6ae99e9a77d020bdf8f3cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 113904
last-modified: Sun, 19 Jun 2022 07:54:06 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwP0AdOZW6gX%2Fglj78SVVZZoEgUn%2Bd8LmaNbVcVqbAOFvCnxJ%2FjckysgN%2Bd6%2Fx%2Fd3MzqmwodHUJ%2BMsPyXT0aT8DncUQ%2FVDoklvcYaJpnxepdZsUinFWSZnhKQ9lb0N0Cr%2BFN6r7WqqXOmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 769de7413d5bbb89-FRA
expires: max-age=A10368000, public

GET
H3 200 adsct
infocons.ro/mt3/rdr/index_files/ 43 B
542 B 1226ms
1220ms Image
image/gif 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/adsct
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:15 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6602eb-2b-5e1c84ac9c800"
access-control-allow-methods: GET,POST,OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozzJ%2B2Ic%2B7nuKyshGyhTDtqCwRqJ9tc%2BNsw0mGj8NB0AId2zX5H1Yi2yyrnILXFybMU9Kh%2FCB3T21KXZhZNstkejNsN5NUxnMHJ0fOsR5F%2FlCDipzXsoHr3hhBJj9ELJY4pFxIjDzVU2CA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://cloud.infocons.ro
accept-ranges: bytes
cf-ray: 769de7413d5fbb89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 adsct(1)
infocons.ro/mt3/rdr/index_files/ 0
493 B 1227ms
1221ms Image
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/adsct(1)
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:15 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6602f0-0-5e1c84ae84c80"
access-control-allow-methods: GET,POST,OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvR3EgWH6fIwVVz%2B%2FHpCRvRumAApALrOncDC%2FMXs1gTDKuaiuG%2BAuB1o33yKo2slcF9NkYqc32GRUDXcx%2FWAZ2TiDq6Fd7DWFzmSQisy0q%2Fdg2juYEc%2FNloNZo8pGZjhJrcRE5c9Ojd8iw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://cloud.infocons.ro
accept-ranges: bytes
cf-ray: 769de7413d61bb89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 0
infocons.ro/mt3/rdr/index_files/ 0
489 B 1225ms
1219ms Image
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/0
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:15 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6602d4-0-5e1c84ae84c80"
access-control-allow-methods: GET,POST,OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6m24V6coas871vSjh6qk2D8W2PFWGaR5e8PiTrs72d0UP6FjgtDR39V%2BVF%2FpeQLy9ematf%2BkbdqOSG8CQMABM1aRdAnyZqGBQ%2F7vR%2BeoNwHX5uEE0FLZFEXtDa870P72xihcDVDFVSGb4w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://cloud.infocons.ro
accept-ranges: bytes
cf-ray: 769de7413d65bb89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 404 sp.pl.download
infocons.ro/mt3/rdr/index_files/ 8 KB
8 KB 1837ms
1832ms Image
text/html 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/sp.pl.download
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 076f0be52235ecad0462db744d42b5a04844d911158811cb74f7ae76e1e238a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAKbFdsB%2FPpFjl4Hyd0L6U2wwdtDmOjAqgwu7gLZ9YtAO0UAEz4BdWEsFuLdWHpERcSHodD6Opn314Yw8igCIHorgAk7FojraWysb%2FBtWZ%2BUab4N04CHQVrhCqPexwnqcGZ%2FBXdcliifOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 769de7413d68bb89-FRA
link: <https://infocons.ro/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 sp.pl(1).download
infocons.ro/mt3/rdr/index_files/ 0
488 B 2252ms
2246ms Image
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/sp.pl(1).download
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:16 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660334-0-5e1c84b06d100"
access-control-allow-methods: GET,POST,OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BYTtKzi19yeguf5RCUfYMRVHeMO9wyGExhNIwgWbVyTgfGYMfVjn6d3CivrX6hmeRiRtz67OTcA%2BCQQzKqavjTrb%2FHt4PFS7raFkz5iSz7RRSBs3e8vuPuP8nUs6m1x6SCDdy9P3LpGfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://cloud.infocons.ro
accept-ranges: bytes
cf-ray: 769de7413d6cbb89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 sp.pl(2).download
infocons.ro/mt3/rdr/index_files/ 0
488 B 1223ms
1217ms Image
text/plain 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/mt3/rdr/index_files/sp.pl(2).download
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:15 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 19 Jun 2022 07:54:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660335-0-5e1c84b06d100"
access-control-allow-methods: GET,POST,OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BAHf3LvbAcEUKcf80jMipcQR4UAJp18JMvwHYWHM2765CJ70xLAHStnbzrPHQmubobWQHPiuNt95LLcVHByppT%2F4jJU2uDg2Oyugwj4QDCb%2BwIvLhPj7L8PopqUpYbNSKhNfmya4PxLyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://cloud.infocons.ro
accept-ranges: bytes
cf-ray: 769de7413d6ebb89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/997504364/ 42 B
108 B 237ms
35ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/997504364/?random=1655650270309&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=3122236033&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/990489911/ 42 B
108 B 236ms
34ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/990489911/?random=1655650270313&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=4130609345&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/994979083/ 42 B
108 B 237ms
35ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994979083/?random=1655650270569&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=2040997610&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948713993/ 42 B
548 B 230ms
29ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948713993/?random=1655650270693&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=3750118468&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/954895323/ 42 B
108 B 233ms
32ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/954895323/?random=1655650270695&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=433866595&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/785909637/ 42 B
108 B 234ms
33ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/785909637/?random=1655650270697&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=2391559149&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/785909637/ 42 B
64 B 70ms
33ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/785909637/?random=1655650270698&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=608484158&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/875517505/ 42 B
64 B 69ms
33ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875517505/?random=1655650270716&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=3073541608&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/875517505/ 42 B
64 B 68ms
32ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875517505/?random=1655650270717&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=3594395209&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/344010384/ 42 B
64 B 69ms
32ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/344010384/?random=1655650270731&cv=9&fst=1655647200000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=3&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2Flog-in&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&async=1&fmt=3&is_vtc=1&random=1051151334&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 07:06:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 saved_resource.html Show response
infocons.ro/mt3/rdr/index_files/ Frame C84C 149 B
580 B 1960ms
1955ms Document
text/html 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/saved_resource.html
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Request headers

Referer: https://infocons.ro/mt3/rdr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://cloud.infocons.ro
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 769de7413d74bb89-FRA
content-encoding: br
content-type: text/html
date: Mon, 14 Nov 2022 07:06:16 GMT
last-modified: Sun, 19 Jun 2022 07:54:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Bp0akVkxii%2FHndobaW1IeIe1mA6vKDQrCEDiEeJ9zjzpxs63t1J7ACV5j9kbnIQPWg%2FSB0w0gNG8VHJRwcVQEuhxpf5W6oPNdRXLD%2FXNcvRUyyECI1Y2F2jSLFJ0WkYuAzX1HzuSP74cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 404 mandtbaltoweb-book.woff
infocons.ro/mt3/rdr/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0 1729ms
1727ms Font
text/html 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Origin: https://infocons.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:16 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFQRfGTE7SQ08a4o0AbKl%2BI6fFHMXF699fUtWIh2%2Flul7wzSflPpJ%2BM3FeEkdrHst0pEFN%2BLWu8EYeY8Q%2BW8mXnuwtWDhFrcckhwt5XdO79a6uu2KJExHQIHpuWYo1VocBPCP%2BSOig6GlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 769de7413d79bb89-FRA
link: <https://infocons.ro/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 kensington-mural-olb-desktop.jpeg
infocons.ro/content/experience-fragments/mtb-web/login_modals/login-v2-fragments/multicultural-communities/_jcr_content/root/columns/col_1/image_copy_867550798_1442900878.coreimg.jpeg/1648140612726/ 30 KB
30 KB 2909ms
2908ms Image
text/html 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infocons.ro/content/experience-fragments/mtb-web/login_modals/login-v2-fragments/multicultural-communities/_jcr_content/root/columns/col_1/image_copy_867550798_1442900878.coreimg.jpeg/1648140612726/kensington-mural-olb-desktop.jpeg
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf1286df85d434a7a104d064de00db778586c2673debbd7804b4b8406bd758f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://infocons.ro/mt3/rdr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:17 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2s%2BkFo9SGi32P8XVZqYTTPDdXeAyOOWRJSeJVJW9KnIK1nAJO7quVq8StvjOaCuY%2F3oB59w03GP0Fz7eKkNdgXGD2H5sSv%2BtZ3afU%2BQroldskHUfkxoaj85Wc5VVfzh9CPrp3yKWazCfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 769de7414da1bb89-FRA
link: <https://infocons.ro/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 mandtbaltoweb-light.woff
infocons.ro/mt3/rdr/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0 1766ms
1766ms Font
text/html 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Origin: https://infocons.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:16 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3fpaeHuH0J8v36svicTCK4FnWoTFaufhTvUmUk10VuGWnVG58oghEwQCwRWRfRpPxMNh6m84mSkgaNa19GtvNQk8yFOeOQ0HgC5B5wIE8r6V8nHWN%2BiHvT1dIpt0MPJPlzyH5%2B5LRXbeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 769de7414dabbb89-FRA
link: <https://infocons.ro/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 mandtbaltoweb-medium.woff
infocons.ro/mt3/rdr/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0 2727ms
2726ms Font
text/html 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/rdr/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Origin: https://infocons.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:17 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuQRsgGhe6M1FbzRnLBpPTL%2B7t%2F5CB%2FxLX8qCjgLcZy5ei8KWLzDgbhrU2XmW9XnEfc6TOoS2grXNOiRub7a2kDP3xF%2BAoQLc4gwjSfhrWdyDSSxKRnzwQSr2fGYR3Ft1EeRuAqENSl7Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 769de7414db2bb89-FRA
link: <https://infocons.ro/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 mandtbaltoweb-book.woff
infocons.ro/mt3/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0 1308ms
1308ms Font
text/html 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Origin: https://infocons.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKpTTmAVuAwLmT7XLeEythUfTGnAM5WXT0Z1kXQbRbuVNPinyDkpa5T%2FlYhFFjr7dRnnxcggFM0p0oryIZbcuMaNtTTvFeSlDit1AzY61uniITMc3hgJW3VQqDtf6xojO6ulUelyRA7uqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600, must-revalidate
cf-ray: 769de74c0d1bbb89-FRA
link: <https://infocons.ro/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 mandtbaltoweb-light.woff
infocons.ro/mt3/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0 1317ms
1316ms Font
text/html 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Origin: https://infocons.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUEWi88OARYWCGS0BQYxhx9IVAxrDuGCuE6eMLeQ9SS3qDtCMC2H77B5YRmko2HlUta5YmPq%2FJQ%2BXwYjxFOpN32W4Y%2FEAxrvotbnJwj%2FJIGr%2FuCKdKWZQXJ0RqgCZpwtUI3qGu5AvpEr0A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600, must-revalidate
cf-ray: 769de74c5dc3bb89-FRA
link: <https://infocons.ro/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 mandtbaltoweb-medium.woff
infocons.ro/mt3/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0 839ms
839ms Font
text/html 2606:4700:3034::ac43:9d46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infocons.ro/mt3/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Requested by: Host: infocons.ro
URL: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9d46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://infocons.ro/mt3/rdr/index_files/clientlib-base.css
Origin: https://infocons.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:06:18 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cloud.infocons.ro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AluMQL20%2BiLuAo%2FDEX7Lmwm7s9PG912rmb4h%2BjSflyEdqB1R2t5OGSpyNhTtkcb9bwnL%2FSTOSP67CPsU1tTJhTTXya55haYFHI6Q2GgC7FNZEmVPPr4RYYWmGMauUspdWGjMhqgTEN%2F52Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600, must-revalidate
cf-ray: 769de7525bacbb89-FRA
link: <https://infocons.ro/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			infocons.ro/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0fce2a3ea6c86cc07ad10abca7d3b416

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://infocons.ro/mt3/rdr/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://infocons.ro/mt3/rdr/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://infocons.ro/mt3/rdr/index_files/sp.pl.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://infocons.ro/mt3/rdr/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://infocons.ro/content/experience-fragments/mtb-web/login_modals/login-v2-fragments/multicultural-communities/_jcr_content/root/columns/col_1/image_copy_867550798_1442900878.coreimg.jpeg/1648140612726/kensington-mural-olb-desktop.jpeg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://infocons.ro/mt3/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://infocons.ro/mt3/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://infocons.ro/mt3/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

infocons.ro
www.google.com
2606:4700:3031::6815:861
2606:4700:3034::ac43:9d46
2a00:1450:4001:811::2004
076f0be52235ecad0462db744d42b5a04844d911158811cb74f7ae76e1e238a8
0cd0943c5114fde394828fc8baefd103f7a8efc1dcdf6e64ca40e8bcf7a3e40a
3312c3cdf569ad506ab56d68a8c4ea8994e8aec580e4bf61b272d59cb8f596f9
3336e5a696e1cb9126a7e79fb62f01ee9cf82d3b21784aab5626e50e9e6824cd
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
7c43598338b52f40ca5da785b88ee3336b1a59b716dfb1367a5d098234b1f4ca
84828987da9be61980e9a5c6fc7ed572c9abe0dc7b619d8649d785abc7f24d39
885e54a09dc5b4463a5df3dd88c1430b3a739546df4d10852abc0c2979c0536a
89d2121e332301dca7d32fcd96e6fb378a523656e9b4c5f365654f687ad858c1
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
abf5f7e93367d66a529a213f3706306e58a0e4c9c16b304ee0f17bfee84b77a3
ac4d275afc3c909f6b58c4f1a134c3ce02fa5c1160e32193c089c48c7401f8d4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b44efb9a1666e17d9c4caca48a4ef4bf640c45815ae78188d5a3ea95eae342a4
c0cba06286128bb606b9be011a8c6cf90a63ad73fc7ef65d01da11a3976e017a
d0ebd4a04dc4040c44e7d68b56fbfcc1dbcccf03de96771a60e26f21a76359a0
e3600cc522d109bf4d7aeb56960790240e80d9f22f6ae99e9a77d020bdf8f3cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92633dfcc0a572f8f3ec3316d71d9a0bb862b32dabbaa4c0732b5192c3e2cd5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcf1286df85d434a7a104d064de00db778586c2673debbd7804b4b8406bd758f

infocons.ro Open in urlscan Pro 2606:4700:3034::ac43:9d46 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

361 kBTransfer

774 kBSize

1 Cookies

77 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

infocons.ro Open in urlscan Pro
2606:4700:3034::ac43:9d46 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

361 kB
Transfer

774 kB
Size

1
Cookies

41 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!