mtverificationtoday.z13.web.core.windows.net Open in urlscan Pro
20.60.62.33 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mtverificationtoday.z13.web.core.windows.net/
Submission: On April 25 via automatic, source openphish (April 25th 2023, 2:11:14 pm UTC) — Scanned from DE

Summary HTTP 131 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 28 domains to perform 131 HTTP transactions. The main IP is 20.60.62.33, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is mtverificationtoday.z13.web.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on March 22nd 2023. Valid for: a year.

This is the only time mtverificationtoday.z13.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
6	20.60.62.33 20.60.62.33	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2600:9000:205... 2600:9000:2057:5e00:b:2146:1340:93a1	16509 (AMAZON-02) (AMAZON-02)
16	2600:9000:225... 2600:9000:225e:d400:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.205.123.249 52.205.123.249	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.122.110 18.66.122.110	16509 (AMAZON-02) (AMAZON-02)
1	52.213.243.133 52.213.243.133	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:8c00:18:15b9:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 7	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
6	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:10:... 2606:4700:10::ac43:149e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
1	52.7.151.245 52.7.151.245	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:20e... 2600:9000:20eb:fa00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
6	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	52.22.50.55 52.22.50.55	14618 (AMAZON-AES) (AMAZON-AES)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
5	34.72.33.225 34.72.33.225	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.66.3.160 34.66.3.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.37.218.4 52.37.218.4	16509 (AMAZON-02) (AMAZON-02)
131	39

6 20.60.62.33 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mtverificationtoday.z13.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2057:5e00:b:2146:1340:93a1 (United States)

ASN16509 (AMAZON-02, US)

www3.mtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:225e:d400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.123.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-123-249.compute-1.amazonaws.com

api4921.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-110.fra60.r.cloudfront.net

cdn-0.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.243.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-243-133.eu-west-1.compute.amazonaws.com

mtb.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:8c00:18:15b9:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:149e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:fa00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.50.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-50-55.compute-1.amazonaws.com

52.22.50.55	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.72.33.225 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 225.33.72.34.bc.googleusercontent.com

mtb-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.66.3.160 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.3.66.34.bc.googleusercontent.com

rl.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.37.218.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-218-4.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1219	84 KB
13	mtb.com www3.mtb.com — Cisco Umbrella Rank: 236547	456 KB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 16 google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 2930	3 KB
8	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2240 mtb-app.quantummetric.com — Cisco Umbrella Rank: 116896 rl.quantummetric.com — Cisco Umbrella Rank: 4093	88 KB
7	segreencolumn.com ob.segreencolumn.com — Cisco Umbrella Rank: 41157 obs.segreencolumn.com — Cisco Umbrella Rank: 34673	33 KB
6	google.de www.google.de — Cisco Umbrella Rank: 3425	994 B
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	7 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	279 B
6	bing.com bat.bing.com — Cisco Umbrella Rank: 519	13 KB
6	windows.net mtverificationtoday.z13.web.core.windows.net	201 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	241 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	372 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	303 KB
3	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1442	1 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 631	7 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	49 KB
2	mountain.com dx.mountain.com — Cisco Umbrella Rank: 7854 px.mountain.com — Cisco Umbrella Rank: 8416 gs.mountain.com Failed	6 KB
2	d41.co api4921.d41.co — Cisco Umbrella Rank: 298466 cdn-0.d41.co — Cisco Umbrella Rank: 32793	25 KB
1	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 5223	267 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 187	2 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	395 B
1	t.co t.co — Cisco Umbrella Rank: 584	378 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	368 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 12085	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
1	omtrdc.net mtb.tt.omtrdc.net — Cisco Umbrella Rank: 294856	548 B
131	28

	Domain	Requested by
16	tags.tiqcdn.com	mtverificationtoday.z13.web.core.windows.net tags.tiqcdn.com
13	www3.mtb.com	mtverificationtoday.z13.web.core.windows.net www3.mtb.com
7	www.google.com	1 redirects mtverificationtoday.z13.web.core.windows.net www.gstatic.com
6	www.google.de	mtverificationtoday.z13.web.core.windows.net
6	www.facebook.com	mtverificationtoday.z13.web.core.windows.net
6	bat.bing.com	tags.tiqcdn.com bat.bing.com mtverificationtoday.z13.web.core.windows.net
6	obs.segreencolumn.com	ob.segreencolumn.com mtverificationtoday.z13.web.core.windows.net cdn.quantummetric.com
6	mtverificationtoday.z13.web.core.windows.net	mtverificationtoday.z13.web.core.windows.net
5	mtb-app.quantummetric.com	cdn.quantummetric.com
5	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
5	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
4	www.googletagmanager.com	tags.tiqcdn.com ob.segreencolumn.com www.googletagmanager.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	sp.analytics.yahoo.com	mtverificationtoday.z13.web.core.windows.net
3	s.yimg.com	tags.tiqcdn.com s.yimg.com
3	cdn.jsdelivr.net	mtverificationtoday.z13.web.core.windows.net
2	rl.quantummetric.com	cdn.quantummetric.com
2	google.com	www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
1	px.mountain.com	dx.mountain.com
1	pixel.sitescout.com	mtverificationtoday.z13.web.core.windows.net
1	fonts.gstatic.com	www.google.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	analytics.twitter.com	mtverificationtoday.z13.web.core.windows.net
1	t.co	mtverificationtoday.z13.web.core.windows.net
1	px4.ads.linkedin.com	mtverificationtoday.z13.web.core.windows.net
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	dx.mountain.com	tags.tiqcdn.com
1	up.pixel.ad	tags.tiqcdn.com
1	cdn.quantummetric.com	tags.tiqcdn.com
1	static.ads-twitter.com	tags.tiqcdn.com
1	snap.licdn.com	tags.tiqcdn.com
1	ob.segreencolumn.com	tags.tiqcdn.com
1	mtb.tt.omtrdc.net	tags.tiqcdn.com
1	cdn-0.d41.co	tags.tiqcdn.com
1	api4921.d41.co	tags.tiqcdn.com
0	gs.mountain.com Failed	mtverificationtoday.z13.web.core.windows.net
131	40

This site contains links to these domains. Also see Links.

Domain
locations.mtb.com
library.mtb.com
customer.jrni.com
buffalotogetherfund.org
ir.mtb.com
apps.apple.com
play.google.com
www.mtb.com
www.facebook.com
twitter.com
www.linkedin.com
asset.mtb.com
www3.mtb.com
mtb.com
onlinebanking.mtb.com
myaccountviewonline.com
commercialservices.mtb.com
weborders.brinksinc.com
www.centresuite.com
www.youraccessone.com
www.mtbsupplierpay.com

Subject Issuer	Validity	Valid
*.web.core.windows.net Microsoft RSA TLS CA 01	`2023-03-22` - `2024-03-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
www.mtb.com Entrust Certification Authority - L1M	`2022-08-29` - `2023-06-02`	9 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.d41.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-05`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.segreencolumn.com Amazon RSA 2048 M02	`2023-02-23` - `2023-09-15`	7 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.pixel.ad GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-24` - `2024-02-02`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2022-05-21` - `2023-06-22`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
52.22.50.55 Sectigo RSA Domain Validation Secure Server CA	`2023-02-14` - `2024-02-14`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-18` - `2024-02-13`	a year	crt.sh
rl.quantummetric.com R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://mtverificationtoday.z13.web.core.windows.net/
Frame ID: 1DBB5C3C2EFDEBC11CD40E860837E718
Requests: 118 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly9tdHZlcmlmaWNhdGlvbnRvZGF5LnoxMy53ZWIuY29yZS53aW5kb3dzLm5ldDo0NDM.&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&cb=uajckhywywga
Frame ID: 2892188A6CCF6D925918A5E0CBE36E3A
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C33C302960EFADD8D0B824A254C73243
Requests: 1 HTTP requests in this frame

Frame: https://mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&t=1682431870265&v=1682431870882&z=1&S=0&N=0&P=0
Frame ID: 45184B25E640E20129308CC2FF3AB6E1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

M&T Bank - Personal & Business Banking, Mortgages, & More | M&T BankLockNavigation MenuSearchFacebookTwitterLinkedInNavigation Menu

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

131
Requests

90 %
HTTPS

56 %
IPv6

28
Domains

40
Subdomains

39
IPs

5
Countries

1916 kB
Transfer

4997 kB
Size

31
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://locations.mtb.com/

Search URL Search Domain Scan URL

URL: https://library.mtb.com/tag/cybersecurity-risk/
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://customer.jrni.com/?client=mtbank
Title: Make an Appointment

Search URL Search Domain Scan URL

URL: https://buffalotogetherfund.org/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://ir.mtb.com/static-files/02877c8f-cd34-4b6f-a689-45b2ec7f12eb
Title: Read More

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/m-t-mobile-banking/id397761931

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.mtb.mbanking.sc.retail.prod&hl=en

Search URL Search Domain Scan URL

URL: https://www.mtb.com/help-center/top-banking-tasks/ask-question-submit-feedback
Title: Send feedback

Search URL Search Domain Scan URL

URL: https://ir.mtb.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MandTBank
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/mandt_bank
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/m%26t-bank
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.mtb.com/homepage/explore-the-m-and-t-bank-help-center/bank-policies/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/html/ESign.htm
Title: ESign Consent

Search URL Search Domain Scan URL

URL: https://www3.mtb.com/homepage/personal-and-business-banking-mortgages-and-more/community-involvement/multicultural-banking
Title: Learn More

Search URL Search Domain Scan URL

URL: https://mtb.com/olb-enroll
Title: Enroll in M&T Online Banking

Search URL Search Domain Scan URL

URL: https://onlinebanking.mtb.com/Login/MTBSignOn
Title: Online Banking

Search URL Search Domain Scan URL

URL: https://myaccountviewonline.com/
Title: Account View

Search URL Search Domain Scan URL

URL: https://commercialservices.mtb.com/auth/forgot-password.html
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://weborders.brinksinc.com/
Title: Cash Order

Search URL Search Domain Scan URL

URL: https://www.centresuite.com/Centre/Public/Logon/Index?ReturnUrl=%2fCentre%3fsite%3d2129&site=2129
Title: CentreSuite

Search URL Search Domain Scan URL

URL: https://www.youraccessone.com/1590mtb
Title: AccessOne

Search URL Search Domain Scan URL

URL: https://www.mtbsupplierpay.com/UserLogin/UserLogin.do?ino=mtb
Title: M&T Supplier Pay

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/html/DSA.htm
Title: Digital Service Agreement

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/pdf/treasury-center/tm-system-requirements-updated-final-mt2019.pdf
Title: Browser Requirements

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/pdf/treasury-center-sms-alerts.pdf
Title: SMS Alerts

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1682431869295&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66618%26time%3D1682431869295%26url%3Dhttps%253A%252F%252Fmtverificationtoday.z13.web.core.windows.net%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1682431869295&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1682431869295&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&liSync=true&e_ipv6=AQLgzNm_PIVWiwAAAYe4wQMfjdrzVfFQzmgZaJ5g3rHQyLbhMTQAGVg20krhoM4AE4QA2eZQ

Request Chain 114

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=694052378&cv=11&fst=1682431869595&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=fd9HZODKN5abYaKyopgC&sscte=1&crd=&pscrd=EkxDaEFJOFBTZG9nWVFoT2JyXzktUHFyUmpFaVVBbFA4VnIwRkJjYUhmcHJHQjlnZHQzX1NQdHRyQ0J4NWZLTTZRb05PMWppeVJwX2cwGlhDaEVJOFBTZG9nWVFrNUtENUppZWh1V0xBUkl0QUhMSC1YMzNwNjhWT3ljRGNtc3JUTEU4RVhWQ1ZSU2F3WGNybjNQSmM2ZFV2OEM0QXh0M1FKZlJFNkwz HTTP 302
https://www.google.com/pagead/1p-conversion/875517505/?random=694052378&cv=11&fst=1682431869595&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFBTZG9nWVFoT2JyXzktUHFyUmpFaVVBbFA4VnIwRkJjYUhmcHJHQjlnZHQzX1NQdHRyQ0J4NWZLTTZRb05PMWppeVJwX2cwGlhDaEVJOFBTZG9nWVFrNUtENUppZWh1V0xBUkl0QUhMSC1YMzNwNjhWT3ljRGNtc3JUTEU4RVhWQ1ZSU2F3WGNybjNQSmM2ZFV2OEM0QXh0M1FKZlJFNkwz&is_vtc=1&ocp_id=fd9HZODKN5abYaKyopgC&cid=CAQSKQBygQiD0PruDGNXY89Y3z1wiYQ3DmR_4H56ysnA4LAXtBgysfv8OPZJ&random=2729936273 HTTP 302
https://www.google.de/pagead/1p-conversion/875517505/?random=694052378&cv=11&fst=1682431869595&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFBTZG9nWVFoT2JyXzktUHFyUmpFaVVBbFA4VnIwRkJjYUhmcHJHQjlnZHQzX1NQdHRyQ0J4NWZLTTZRb05PMWppeVJwX2cwGlhDaEVJOFBTZG9nWVFrNUtENUppZWh1V0xBUkl0QUhMSC1YMzNwNjhWT3ljRGNtc3JUTEU4RVhWQ1ZSU2F3WGNybjNQSmM2ZFV2OEM0QXh0M1FKZlJFNkwz&is_vtc=1&ocp_id=fd9HZODKN5abYaKyopgC&cid=CAQSKQBygQiD0PruDGNXY89Y3z1wiYQ3DmR_4H56ysnA4LAXtBgysfv8OPZJ&random=2729936273&ipr=y&prhg=0

131 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mtverificationtoday.z13.web.core.windows.net/ 201 KB
201 KB 429ms
98ms Document
text/html 20.60.62.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.33 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 08083259bdc1e353f886fcd58e8f6d211cec9103d42f6f7904a0fa9c94d82ed2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 205549
Content-MD5: GG2CVSAPoSNWk9DUVI/WHQ==
Content-Type: text/html
Date: Tue, 25 Apr 2023 14:11:08 GMT
ETag: "0x8DB41E563A78816"
Last-Modified: Thu, 20 Apr 2023 21:22:47 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 49ef5767-701e-004b-0b7f-77d093000000
x-ms-version: 2018-03-28

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/ 158 KB
25 KB 35ms
17ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mtverificationtoday.z13.web.core.windows.net/
Origin: https://mtverificationtoday.z13.web.core.windows.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5377050
x-jsd-version: 4.6.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230108-FRA, cache-yyz4548-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UCPRVVKlMg62k%2FTzscKtaORBHzIiUBfwGTeUi776Xi79Jz2mR5Z0KHhiixxb60yZNItvJJAymU5fv8FGFdTL5S0E2z99XhI0Xd%2F%2FLbXNM8RUz%2FUhKh6QTx%2F1V%2B9e8mYse18fHfciQYJjwAhSTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7bd72c6aebc49256-FRA

GET
H2 200 clientlib-base.css
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/ 425 KB
57 KB 85ms
9ms Stylesheet
text/css 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 25 Apr 2023 14:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 580
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 57814
last-modified: Mon, 27 Mar 2023 20:28:19 GMT
server: Apache
etag: "6a323-5f7e7955d9ec0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=3600, public, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: 6oNxrRq8fq3fR79y47uS-3Ny_s7JZfNV0Ct-OUflvugE7TWz_jd5yg==

GET
H2 200 vendor.js Show response
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/ 237 KB
72 KB 88ms
12ms Script
application/javascript 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/vendor.js

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7146e4edda9b9a7502b1b6935983787c3bba8a34a95cebde1577409a9e33cd54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Apr 2023 13:39:30 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3279
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
last-modified: Mon, 27 Mar 2023 20:28:18 GMT
server: Apache
etag: "3b2b1-5f7e7954e5c80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=3600, public, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: qh7pr8o_-OptRC6tVgvvSgld9P2gA_q5dJQHMt2bf6GIiRQrkT3doQ==

GET
H2 200 clientlib-header.js Show response
www3.mtb.com/etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/ 2 KB
1 KB 85ms
9ms Script
application/javascript 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/clientlib-header.js

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

873c8d09b7dc8da369132e741cbe7e5843aa228f191165fe4b5b24babda94c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Tue, 25 Apr 2023 13:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 680
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 856
last-modified: Thu, 21 Apr 2022 21:02:31 GMT
server: Apache
etag: "94b-5dd306da127c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=3600, public, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: fTKdLNlgskumZIbk7JjSMSUhc4vnUC1ZQdVOVtrmn4vUEG0sCQ3AvQ==

GET mandtbaltoweb-book.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-light.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-medium.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-bold.otf
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 35ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mtverificationtoday.z13.web.core.windows.net/
Origin: https://mtverificationtoday.z13.web.core.windows.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5377048
x-jsd-version: 1.16.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230124-FRA, cache-yyz4561-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLWTovP%2Bgil5NkQBqvqna%2B9ojI1mwf%2B35zLqzn3QRdXf6JYLCnlgrXHFz9SihI1tdW0W2MS4cdKOQ3p3aKYC5pP%2FBrAeuLjd949%2BnTmcTled7YBudsyoFMINpfJ5oU0zCTAnmUYkBGkr1py9EGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7bd72c6aebc69256-FRA

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/ 61 KB
16 KB 39ms
22ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.min.js

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mtverificationtoday.z13.web.core.windows.net/
Origin: https://mtverificationtoday.z13.web.core.windows.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5377035
x-jsd-version: 4.6.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230043-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"f3e8-JKkAvfzv1Sy8/zvDZECvm4fNUGc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PK%2BfymKrDAVukksk87GlUzAmWZC6k8UPrKhyFrONec%2FaMghcyfjx1fItOevcuPZCO5%2BTxOJ2DUKesTkzPlWYuADJ9ybaO1AOZKa%2BBtdFW1x%2FKNc5o6fdJewD9kIZDKB358nQJTyjA93tvWVdyyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7bd72c6aebc59256-FRA

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 79 KB
28 KB 37ms
10ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30b9304828f30962dd12d1f808d9789665a2dba05ed0f8cf00ca867570fef19c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: .mmEx0AlFll76rHLXiOudN8WuhtuCDma
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:09:47 GMT
last-modified: Mon, 24 Apr 2023 21:25:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 82
x-amz-server-side-encryption: AES256
etag: W/"7fc08ad08bd620d47d00831e8f6fbde2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: SfwZ1lB1YizhcGwbyEif6tZRPa0kCaLBwQdIExtbXp2yvRjkdwPtcA==

GET
H2 200 green-logo.png
www3.mtb.com/content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/ 21 KB
22 KB 12ms
10ms Image
image/png 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/green-logo.png

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

4ab56bfc693e75fbc52de80072dcbcd412efe057dcc099c9b718fb6f85ee129b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Tue, 25 Apr 2023 14:07:03 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 483
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 21842
last-modified: Tue, 29 Sep 2020 01:18:52 GMT
server: Apache
etag: "5552-5b06990dcd700"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: rGyos-8ElQfoimkt_cbdJEXTfo0JZuI1cnRLLzUQhkLC80tlIsF8aw==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 54 KB
12 KB 16ms
10ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6478b12ce14ee54a81b92a9f6cb537261e0d42d1ea69b72df78f845e0647bd2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:08:48 GMT
x-amz-version-id: cyo_ii8yLMHmiutViiozT_89bw31w07K
content-encoding: br
last-modified: Mon, 24 Apr 2023 21:25:48 GMT
server: AmazonS3
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
etag: W/"58bc092e7505ed3c8fa8de3dddd79ed0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 141
cache-control: max-age=300
x-amz-cf-id: -89Bg387KNo0xLQo4XHspcpaRan8pSBH4sPhjGp3Rfg1i9v63ZXLnw==

GET
H/1.1 204
No Content / Show response
api4921.d41.co/sync/ 0
536 B 503ms
116ms Script
text/plain 52.205.123.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api4921.d41.co/sync/

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.123.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-123-249.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Apr 2023 14:11:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
Cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dnb_coretag_v5.min.js Show response
cdn-0.d41.co/tags/ 74 KB
25 KB 35ms
8ms Script
application/javascript 18.66.122.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/dnb_coretag_v5.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-110.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: br
Via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
Date: Tue, 25 Apr 2023 13:20:34 GMT
Last-Modified: Thu, 18 Nov 2021 14:57:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 3035
ETag: W/"13bc1e6c74c25b3098a3b54b58b70b3c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 6h1kBBtn9dSO11NWWk-k-Yxo9iRs4sYYjinQTIQXId5-nghaNKgrDw==

GET
H2 200 json Show response
mtb.tt.omtrdc.net/m2/mtb/mbox/ 96 B
548 B 123ms
35ms XHR
application/json 52.213.243.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb.tt.omtrdc.net/m2/mtb/mbox/json?mbox=target-global-mbox&mboxSession=eeabf70fc98d49e398647cad63b03c40&mboxPC=&mboxPage=5dfb1af5f826429080decafe1a9af9ea&mboxRid=9d5cc784236c4c4ab85293d62744ac10&mboxVersion=1.8.3&mboxCount=1&mboxTime=1682431868756&mboxHost=mtverificationtoday.z13.web.core.windows.net&mboxURL=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&at_property=f7ba4290-5c00-8608-2ad1-5fc4576548bf&zipCodeCookie=&geoRegionCookie=&entity.categoryId=&user.categoryId=&kruxSegs=&loginClickedCookie=&dnbID=

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.243.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-243-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

99df4a0b4ade4f64d92ac513be1e3102df14fab0855a54602820801c3e2904b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-xss-protection: 1; mode=block
x-request-id: 9d5cc784236c4c4ab85293d62744ac10

GET mandtbaltoweb-book.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-medium.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-light.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET
H2 200 8032d93d154e4517e5e5e20fa9c27d7b.js Show response
ob.segreencolumn.com/i/ 86 KB
32 KB 46ms
7ms Script
text/javascript 2600:9000:2490:8c00:18:15b9:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js?utv=ut4.49.202303152118
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8c00:18:15b9:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: d3479e2deff0298feb5b2ef068da686c292f0dddfc43bc728a060a92e428e2b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:12:39 GMT
content-encoding: gzip
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P6
age: 7542
etag: "15974-/px9r8dBqB4X8jzTXdPh/IFgAO0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 32090
x-amz-cf-id: wUyFT2Lx1WwGvidNZskEdZRMDCeEXGsVBgF9F72ynJbmRWxQ_DixCw==
expires: Wed, 26 Apr 2023 00:05:26 GMT

GET
H2 200 top10bb.png
www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/ 2 KB
2 KB 13ms
11ms Image
image/png 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/top10bb.png

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d3031f393f481e7ff2b1c3b5687898027c555769b16bf8022d665f35b38e53ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Tue, 25 Apr 2023 13:47:18 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1919
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 1663
last-modified: Wed, 13 Oct 2021 14:22:46 GMT
server: Apache
etag: "67f-5ce3cb229d980"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: r19B5eiU-DxV244iZB_NUmNMUFOLul0xYAM5UboDxSgDyg8O4bAzHg==

GET
H2 200 greenwich-excellence-2021.png
www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.png/1647440645110/ 51 KB
51 KB 13ms
12ms Image
image/png 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.png/1647440645110/greenwich-excellence-2021.png

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

fd37752730daa7b5b82e5440b851d5e0cad07a0ca4fd65ed6a4219b1f8e5c53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Tue, 25 Apr 2023 13:47:18 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1919
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 51746
last-modified: Wed, 16 Mar 2022 14:24:05 GMT
server: Apache
etag: "ca22-5da56aa6f0b40"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: 12TReww9CQuT-A3jXkcpwVr_dVeczmNhrjsnVckHUDQYWSqf8aeC7g==

GET
H2 200 mtb-icon-mortgage-2c-cmyk.png
www3.mtb.com/content/dam/mtb-web/images/icons/ 2 KB
2 KB 12ms
12ms Image
image/png 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/dam/mtb-web/images/icons/mtb-icon-mortgage-2c-cmyk.png

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d37a24ba2d508b82283588651c66d6412271fd8a358a4e00fdd97028a3be79b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Tue, 25 Apr 2023 13:22:06 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2942
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 1959
last-modified: Mon, 21 Jun 2021 19:11:47 GMT
server: Apache
etag: "7a7-5c54b71dbc2c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: b3JStnLNP5lNKSS1eZgGtGiHZd45mavJIIB2vzKd7ML8PUd6hcEhAg==

GET
H/1.1 404
The requested content does not exist. alert_new_design.css
mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/alert_scripts/ 0
0 265ms
97ms Stylesheet
text/html 20.60.62.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/alert_scripts/alert_new_design.css
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.33 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-request-id: 49ef58c4-701e-004b-327f-77d093000000
Date: Tue, 25 Apr 2023 14:11:08 GMT
x-ms-version: 2018-03-28
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Length: 205549
Content-Type: text/html

GET
H/1.1 404
The requested content does not exist. allAlertobject.js
mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/alert_scripts/ 0
0 373ms
99ms Script
text/html 20.60.62.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.33 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-request-id: c68ad51a-201e-000b-597f-77d7ab000000
Date: Tue, 25 Apr 2023 14:11:08 GMT
x-ms-version: 2018-03-28
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Length: 205549
Content-Type: text/html

GET
H/1.1 404
The requested content does not exist. status.js
mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/ 0
0 376ms
100ms Script
text/html 20.60.62.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/status.js
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.33 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-request-id: 57dd7964-b01e-006b-667f-77ab34000000
Date: Tue, 25 Apr 2023 14:11:08 GMT
x-ms-version: 2018-03-28
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Length: 205549
Content-Type: text/html

GET
H/1.1 404
The requested content does not exist. charReplace.js
mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/ 0
0 377ms
100ms Script
text/html 20.60.62.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/charReplace.js
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.33 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-request-id: ee4d748c-801e-0060-4c7f-77505f000000
Date: Tue, 25 Apr 2023 14:11:08 GMT
x-ms-version: 2018-03-28
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Length: 205549
Content-Type: text/html

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
907 B 137ms
50ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e871384db61273844b49f88d700929ccbd90dc10022a8997ec3d012fab8cfbc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 25 Apr 2023 14:11:08 GMT

GET mandtbaltoweb-bold.otf
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET
H2 200 ct Show response
obs.segreencolumn.com/ 3 KB
1 KB 323ms
115ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/ct?id=40173&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1682431868946&hl=2&op=0&ag=877850576&rand=241256765628051820500196715010002365284905166793119267216772639981077625089&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDk3ODNdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw4Il0sWy0xLCItIl0sWy0yLCI3LGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJISkw4NkwyM0FDR1VoQkl3SVNTRUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9yODcwdXhxRngiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjEwMDAwMDAwLFwidWpoc1wiOjEwMDAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjgyNDMxODY4OTE1LDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJsLC0xLC0xLDAsMCwwLDAsNTUsMjc2LC0xNjgyNDMxODY4NTEyLC0xLDAsNTg2LjksLDczNiw3MzYiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltcIl8wXCIsXCIxMTM3ODI1MDI4XCJdLFwic1wiOjF9Il0sWy01NSwiMCJdLFsiZGRiIiwiMCw3LDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDEsMCwwLDAsMSwyLDEwLDAsMTMsMCwxLDAsMCwwLDAsMCwwIl0sWyJibmNoIiw2MV0sWyJhYm5jaCIsNjFdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=8queamr2ly&pto=766&ver=50&gac=-&mei=&ap=&duid=1.1682431868.BRtDPTAnnYgb9g6G&suid=1.1682431868.o2pEJiAgpubZHIRY&tuid=1.1682431868.lyJZ2OTvxcYfy6ck&fbc=-&gtm=-&it=20%2C618%2C53&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js?utv=ut4.49.202303152118
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: c45301a5b30e55dcea6f61845cf52bbb2843f622af538ddd56caa2f15d556af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1198
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 white%20logo.png
www3.mtb.com/content/dam/mtb-web/logos/ 5 KB
5 KB 11ms
10ms Image
image/png 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/dam/mtb-web/logos/white%20logo.png

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Tue, 25 Apr 2023 14:09:47 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 81
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 4936
last-modified: Thu, 16 Apr 2020 22:07:44 GMT
server: Apache
etag: "1348-5a36fa9802c00"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: bP5frQTt-WqP5N3MH2UcNGqA2VI4gyv4dxddifmFLOD4LQ0Q6CrGgA==

GET
H/1.1 404
The requested content does not exist. axp.js
mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/ 0
0 231ms
99ms Script
text/html 20.60.62.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/axp.js
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.33 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-request-id: 42b16c3b-c01e-004e-547f-770248000000
Date: Tue, 25 Apr 2023 14:11:09 GMT
x-ms-version: 2018-03-28
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Length: 205549
Content-Type: text/html

GET
H2 200 equal-housing-lender-logo.png
www3.mtb.com/content/dam/mtb-web/coupon/ 1 KB
2 KB 10ms
9ms Image
image/png 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/dam/mtb-web/coupon/equal-housing-lender-logo.png

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Tue, 25 Apr 2023 13:47:32 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1901
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 1509
last-modified: Wed, 31 Mar 2021 12:58:53 GMT
server: Apache
etag: "5e5-5bed4ad46dd40"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: xwjTaJMX_w6HlZJBO2XOKveJdkx9Pw88BYWvJEVpFJh9E6Z4K0D4dQ==

GET
H2 200 kensington-mural-olb-desktop.jpeg
www3.mtb.com/content/experience-fragments/mtb-web/login_modals/login-v2-fragments/multicultural-communities/_jcr_content/root/columns/col_1/image_copy_867550798_1442900878.coreimg.jpeg/1648140612726/ 111 KB
112 KB 10ms
10ms Image
image/jpeg 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/experience-fragments/mtb-web/login_modals/login-v2-fragments/multicultural-communities/_jcr_content/root/columns/col_1/image_copy_867550798_1442900878.coreimg.jpeg/1648140612726/kensington-mural-olb-desktop.jpeg

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e3600cc522d109bf4d7aeb56960790240e80d9f22f6ae99e9a77d020bdf8f3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Tue, 25 Apr 2023 13:47:33 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1901
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 113904
last-modified: Thu, 24 Mar 2022 16:50:12 GMT
server: Apache
etag: "1bcf0-5daf9a3b7d900"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: lGgntQGz-2PJHVyquSOQbqs8MyE2IXN_w8ujPR9s-xysDFWMgtuDtw==

GET
H2 200 kensington-mural-olb-mobile.jpeg
www3.mtb.com/content/experience-fragments/mtb-web/login_modals/login-v2-fragments/multicultural-communities/_jcr_content/root/columns/col_1/image_copy.coreimg.jpeg/1647887564359/ 15 KB
15 KB 10ms
10ms Image
image/jpeg 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/experience-fragments/mtb-web/login_modals/login-v2-fragments/multicultural-communities/_jcr_content/root/columns/col_1/image_copy.coreimg.jpeg/1647887564359/kensington-mural-olb-mobile.jpeg

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d0ebd4a04dc4040c44e7d68b56fbfcc1dbcccf03de96771a60e26f21a76359a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Tue, 25 Apr 2023 13:22:35 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2913
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 14941
last-modified: Mon, 21 Mar 2022 18:32:44 GMT
server: Apache
etag: "3a5d-5dabeb8e1cb00"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: CEf90vEBJqXZ8SW68re0uYVzb91ZE-Lhr2YWDevRyzSzuqU6LZxg4Q==

GET
H2 200 kensington-mural-olb-desktop.jpeg
www3.mtb.com/content/experience-fragments/mtb-web/login_modals/login-v2-fragments/multicultural-communities/_jcr_content/root/columns/col_1/image_copy_867550798.coreimg.jpeg/1647887633007/ 111 KB
112 KB 11ms
10ms Image
image/jpeg 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/experience-fragments/mtb-web/login_modals/login-v2-fragments/multicultural-communities/_jcr_content/root/columns/col_1/image_copy_867550798.coreimg.jpeg/1647887633007/kensington-mural-olb-desktop.jpeg

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e3600cc522d109bf4d7aeb56960790240e80d9f22f6ae99e9a77d020bdf8f3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Tue, 25 Apr 2023 13:47:34 GMT
x-content-type-options: nosniff
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1901
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 113904
last-modified: Mon, 21 Mar 2022 18:33:53 GMT
server: Apache
etag: "1bcf0-5dabebcfea640"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: aZrX3CulIjILbOA1HevFpTEE-HeJdaWXWQHdC2wL6Dp5TB1v5Bc-cw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ 410 KB
165 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mtverificationtoday.z13.web.core.windows.net/
Origin: https://mtverificationtoday.z13.web.core.windows.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 15:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 15:24:32 GMT

GET
H2 200 utag.40.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 21 KB
7 KB 13ms
13ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.40.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9216faf8baa5f74337f6c07a42453b996034c599b7913de9ce73c3ba675780ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: sJVUrN.zh7jYpPD3BHMS6.vbvhrFW4s9
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:09:01 GMT
last-modified: Mon, 24 Apr 2023 21:25:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 129
x-amz-server-side-encryption: AES256
etag: W/"9ad44f42b12acdf80da095be34261582"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: DSBnlkjX2qCBaT7GyRUUtedBuA_zOp8VUcynF3KVQAk1MZHUOthJBQ==

GET
H2 200 utag.41.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 25 KB
5 KB 13ms
13ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.41.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47d1e5552b824250ce1955d9e8a341ce08493b61e7c6eec521e0181575ee4ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: RepJCMOaX9NmyeHSccdobB0amBYj4g4e
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:09:01 GMT
last-modified: Mon, 24 Apr 2023 21:25:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 129
x-amz-server-side-encryption: AES256
etag: W/"3ac0a5b461d23b7f8c55ff0c15091668"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: wvaV8xdjCRghru7GxgMH6rSCUpxaK2kwRYVw12-ZBo4VJ6drF8huiA==

GET
H2 200 utag.42.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 12ms
12ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.42.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6218a7c915bceffd7a72aff3de7b40332c41141f7233eb74492e52ca765a6f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: d_7FukIT.6LE9dxYzA_FD2xzDcrxceU1
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:07:06 GMT
last-modified: Mon, 24 Apr 2023 21:25:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 244
x-amz-server-side-encryption: AES256
etag: W/"0ba0049e2408b0e9302d69888d0b1a0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 139Snl4k5W30X5y-DsYtkBHHTS2Fg0QWPLG0AwU5dpkmrOsAc4YFPw==

GET
H2 200 utag.43.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 10 KB
3 KB 13ms
13ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.49.202006232100
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 030e358445c75acde2ccd10c3089a2ad10ecce8e55b552727a69e37f762ee592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: IFvxiUFXB3EyFUVOpX306bk.m_snS3ge
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:09:01 GMT
last-modified: Mon, 24 Apr 2023 21:25:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 129
x-amz-server-side-encryption: AES256
etag: W/"10f5be41dbc94c5d3274678ae66273ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: HazDYmjG9wKTkLaNZKYYtuNwquIHCT1ZcauDPID4N56szIjFaiQXPg==

GET
H2 200 utag.44.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 14ms
14ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.44.js?utv=ut4.49.202109282124
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35628a9155ec2033589a3e03951bbbe3f0c08b8f1c539bc1d9d90a07e4835bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: IJcMKXlQMXYq.66Uubl96Bmpc0U8_48l
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:09:01 GMT
last-modified: Mon, 24 Apr 2023 21:25:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 129
x-amz-server-side-encryption: AES256
etag: W/"40ad3738c3bda7394b9e06a1766c023b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 2lZc1KLYbNt_5fSj8HM3IYL92lD5W3XPLBZVHTyjBFJq6a6dqAdMxg==

GET
H2 200 utag.46.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 21 KB
7 KB 13ms
13ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.46.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19f29e53f42c688709d6c008c0e0040052839538f4ec22d9a4399a0edb0c8492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: pQ1M_412HEtLTRprLCoX9mpqm.7PqpQc
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:07:06 GMT
last-modified: Mon, 24 Apr 2023 21:25:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 244
x-amz-server-side-encryption: AES256
etag: W/"7fd27a4985fef50c3c83ee2c25a7fd87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: I396uIL_IGtVhUZ5Mcyz-WyR3Z7MTtLq6Ipm0aDzW84B45cWkaN_jA==

GET
H2 200 utag.47.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 20ms
19ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.47.js?utv=ut4.49.202106282113
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b4160c100ffe8444c43264de3a987c060aee8d5cd60bdfb20584a304c717230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: zmGvf3S35uUXenj.farcczA1orS4CucD
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:09:01 GMT
last-modified: Mon, 24 Apr 2023 21:25:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 129
x-amz-server-side-encryption: AES256
etag: W/"51cfa7ca1811f5578f523dd64dd1c1da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 28yhOC21S5RPt86umbKwKGFQ5RWdWr7_tjbQvhCsSuayawz07mMYZA==

GET
H2 200 utag.70.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 6 KB
2 KB 19ms
19ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.70.js?utv=ut4.49.202302282213
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c790e19cfcaf773a4f7e83832741a1b12ef42c22cc401b6695667d6af4cd6526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: kTC5KiGPrWroE2WtegXtp.uAsbK_FfKW
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:09:01 GMT
last-modified: Mon, 24 Apr 2023 21:25:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 129
x-amz-server-side-encryption: AES256
etag: W/"d1a64d503870ed88c1334b7b35ef0a02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: Unq_rVXcXhwpWhoT9PU7E5QYp7ketV0xy1Uu5rVJKADfcOCtTApANA==

GET
H2 200 utag.76.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 12 KB
4 KB 14ms
14ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.76.js?utv=ut4.49.202212072210
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33880a5ee860fe8051c7547ff2fbb51a0d6ccd5667fa099650a9c03418d4725a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: trH9aCRfhIi66rh7eXjZa8zWLChMVKBV
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:09:01 GMT
last-modified: Mon, 24 Apr 2023 21:25:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 129
x-amz-server-side-encryption: AES256
etag: W/"f2922159c6eed35054a47af4f696550e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: t7P_hR91MUIIqiShsTgcKMQg-BlmLe7FJuz4eO6W5baGN441O4gC2A==

GET
H2 200 utag.190.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 12 KB
4 KB 13ms
13ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.190.js?utv=ut4.49.202301172220
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87f00df6e3b7eb7df370217b91efc6de98176f76d51503e73d7ae4c2c815596e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: R.k8GHamHxyhcbC.NgF8TroUr.u04uCI
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:07:06 GMT
last-modified: Mon, 24 Apr 2023 21:25:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 244
x-amz-server-side-encryption: AES256
etag: W/"5f5ea5a501b6a70159324eaf54fbdd06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: nt-zCh5UOCT9CoKTN-lJfzI0RFf_WmIalh9q1hveNx_YqguLliyS3w==

GET
H2 200 utag.199.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 2 KB
1 KB 17ms
17ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.199.js?utv=ut4.49.202209122156
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98ca2ce3a15eb9b166727abe7f9029cd677e3a624b0e0f9062fac7fb18384eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: MwgSooiaQYR8trBGwCOpEIzXfSYVb.5I
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:08:51 GMT
last-modified: Mon, 24 Apr 2023 21:25:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 139
x-amz-server-side-encryption: AES256
etag: W/"e9b1ad175e64b1d6023359a7ede1f3e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: hDKaW79kkeF5cwStQnah11cNy5xnBnFsQ4Y6MaFaMBA5FG9CK0iWtw==

GET
H2 200 utag.214.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 17 KB
5 KB 17ms
17ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.214.js?utv=ut4.49.202304242124
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3465efb7bd3c4f535c4080685f74fd6c07a564e466e81da341c716389f879258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: c9qpmEobU0jehXC2lHWsSrYqibN4IFsO
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:09:49 GMT
last-modified: Mon, 24 Apr 2023 21:25:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81
x-amz-server-side-encryption: AES256
etag: W/"0001fb930492222f09eab94eafbbbe03"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: LIa-BrkQ2jrcqeAjt6Z1KyRyL3eT5I0vi50XyReLEG_o5RFtzJ1GZg==

GET
H2 200 utag.215.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 19ms
18ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.215.js?utv=ut4.49.202304242124
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d60d0b48103fba37f1a6b024d7026433eff80ace8ecb2655581dc8902e4633f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: FfhuxDj6H5hsRK.4kO2bkor9gryuWVsV
content-encoding: br
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 14:10:25 GMT
last-modified: Mon, 24 Apr 2023 21:25:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 45
x-amz-server-side-encryption: AES256
etag: W/"dd1ce3f7b49f1d9d24e1ac4b36b4672d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: SJLF5Y5wRqUK1hbZs1R_ZvAqXp4wDMR7MFT-G5CNFnEK2QIlPj-Mbw==

GET
H2 200 es-language-icon.svg
www3.mtb.com/content/dam/mtb-web/images/spanish/ 2 KB
1 KB 9ms
9ms Image
image/svg+xml 2600:9000:2057:5e00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/dam/mtb-web/images/spanish/es-language-icon.svg

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7499aeabeaec2141eb24969619174e22263c858d46b42daeed97a6a27c35035d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Apr 2023 14:07:04 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 483
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
content-length: 676
last-modified: Thu, 16 Sep 2021 13:15:46 GMT
server: Apache
etag: "75c-5cc1c9cd66480-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: OFVw128pw1XNFwtvjKjpGenHf0CPnBLVtX6m6JQtrzDYZFjHAT8xaQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5tdQudFL8aA2e97kA4do1NYg+boGPsNXFCQJrF4XWOEf/zzFA6sARuTtED2j58Ljerx7qco6qgOf7Vdxauo/aw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 86ms
22ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:07 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: W7CT8BSMRFASFN0T
age: 3
x-amz-server-side-encryption: AES256
x-amz-id-2: NuBXuc5IsD+BKK+5Dyu40Wn8bA2GSuSJpsf2MEO9rmZPDZ9paN2XGBzt6sNZvp4icQbsCL1iM6I=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 22ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=79415
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 38ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.49.202006232100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230035-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 74ms
52ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 25 Apr 2023 14:11:08 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 48C411ADACED4BDCBB959E558DD22486 Ref B: FRAEDGE1210 Ref C: 2023-04-25T14:11:09Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12048

GET
H2 200 quantum-mtb.js Show response
cdn.quantummetric.com/qscripts/ 300 KB
84 KB 828ms
802ms Script
text/javascript 2606:4700:10::ac43:149e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:149e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6636101f49ff590c837627745911cdae6227e50c8e1c4334e3a9fc797274808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: no-sniff
cf-cache-status: EXPIRED
content-encoding: br
server: cloudflare
etag: W/"168234354668916820187395501682409602558"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray: 7bd72c6f0f573620-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
66 KB 138ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-948713993

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7290447bddcd7b8005a025ab82dedb28aa56addef11f8f80dcc89e403ed02c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67436
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Apr 2023 14:11:09 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 67ms
17ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 452699
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: db8a9afa504671ab5e179eb754f44836

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 15 KB
4 KB 490ms
108ms Script
application/javascript 52.7.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&cb=78267897973938450
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-151-245.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 21915fd3d901f3e1fa904d6fed01a1264d500672ce66cb5d8ac5e8c5a6751ee2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 1
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
430 B 9ms
7ms Script
application/javascript 2600:9000:225e:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtbank/main/202304242124&cb=1682431869272
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Tue, 25 Apr 2023 14:07:07 GMT
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 9fciv67JkhpT--AnipfkiNT7gJGB91x_HgO4eKZ8Iq6K4Ib1NW4I5g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
86 KB 217ms
149ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0

Requested by

Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js?utv=ut4.49.202303152118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6837ddeeff937c4839ddf432fb8448a82e25b13f454755df78ad0fda52bfface

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87735
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Apr 2023 14:11:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 127ms
63ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-875517505

Requested by

Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js?utv=ut4.49.202303152118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2298eda702e34847f97008111a121a79770a1f0b67bcea5e32947df6fead86e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66768
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Apr 2023 14:11:09 GMT

GET
H2 200 tc_imp.gif
obs.segreencolumn.com/tracker/ 43 B
79 B 101ms
101ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001362ecc336eb4f8c949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a118c6a2417071a10acf9f29f67498b8681037f3a4eaf2a7403d23cda67c0516354729654065830075895ec3a4a77be26bb25cb43e2916af05165ad5f2f7a1bda53ec40f4c1d7de3cbb2807ff7ecaa8556d8e0e3143714493d60266a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4968677a0d8d85bee489d5a3f72aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7da0961232e9ddf2268604ff10bbd71bc64fccc678c23c3593912fde6dc386ecf59df3f1477fe425b0bcf92d4d26f9913f82be50eb0102419457459a8d95dcc6ec8e34c32bd388be8574f8717d379f3433c7c5dd5b20d0a472a611e0df589d7ba970575a18c031a9409c89ee79bfc7609452a79fdbd87683550435ac0f4f1d3e483e9fec4593059a8c8764fdcd2bbd872f9adabfb03d9fb7e358766e8ff91e1c9bf7471a03feacba74b62688b40da9b979e338f96ecb41de0689ba20d54d7697f2cb33617b195738014e0ab8fd9e3a8071eb1c1b1d6d81e05dd58a051ee2aa9de6ae66a9ecf8ff84feb3f2484620e64186b7457385436107ca605b7570eb78a97605dfedc161e77cc571cef278dfb21f98650e27280078109dc8e2d3220937de6c25f1a287e5d99d010cc9b6ca6f8add303e818600367bf88fd85029b523865e971ceb21c4109bbd69a1cb65a2dedab8e03e0086f22771c633ffd9a2a1049d7235100d966c4051b9a55791b05db0f399b7308bcfd45a587e41ed66b919b817f2d77b9c592e3d53783926f3508e9d2101e82b91dbaa66888b14d32a11fa462573c1fadb0b46fc25a0cc02d004320956ae7b71d3bddd69d7457ec7c701ab8198a3dc5ec802167144e07d244e8ecf4f0ff82eeda08471d3cffe571e05e2187c5757944e0eb18be44e40cc21249e&cri=8queamr2ly&ts=341&cb=1682431869287
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/66618/domain/mtverificationtoday.z13.web.core.windows.net/ 36 B
368 B 175ms
157ms XHR
application/json 2600:9000:20eb:fa00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/66618/domain/mtverificationtoday.z13.web.core.windows.net/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:fa00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://mtverificationtoday.z13.web.core.windows.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: gzip
via: 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: bwJ7Ht53ycTMJI_qn0DQo3M4wx2fvw_ML8cgiPWZwU-xdzONRqoR2A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1682431869295&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66618%26time%3D1682431869295%26url%3Dhttps%253A%252F%252Fmtverificationtoday.z13....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1682431869295&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1682431869295&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&liSync=true&e_ipv6=AQLgzNm_PIVWiwAAAYe4wQMfjdrzVfFQzmg...

0
265 B

231ms
153ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1682431869295&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&liSync=true&e_ipv6=AQLgzNm_PIVWiwAAAYe4wQMfjdrzVfFQzmgZaJ5g3rHQyLbhMTQAGVg20krhoM4AE4QA2eZQ
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6799BB0BD47C4A468231BC0DBF40F933 Ref B: FRAEDGE1722 Ref C: 2023-04-25T14:11:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6KbH3qYfaXQZWGYEDEg==

Redirect headers

date: Tue, 25 Apr 2023 14:11:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8BE8AFC90F3F40F3BC4E145DE74F7116 Ref B: FRAEDGE1506 Ref C: 2023-04-25T14:11:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66618&time=1682431869295&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&liSync=true&e_ipv6=AQLgzNm_PIVWiwAAAYe4wQMfjdrzVfFQzmgZaJ5g3rHQyLbhMTQAGVg20krhoM4AE4QA2eZQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6KbH0EF9q8dsUxyQzhw==

GET
H2 200 293418718495934 Show response
connect.facebook.net/signals/config/ 150 KB
42 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/293418718495934?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03540b61d0599c04accee5b16d70f36fce196329c76ff6d530279e1975deb796

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KsNyDCuiZtbJgrDihkvwk4DNVIk7fyuWq6N6ySCRYCwGF4NmDGCCMCM2hFJ/2njHRcFJit0kIM1KDVxM/jPCeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
378 B 209ms
185ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=d06e1eb1-e0c1-43b3-86f4-7e3d482105fa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d3b24a73-c720-4c5c-a6c4-39ea399a61e6&tw_document_href=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvk8o&type=javascript&version=2.3.29

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 179
date: Tue, 25 Apr 2023 14:11:08 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 490a4f4a1bcec8df
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d3c78989e86ee34a69e377eb02d3f3fe3be6e4cd1a50918201e114611c0f3043
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 252ms
182ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d06e1eb1-e0c1-43b3-86f4-7e3d482105fa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d3b24a73-c720-4c5c-a6c4-39ea399a61e6&tw_document_href=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvk8o&type=javascript&version=2.3.29

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 175
date: Tue, 25 Apr 2023 14:11:09 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2eebd7db725a094e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: bb2370fe742729b3b33105aed748f73d4496959b3d21041616fa60ac8ccb03dc
content-length: 43

GET
H2 204 331000312.js Show response
bat.bing.com/p/action/ 0
117 B 121ms
120ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/331000312.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 25 Apr 2023 14:11:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 990FE89B2C494D4E9E1CD424BDC8B175 Ref B: FRAEDGE1210 Ref C: 2023-04-25T14:11:09Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=331000312&Ver=2&mid=9968b6e9-c649-4ebc-9873-5832a0639d03&sid=06d0b730e37311edac4dc5907744285e&vid=06d0bc30e37311ed86fbc3116a020281&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&r=&lt=1016&evt=pageLoad&sv=1&rn=890247

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 14:11:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C18A9814D41E4B05B3D8DECFE98D472F Ref B: FRAEDGE1210 Ref C: 2023-04-25T14:11:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
229 B 79ms
79ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=331000312&Ver=2&mid=9968b6e9-c649-4ebc-9873-5832a0639d03&sid=06d0b730e37311edac4dc5907744285e&vid=06d0bc30e37311ed86fbc3116a020281&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=139155

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 14:11:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E8232D26C8524435889CAD2B14CF380C Ref B: FRAEDGE1210 Ref C: 2023-04-25T14:11:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5564484.js Show response
bat.bing.com/p/action/ 0
135 B 132ms
131ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5564484.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 25 Apr 2023 14:11:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D80693CDC9034C2F8DCD6B6E17B7D449 Ref B: FRAEDGE1210 Ref C: 2023-04-25T14:11:09Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
228 B 75ms
75ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5564484&Ver=2&mid=c43f68dc-eb7b-4f45-89eb-b81c07c07454&sid=06d0b730e37311edac4dc5907744285e&vid=06d0bc30e37311ed86fbc3116a020281&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&r=&lt=1016&evt=pageLoad&sv=1&rn=274376

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 14:11:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B13A397DD76349E6A8782E72B92677F8 Ref B: FRAEDGE1210 Ref C: 2023-04-25T14:11:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10087193.json Show response
s.yimg.com/wi/config/ 2 B
448 B 67ms
29ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10087193.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: M1H62D5SY2JDZS1E
age: 2815
content-length: 2
x-amz-id-2: 46ttEOvy5B60P/8CRLr3a1qeAujsoWcvPMZ71Sy8wN4FQIFa+43nBiNdAeEBogLnKVvYtiJCyhs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10108773.json Show response
s.yimg.com/wi/config/ 2 B
254 B 162ms
124ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10108773.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DC1ZCBPM9P3BDYJ8
age: 1
content-length: 22
x-amz-id-2: l86VYpWiSZfdTFwYzOqNXcDHYoCxnUZFSbm7azvd1Ly6MwfWCubpVfA5HREC0N+DdK+6Aao/Rjk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: abGFskx5J5AWff/UogrZ4osTtZqHLJn7FbaGOeOwiGt2S0dF1bXzpGoAIZtWX4F1g5kJmmOk8kVUQpwLJeoOZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 290387871401930 Show response
connect.facebook.net/signals/config/ 150 KB
41 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/290387871401930?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0cb8c1bb697b8381e1bbc8f4ea018a5ba3abf25bffe1642a96b858fb0a0eeea

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: a5fSgwUCdYqTPktvltZNUITwqwM3UiR/BRK7Jz02VkjldBI/LIZwQTu/CswGAOHFcVqXGuJ1xuGDfpT3nHCf/g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=293418718495934&ev=PageView&dl=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&rl=&if=false&ts=1682431869397&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=0&o=28&cs_est=true&fbp=fb.1.1682431869396.489176006&it=1682431869305&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2892 7 KB
1 KB 59ms
58ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly9tdHZlcmlmaWNhdGlvbnRvZGF5LnoxMy53ZWIuY29yZS53aW5kb3dzLm5ldDo0NDM.&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&cb=uajckhywywga

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f681660562134b4690b4f387a6c99b08c33be0c07c73851ce387a9c37a88feb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QthrVT3r6A2hymUPdUmOdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mtverificationtoday.z13.web.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1073
content-security-policy: script-src 'report-sample' 'nonce-QthrVT3r6A2hymUPdUmOdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 14:11:09 GMT
expires: Tue, 25 Apr 2023 14:11:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1994534667524888 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 65ms
65ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1994534667524888?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f2f9b64049f4fd742fd9fdd4f82e43e9ee1b8587330bfa93b5c55ca01e0f370

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jH71yEGMsluR78cKABJVnglXtk+yBXM6K5yg0aGlZqlV3LHL+JbU2lVVHLIuPCnZ0oNAudxJmyK1M4Dy6jHBJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=290387871401930&ev=PageView&dl=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&rl=&if=false&ts=1682431869493&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=0&o=28&cs_est=true&fbp=fb.1.1682431869396.489176006&it=1682431869305&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 2892 55 KB
24 KB 110ms
36ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0uLsfAAAAAF_ME5t3IiKGN8Hq4g0A3Kek1EB3&co=aHR0cHM6Ly9tdHZlcmlmaWNhdGlvbnRvZGF5LnoxMy53ZWIuY29yZS53aW5kb3dzLm5ldDo0NDM.&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&cb=uajckhywywga

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 13:17:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 2892 410 KB
165 KB 127ms
54ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 15:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 15:24:32 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 132ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2025%20Apr%202023%2014%3A11%3A09%20GMT&n=0&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10108773&f=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&enc=UTF-8&yv=1.13.0&et=custom&tagmgr=tealium

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 14:11:09 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 131ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10087193&f=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&enc=UTF-8&yv=1.13.0&tagmgr=tealium

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 14:11:09 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 132ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10108773&f=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&enc=UTF-8&yv=1.13.0&et=custom&tagmgr=tealium

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 14:11:09 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/ 3 KB
2 KB 155ms
75ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/?random=1682431869548&cv=11&fst=1682431869548&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-948713993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a0205d0f1b1cbee2e79d48179872d45c0e119c6593347a1c88f4568be123bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
86 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-948713993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a74cf44a4da6c7be403eae43686e3a88d5f19fc0efcbffba0b0577df5e79acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Apr 2023 14:11:09 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/ 3 KB
1 KB 150ms
89ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=1682431869573&cv=11&fst=1682431869573&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

235814a1c159c1d779712b20825bec5bdb8e123c394130565c5ca3806827f55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1262
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/ 3 KB
1 KB 129ms
77ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=1682431869582&cv=11&fst=1682431869582&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4c718348db691664319059183e35df90a4c5c8e369f5f5ef9ca8acd01527ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/ 3 KB
1 KB 124ms
76ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=1682431869591&cv=11&fst=1682431869591&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab215fcf735dc92becff4347f30116d0ae4a94b38420ed7bb9c58dd13246bb7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/875517505/ 3 KB
2 KB 303ms
76ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/875517505/?random=1682431869595&cv=11&fst=1682431869595&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d2f41f4ec89d8bec95e162a1a596722b9ea56e836af6226825cba2771ffa59e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1604
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 875517505
google.com/pagead/form-data/ 0
0 270ms
44ms Ping
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/875517505?gtm=45be34j0&hn=www.googleadservices.com&did=dYmQxMT&gdid=dYmQxMT&auid=166124252.1682431870&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 204 875517505
google.com/ccm/form-data/ 0
186 B 211ms
45ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/875517505?gtm=45be34j0&hn=www.googleadservices.com&did=dYmQxMT&gdid=dYmQxMT&auid=166124252.1682431870&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875517505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
274 B 183ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZTNQ6ZK8T0&gtm=45je34j0&_p=474482826&_gaz=1&gdid=dYmQxMT&cid=1427996680.1682431870&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682431869&sct=1&seg=0&dl=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&dt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.channelmix_session_id=TNicULwhPxMQhG3l&ep.channelmix_event_id=TNicULwhPxMQhG3l&ep.channelmix_conv_id=TNicULwhPxMQhG3l-TNicULwhPxMQhG3l
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
274 B 183ms
18ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZTNQ6ZK8T0&cid=1427996680.1682431870&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTNQ6ZK8T0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 287ms
62ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTNQ6ZK8T0&cid=1427996680.1682431870&gtm=45je34j0&aip=1&z=1661278292

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=293418718495934&ev=CHEQ&dl=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&rl=&if=false&ts=1682431869656&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=1&o=28&fbp=fb.1.1682431869396.489176006&it=1682431869305&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=290387871401930&ev=CHEQ&dl=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&rl=&if=false&ts=1682431869657&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=1&o=28&fbp=fb.1.1682431869396.489176006&it=1682431869305&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1994534667524888&ev=CHEQ&dl=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&rl=&if=false&ts=1682431869658&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1682431869396.489176006&it=1682431869305&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Apr 2023 14:11:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.google.com/pagead/1p-user-list/948713993/ 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948713993/?random=1682431869548&cv=11&fst=1682431200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2158148598&rmt_tld=0&ipr=y

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948713993/ 42 B
108 B 206ms
52ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948713993/?random=1682431869548&cv=11&fst=1682431200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2158148598&rmt_tld=1&ipr=y

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/875517505/ 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875517505/?random=1682431869591&cv=11&fst=1682431200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=503078677&rmt_tld=0&ipr=y

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/875517505/ 42 B
455 B 175ms
51ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/875517505/?random=1682431869591&cv=11&fst=1682431200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=503078677&rmt_tld=1&ipr=y

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
144 B 103ms
102ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/8032d93d154e4517e5e5e20fa9c27d7b.js?utv=ut4.49.202303152118
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mtverificationtoday.z13.web.core.windows.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
date: Tue, 25 Apr 2023 14:11:09 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 /
www.google.com/pagead/1p-user-list/875517505/ 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875517505/?random=1682431869582&cv=11&fst=1682431200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&data=event%3Dpage_view&fmt=3&is_vtc=1&random=1556388971&rmt_tld=0&ipr=y

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/875517505/ 42 B
108 B 48ms
47ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/875517505/?random=1682431869582&cv=11&fst=1682431200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&data=event%3Dpage_view&fmt=3&is_vtc=1&random=1556388971&rmt_tld=1&ipr=y

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/875517505/ 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875517505/?random=1682431869573&cv=11&fst=1682431200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2294428892&rmt_tld=0&ipr=y

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/875517505/ 42 B
108 B 49ms
48ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/875517505/?random=1682431869573&cv=11&fst=1682431200000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2294428892&rmt_tld=1&ipr=y

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2892 2 KB
2 KB 35ms
35ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 227914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2892 15 KB
16 KB 168ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:24:03 GMT
x-content-type-options: nosniff
age: 229626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:24:03 GMT

GET
H/1.1 200
OK is Show response
52.22.50.55/ 32 B
437 B 397ms
103ms Fetch
text/plain 52.22.50.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://52.22.50.55/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&cb=78267897973938450
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.22.50.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-50-55.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 02347954c566f97837508f5c0c466fca986f6896e23146a687c57c2f736f11e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:10 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2 200 25028cba0dd99983
pixel.sitescout.com/up/ 43 B
267 B 57ms
20ms Image
image/gif 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/25028cba0dd99983?cntr_url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F
Requested by: Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:09 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/875517505/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875517505/?random=694052378&cv=11&fst=1682431869595&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtver...
https://www.google.com/pagead/1p-conversion/875517505/?random=694052378&cv=11&fst=1682431869595&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.we...
https://www.google.de/pagead/1p-conversion/875517505/?random=694052378&cv=11&fst=1682431869595&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web...

42 B
108 B

55ms
55ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/875517505/?random=694052378&cv=11&fst=1682431869595&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFBTZG9nWVFoT2JyXzktUHFyUmpFaVVBbFA4VnIwRkJjYUhmcHJHQjlnZHQzX1NQdHRyQ0J4NWZLTTZRb05PMWppeVJwX2cwGlhDaEVJOFBTZG9nWVFrNUtENUppZWh1V0xBUkl0QUhMSC1YMzNwNjhWT3ljRGNtc3JUTEU4RVhWQ1ZSU2F3WGNybjNQSmM2ZFV2OEM0QXh0M1FKZlJFNkwz&is_vtc=1&ocp_id=fd9HZODKN5abYaKyopgC&cid=CAQSKQBygQiD0PruDGNXY89Y3z1wiYQ3DmR_4H56ysnA4LAXtBgysfv8OPZJ&random=2729936273&ipr=y&prhg=0

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Apr 2023 14:11:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/875517505/?random=694052378&cv=11&fst=1682431869595&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&label=BSiSCJb47pUYEMGsvaED&hn=www.googleadservices.com&frm=0&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&auid=166124252.1682431870&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOFBTZG9nWVFoT2JyXzktUHFyUmpFaVVBbFA4VnIwRkJjYUhmcHJHQjlnZHQzX1NQdHRyQ0J4NWZLTTZRb05PMWppeVJwX2cwGlhDaEVJOFBTZG9nWVFrNUtENUppZWh1V0xBUkl0QUhMSC1YMzNwNjhWT3ljRGNtc3JUTEU4RVhWQ1ZSU2F3WGNybjNQSmM2ZFV2OEM0QXh0M1FKZlJFNkwz&is_vtc=1&ocp_id=fd9HZODKN5abYaKyopgC&cid=CAQSKQBygQiD0PruDGNXY89Y3z1wiYQ3DmR_4H56ysnA4LAXtBgysfv8OPZJ&random=2729936273&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C33C 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: mtverificationtoday.z13.web.core.windows.net
URL: https://mtverificationtoday.z13.web.core.windows.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mtverificationtoday.z13.web.core.windows.net
Referer: https://mtverificationtoday.z13.web.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 14:11:10 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
BLOB 200
OK 426f681e-50dd-4690-b15c-c5b893a2e7cd
https://mtverificationtoday.z13.web.core.windows.net/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mtverificationtoday.z13.web.core.windows.net/426f681e-50dd-4690-b15c-c5b893a2e7cd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b8316930e017c6b91d4521ae4bd7dc38ba57c4e3e7ab3ab3cff3713b1c0d289

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 101ms
101ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mtverificationtoday.z13.web.core.windows.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
date: Tue, 25 Apr 2023 14:11:10 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
16 B 102ms
102ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mtverificationtoday.z13.web.core.windows.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
date: Tue, 25 Apr 2023 14:11:10 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 / Show response
mtb-app.quantummetric.com/ Frame 4518 90 B
932 B 348ms
113ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&t=1682431870265&v=1682431870882&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6d0f5d6acf9f9364326818c9478d475e13f76a4e663d41ff5161e88544106922

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Apr 2023 14:11:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 200 / Show response
mtb-app.quantummetric.com/ Frame 4518 0
666 B 532ms
335ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&t=1682431870265&v=1682431870884&z=1&Q=1&Y=1&X=5e09eb7bd83c4acdce776d6ad32d5140

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Apr 2023 14:11:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 200 / Show response
mtb-app.quantummetric.com/ Frame 4518 28 B
752 B 221ms
221ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?s=b68e36a00c5e4c0416779792eac13f46&H=cf4a0ab2244cf7a844873b28&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 200 / Show response
mtb-app.quantummetric.com/ Frame 4518 0
666 B 113ms
112ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&t=1682431870265&v=1682431871460&H=cf4a0ab2244cf7a844873b28&s=b68e36a00c5e4c0416779792eac13f46&U=49390f7725cd1d76bb8f49713f7d4cc5&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Apr 2023 14:11:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 / Show response
mtb-app.quantummetric.com/ Frame 4518 0
666 B 112ms
112ms XHR
application/json 34.72.33.225
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mtb-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&t=1682431870265&v=1682431871577&H=cf4a0ab2244cf7a844873b28&s=b68e36a00c5e4c0416779792eac13f46&z=1&S=1468&N=8&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.72.33.225 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

225.33.72.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Apr 2023 14:11:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 109ms
109ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mtverificationtoday.z13.web.core.windows.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
date: Tue, 25 Apr 2023 14:11:12 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 hash-check Show response
rl.quantummetric.com/mtb/ Frame 4518 2 B
247 B 373ms
144ms XHR
text/plain 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/mtb/hash-check

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-mtb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Apr 2023 14:11:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
access-control-allow-credentials: true
content-length: 2

OPTIONS
H2 200 hash-check
rl.quantummetric.com/mtb/ Frame 0
0 350ms
112ms Preflight 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/mtb/hash-check

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mtverificationtoday.z13.web.core.windows.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: https://mtverificationtoday.z13.web.core.windows.net
content-length: 0
date: Tue, 25 Apr 2023 14:11:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 739ms
184ms Script
application/javascript 52.37.218.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?shpt=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22shpt%22%3A%22M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%20Mortgages%20%26%20More%20%7C%20M%26T%20Bank%22%2C%22dcm_cid%22%3A%221427996680.1682431870%22%2C%22mntnis%22%3A%2207qIkjOSRhcTQR41L3RuuoX9tcdyLDgS%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getTrackingIdByGA%22%3A%22FAILED%22%2C%22getTrackingIdByOther1%22%3A%22FAILED%22%2C%22getTrackingIdByOther2%22%3A%22FAILED%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1427996680.1682431870&dxver=4.0.0&shaid=34249&plh=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&cb=78267897973938450
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=34249&tdr=&plh=https%3A%2F%2Fmtverificationtoday.z13.web.core.windows.net%2F&cb=78267897973938450
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: cc5a962f54b8b726720ca1cfa8632113709d95c05329039818e43dd6f9781917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtverificationtoday.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:11:13 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 0
connection: close

GET gs
gs.mountain.com/ 0
0

POST mon
obs.segreencolumn.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf

Domain: gs.mountain.com
URL: https://gs.mountain.com/gs

Domain: obs.segreencolumn.com
URL: https://obs.segreencolumn.com/mon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.windows.net/	1969-12-31 23:59:59	Name: at_check Value: true
.windows.net/	1970-01-20 20:06:07	Name: utag_main Value: v_id:0187b8c0ff7900195c0c4788d44303074003506c00b08$_sn:1$_se:1$_ss:1$_st:1682433668794$ses_id:1682431868794%3Bexp-session$_pn:1%3Bexp-session
.windows.net/	1970-01-20 13:31:55	Name: _cq_duid Value: 1.1682431868.BRtDPTAnnYgb9g6G
.windows.net/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1682431868.o2pEJiAgpubZHIRY
.windows.net/	1970-01-20 20:56:31	Name: mbox Value: session#eeabf70fc98d49e398647cad63b03c40#1682433729\|PC#eeabf70fc98d49e398647cad63b03c40.37_0#1745676669
.windows.net/	1970-01-20 11:20:33	Name: mboxEdgeCluster Value: 37
mtverificationtoday.z13.web.core.windows.net/	1970-01-20 11:20:32	Name: cdSessionId Value: 2cf8a6fa-c929-4234-9f99-b0338213d7be
obs.segreencolumn.com/	1970-01-20 19:24:22	Name: cg_uuid Value: 09584c5eab37e7557ecaa5667537cba5
.windows.net/	1970-01-20 11:21:58	Name: _uetsid Value: 06d0b730e37311edac4dc5907744285e
.windows.net/	1970-01-20 20:42:07	Name: _uetvid Value: 06d0bc30e37311ed86fbc3116a020281
.windows.net/	1970-01-20 13:30:07	Name: _fbp Value: fb.1.1682431869396.489176006
.bing.com/	1970-01-20 20:42:07	Name: MUID Value: 21D088E052E166E815BB9A1E533367B5
.linkedin.com/	1970-01-20 12:03:43	Name: UserMatchHistory Value: AQLa_w_HsT_NDgAAAYe4wQHOuOgr1zB6R4ZL8PsPEbcdBF-WR0RBuCmtOdceCZ7IIvERu2Xwdn5KoA
.linkedin.com/	1970-01-20 12:03:43	Name: AnalyticsSyncHistory Value: AQJBN4j32uI82QAAAYe4wQHO7RmQn8M27r5M4RPDHAr16MMG11q0yXgO3Gfp6sHfh6Hv_ajSkv_UoQt1st2v5g
.linkedin.com/	1970-01-20 20:06:07	Name: bcookie Value: "v=2&aeca24cb-e17d-4da4-8c8d-f10216fbf7d6"
.linkedin.com/	1970-01-20 11:21:58	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3002:u=1:x=1:i=1682431869:t=1682518269:v=2:sig=AQFr4ds-4Z65XBaRRta7_QjYUF9DGs-v"
mtverificationtoday.z13.web.core.windows.net/	1970-01-20 11:21:58	Name: ln_or Value: eyI2NjYxOCI6ImQifQ%3D%3D
.t.co/	1970-01-20 20:56:31	Name: muc_ads Value: 329400e4-f800-4747-9ceb-5c9995ed2b65
.windows.net/	1970-01-20 13:30:07	Name: _gcl_au Value: 1.1.166124252.1682431870
.twitter.com/	1970-01-20 20:56:31	Name: personalization_id Value: "v1_go225kVFlhgtjx6d9BNmkA=="
.www.linkedin.com/	1970-01-20 20:06:07	Name: bscookie Value: "v=1&20230425141109f283b632-fc08-4777-8ae4-8202420c1539AQFnpaKYl83pVXFX_v2uPlnoBlouhFR9"
.linkedin.com/	1970-01-20 15:39:43	Name: li_gc Value: MTswOzE2ODI0MzE4Njk7MjswMjEh1BLIeFClREhtfRXPUeZaSEZQofcFv2HfviPyES88Cg==
.windows.net/	1970-01-20 20:56:31	Name: _ga Value: GA1.1.1427996680.1682431870
.windows.net/	1970-01-20 20:56:31	Name: _ga_ZTNQ6ZK8T0 Value: GS1.1.1682431869.1.0.1682431869.60.0.0
.yahoo.com/	1970-01-20 20:06:29	Name: A3 Value: d=AQABBH3fR2QCEKHltK67mZhoAr5sbVwfv2sFEgEBAQEwSWRRZOANyiMA_eMAAA&S=AQAAAteRKEQjs522bhN-MZiSCOo
.doubleclick.net/	1970-01-20 20:42:07	Name: IDE Value: AHWqTUkGFJ51siWsOTf_hpDMsByJxo_O-6G53wzpK1oWqQdM55kILCqnF1R4KZK3
mtb-app.quantummetric.com/	1969-12-31 23:59:59	Name: s Value: b68e36a00c5e4c0416779792eac13f46
mtb-app.quantummetric.com/	1970-01-20 20:06:07	Name: U Value: 49390f7725cd1d76bb8f49713f7d4cc5
.windows.net/	1970-01-20 11:20:33	Name: QuantumMetricSessionID Value: b68e36a00c5e4c0416779792eac13f46
.windows.net/	1970-01-20 20:06:07	Name: QuantumMetricUserID Value: 49390f7725cd1d76bb8f49713f7d4cc5
.mountain.com/	1970-01-20 20:56:31	Name: guid Value: 093ead98-e373-11ed-9499-3d6b8bb99178

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://mtverificationtoday.z13.web.core.windows.net/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff' from origin 'https://mtverificationtoday.z13.web.core.windows.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mtverificationtoday.z13.web.core.windows.net/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff' from origin 'https://mtverificationtoday.z13.web.core.windows.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mtverificationtoday.z13.web.core.windows.net/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff' from origin 'https://mtverificationtoday.z13.web.core.windows.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mtverificationtoday.z13.web.core.windows.net/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf' from origin 'https://mtverificationtoday.z13.web.core.windows.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mtverificationtoday.z13.web.core.windows.net/(Line 1142) Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff' from origin 'https://mtverificationtoday.z13.web.core.windows.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mtverificationtoday.z13.web.core.windows.net/(Line 1952) Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff' from origin 'https://mtverificationtoday.z13.web.core.windows.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/alert_scripts/alert_new_design.css Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
javascript	error	URL: https://mtverificationtoday.z13.web.core.windows.net/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff' from origin 'https://mtverificationtoday.z13.web.core.windows.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
network	error	URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/status.js Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
network	error	URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/charReplace.js Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
network	error	URL: https://mtverificationtoday.z13.web.core.windows.net/content/dam/mtb-web/scripts/axp.js Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
javascript	error	URL: https://mtverificationtoday.z13.web.core.windows.net/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf' from origin 'https://mtverificationtoday.z13.web.core.windows.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api4921.d41.co
bat.bing.com
cdn-0.d41.co
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.quantummetric.com
connect.facebook.net
dx.mountain.com
fonts.gstatic.com
google.com
googleads.g.doubleclick.net
gs.mountain.com
mtb-app.quantummetric.com
mtb.tt.omtrdc.net
mtverificationtoday.z13.web.core.windows.net
ob.segreencolumn.com
obs.segreencolumn.com
pixel.sitescout.com
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
region1.analytics.google.com
rl.quantummetric.com
s.yimg.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.tiqcdn.com
up.pixel.ad
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www3.mtb.com
gs.mountain.com
obs.segreencolumn.com
www3.mtb.com
104.244.42.133
104.244.42.3
13.107.42.14
142.250.186.130
146.75.116.157
178.79.242.16
18.66.122.110
20.60.62.33
2001:4860:4802:32::36
212.82.100.181
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:2057:5e00:b:2146:1340:93a1
2600:9000:20eb:fa00:2:53b2:240:93a1
2600:9000:225e:d400:7:2bfb:7c00:93a1
2600:9000:2490:8c00:18:15b9:5a80:93a1
2606:4700:10::ac43:149e
2606:4700::6810:5514
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9b
2a02:26f0:3500:16::215:148d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.66.3.160
34.72.33.225
52.205.123.249
52.213.243.133
52.22.50.55
52.37.218.4
52.7.151.245
98.98.134.241
02347954c566f97837508f5c0c466fca986f6896e23146a687c57c2f736f11e6
030e358445c75acde2ccd10c3089a2ad10ecce8e55b552727a69e37f762ee592
03540b61d0599c04accee5b16d70f36fce196329c76ff6d530279e1975deb796
08083259bdc1e353f886fcd58e8f6d211cec9103d42f6f7904a0fa9c94d82ed2
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
19f29e53f42c688709d6c008c0e0040052839538f4ec22d9a4399a0edb0c8492
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21915fd3d901f3e1fa904d6fed01a1264d500672ce66cb5d8ac5e8c5a6751ee2
2298eda702e34847f97008111a121a79770a1f0b67bcea5e32947df6fead86e4
235814a1c159c1d779712b20825bec5bdb8e123c394130565c5ca3806827f55c
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2b8316930e017c6b91d4521ae4bd7dc38ba57c4e3e7ab3ab3cff3713b1c0d289
2d60d0b48103fba37f1a6b024d7026433eff80ace8ecb2655581dc8902e4633f
2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22
30b9304828f30962dd12d1f808d9789665a2dba05ed0f8cf00ca867570fef19c
33880a5ee860fe8051c7547ff2fbb51a0d6ccd5667fa099650a9c03418d4725a
3465efb7bd3c4f535c4080685f74fd6c07a564e466e81da341c716389f879258
35628a9155ec2033589a3e03951bbbe3f0c08b8f1c539bc1d9d90a07e4835bed
3a0205d0f1b1cbee2e79d48179872d45c0e119c6593347a1c88f4568be123bbb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f2f9b64049f4fd742fd9fdd4f82e43e9ee1b8587330bfa93b5c55ca01e0f370
3f681660562134b4690b4f387a6c99b08c33be0c07c73851ce387a9c37a88feb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3
47d1e5552b824250ce1955d9e8a341ce08493b61e7c6eec521e0181575ee4ac9
4ab56bfc693e75fbc52de80072dcbcd412efe057dcc099c9b718fb6f85ee129b
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
6478b12ce14ee54a81b92a9f6cb537261e0d42d1ea69b72df78f845e0647bd2d
6837ddeeff937c4839ddf432fb8448a82e25b13f454755df78ad0fda52bfface
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
6b4160c100ffe8444c43264de3a987c060aee8d5cd60bdfb20584a304c717230
6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720
6d0f5d6acf9f9364326818c9478d475e13f76a4e663d41ff5161e88544106922
7146e4edda9b9a7502b1b6935983787c3bba8a34a95cebde1577409a9e33cd54
7290447bddcd7b8005a025ab82dedb28aa56addef11f8f80dcc89e403ed02c6e
7499aeabeaec2141eb24969619174e22263c858d46b42daeed97a6a27c35035d
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
873c8d09b7dc8da369132e741cbe7e5843aa228f191165fe4b5b24babda94c19
87f00df6e3b7eb7df370217b91efc6de98176f76d51503e73d7ae4c2c815596e
8a74cf44a4da6c7be403eae43686e3a88d5f19fc0efcbffba0b0577df5e79acf
8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964
8e871384db61273844b49f88d700929ccbd90dc10022a8997ec3d012fab8cfbc
9216faf8baa5f74337f6c07a42453b996034c599b7913de9ce73c3ba675780ff
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ca2ce3a15eb9b166727abe7f9029cd677e3a624b0e0f9062fac7fb18384eba
99df4a0b4ade4f64d92ac513be1e3102df14fab0855a54602820801c3e2904b3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ab215fcf735dc92becff4347f30116d0ae4a94b38420ed7bb9c58dd13246bb7f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c45301a5b30e55dcea6f61845cf52bbb2843f622af538ddd56caa2f15d556af8
c4c718348db691664319059183e35df90a4c5c8e369f5f5ef9ca8acd01527ed8
c790e19cfcaf773a4f7e83832741a1b12ef42c22cc401b6695667d6af4cd6526
cc5a962f54b8b726720ca1cfa8632113709d95c05329039818e43dd6f9781917
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0ebd4a04dc4040c44e7d68b56fbfcc1dbcccf03de96771a60e26f21a76359a0
d2f41f4ec89d8bec95e162a1a596722b9ea56e836af6226825cba2771ffa59e8
d3031f393f481e7ff2b1c3b5687898027c555769b16bf8022d665f35b38e53ac
d3479e2deff0298feb5b2ef068da686c292f0dddfc43bc728a060a92e428e2b7
d37a24ba2d508b82283588651c66d6412271fd8a358a4e00fdd97028a3be79b3
d6218a7c915bceffd7a72aff3de7b40332c41141f7233eb74492e52ca765a6f5
d6636101f49ff590c837627745911cdae6227e50c8e1c4334e3a9fc797274808
e3600cc522d109bf4d7aeb56960790240e80d9f22f6ae99e9a77d020bdf8f3cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cb8c1bb697b8381e1bbc8f4ea018a5ba3abf25bffe1642a96b858fb0a0eeea
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fd37752730daa7b5b82e5440b851d5e0cad07a0ca4fd65ed6a4219b1f8e5c53b
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

mtverificationtoday.z13.web.core.windows.net Open in urlscan Pro 20.60.62.33 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

90 %HTTPS

56 %IPv6

28 Domains

40 Subdomains

39 IPs

5 Countries

1916 kBTransfer

4997 kBSize

31 Cookies

26 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mtverificationtoday.z13.web.core.windows.net Open in urlscan Pro
20.60.62.33 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

90 %
HTTPS

56 %
IPv6

28
Domains

40
Subdomains

39
IPs

5
Countries

1916 kB
Transfer

4997 kB
Size

31
Cookies

131 HTTP transactions
0 data transactions