authmtb.duckdns.org Open in urlscan Pro
20.97.56.22 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://authmtb.duckdns.org/
Submission: On February 11 via automatic, source openphish (February 11th 2022, 1:00:31 pm UTC) — Scanned from DE

Summary HTTP 164 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 22 domains to perform 164 HTTP transactions. The main IP is 20.97.56.22, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is authmtb.duckdns.org.

This is the only time authmtb.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
6	20.97.56.22 20.97.56.22	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.31.15.140 52.31.15.140	16509 (AMAZON-02) (AMAZON-02)
9	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:fb:... 2a02:26f0:fb::5f65:58d9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.248.23 18.66.248.23	16509 (AMAZON-02) (AMAZON-02)
1	54.81.37.132 54.81.37.132	14618 (AMAZON-AES) (AMAZON-AES)
19	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1	24.75.29.69 24.75.29.69	16490 (MTB) (MTB)
10	2600:9000:225... 2600:9000:2250:fc00:b:2146:1340:93a1	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
24	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:215... 2600:9000:2156:b600:a:6cdf:4440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223f:ba00:1e:54f1:26c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:2250:5c00:13:ab57:d440:93a1	16509 (AMAZON-02) (AMAZON-02)
164	27

6 20.97.56.22 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

authmtb.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.15.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-15-140.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb::5f65:58d9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-23.dus51.r.cloudfront.net

cdn-0.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.37.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-37-132.compute-1.amazonaws.com

api4921.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 24.75.29.69 (United States)

ASN16490 (MTB, US)

onlinebanking.mtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2250:fc00:b:2146:1340:93a1 (United States)

ASN16509 (AMAZON-02, US)

www3.mtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:b600:a:6cdf:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.a79ab95c1589a13f8a4cab612bc71f9f7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:ba00:1e:54f1:26c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.b406929acabac9b095f124c81bdfcf57f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:5c00:13:ab57:d440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.c81358859121583b7adf2ace89cb39f44.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	google.de www.google.de — Cisco Umbrella Rank: 6342	3 KB
24	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
24	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	30 KB
19	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 904	127 KB
13	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 371 cdn.krxd.net — Cisco Umbrella Rank: 1228 consumer.krxd.net — Cisco Umbrella Rank: 1569	267 KB
11	mtb.com onlinebanking.mtb.com — Cisco Umbrella Rank: 97197 www3.mtb.com — Cisco Umbrella Rank: 95398	915 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	307 KB
6	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 796	2 KB
6	duckdns.org authmtb.duckdns.org	185 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 331	11 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	48 KB
2	c81358859121583b7adf2ace89cb39f44.com 1.c81358859121583b7adf2ace89cb39f44.com — Cisco Umbrella Rank: 68235	4 KB
2	b406929acabac9b095f124c81bdfcf57f.com 1.b406929acabac9b095f124c81bdfcf57f.com — Cisco Umbrella Rank: 68260	4 KB
2	a79ab95c1589a13f8a4cab612bc71f9f7.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com — Cisco Umbrella Rank: 68493	4 KB
2	d41.co cdn-0.d41.co — Cisco Umbrella Rank: 14000 api4921.d41.co — Cisco Umbrella Rank: 150128	75 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 439	588 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	458 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	6 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 372	6 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
164	22

	Domain	Requested by
24	www.google.de	authmtb.duckdns.org
24	www.google.com	authmtb.duckdns.org
24	googleads.g.doubleclick.net	authmtb.duckdns.org
19	tags.tiqcdn.com	authmtb.duckdns.org
10	www3.mtb.com	authmtb.duckdns.org www3.mtb.com
9	cdn.krxd.net	authmtb.duckdns.org cdn.krxd.net
8	www.googletagmanager.com	authmtb.duckdns.org
6	sp.analytics.yahoo.com	authmtb.duckdns.org
6	authmtb.duckdns.org	authmtb.duckdns.org
3	bat.bing.com	authmtb.duckdns.org
3	connect.facebook.net	authmtb.duckdns.org
3	consumer.krxd.net	authmtb.duckdns.org cdn.krxd.net
2	1.c81358859121583b7adf2ace89cb39f44.com	www3.mtb.com 1.c81358859121583b7adf2ace89cb39f44.com
2	1.b406929acabac9b095f124c81bdfcf57f.com	www3.mtb.com 1.b406929acabac9b095f124c81bdfcf57f.com
2	1.a79ab95c1589a13f8a4cab612bc71f9f7.com	www3.mtb.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1	px.ads.linkedin.com	authmtb.duckdns.org
1	analytics.twitter.com	authmtb.duckdns.org
1	onlinebanking.mtb.com	authmtb.duckdns.org
1	api4921.d41.co	authmtb.duckdns.org
1	cdn-0.d41.co	authmtb.duckdns.org
1	snap.licdn.com	authmtb.duckdns.org
1	static.ads-twitter.com	authmtb.duckdns.org
1	s.yimg.com	authmtb.duckdns.org
1	www.google-analytics.com	authmtb.duckdns.org
1	www.googleadservices.com	authmtb.duckdns.org
1	beacon.krxd.net	authmtb.duckdns.org
164	26

This site contains links to these domains. Also see Links.

Domain
locations.mtb.com
www.mtb.com
customer.jrni.com
apps.apple.com
play.google.com
ir.mtb.com
www.facebook.com
twitter.com
www.linkedin.com
asset.mtb.com
onlinebanking.mtb.com
webinfoplus.mandtbank.com
myaccountviewonline.com
weborders.brinksinc.com
www.centresuite.com
www.youraccessone.com
www.mtbsupplierpay.com
mtb.com

Subject Issuer	Validity	Valid
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-31` - `2022-03-23`	2 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
onlinebanking.mtb.com Entrust Certification Authority - L1M	`2021-08-03` - `2022-08-26`	a year	crt.sh
www.mtb.com Entrust Certification Authority - L1M	`2022-02-03` - `2022-06-02`	4 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-06` - `2022-06-06`	6 months	crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-21` - `2022-04-03`	a year	crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-21` - `2022-04-07`	a year	crt.sh
*.c81358859121583b7adf2ace89cb39f44.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-21` - `2022-04-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: http://authmtb.duckdns.org/
Frame ID: E2E0C6E9E2362E044B60F02EC3FF8D52
Requests: 151 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 00D12CD5B68612DCFD98435E2F26FDEA
Requests: 4 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: FAE5D3FB317D820B5E1B07D3488071ED
Requests: 4 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: 81460A9C9E1D12FEE034AB6402917886
Requests: 2 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: D2841E35FABF53F707EF5CFA6A7D9104
Requests: 2 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: 6CC8B4F2C2D4951D86F1B03607EE3A75
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

M&T Bank - Personal & Business Banking, Mortgages, & More | M&T BankLockNavigation MenuSearchFacebookTwitterLinkedIn

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

164
Requests

78 %
HTTPS

54 %
IPv6

22
Domains

26
Subdomains

27
IPs

4
Countries

2035 kB
Transfer

5122 kB
Size

13
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://locations.mtb.com/

Search URL Search Domain Scan URL

URL: https://www.mtb.com/help-center/top-banking-tasks/ask-question-submit-feedback
Title: Ask a Question/Submit Your Feedback

Search URL Search Domain Scan URL

URL: https://customer.jrni.com/?client=mtbank
Title: Make an Appointment

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/m-t-mobile-banking/id397761931

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.mtb.mbanking.sc.retail.prod&hl=en

Search URL Search Domain Scan URL

URL: https://ir.mtb.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MandTBank
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/mandt_bank
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/m%26t-bank
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://asset.mtb.com/Documents/html/ESign.htm
Title: ESign Consent

Search URL Search Domain Scan URL

URL: https://onlinebanking.mtb.com/Login/LoginHelp
Title: Help with User ID or Passcode

Search URL Search Domain Scan URL

URL: https://webinfoplus.mandtbank.com/cashplus/
Title: Web InfoPlu$

Search URL Search Domain Scan URL

URL: https://onlinebanking.mtb.com/Login/MTBSignOn
Title: Online Banking

Search URL Search Domain Scan URL

URL: https://myaccountviewonline.com/
Title: Account View

Search URL Search Domain Scan URL

URL: https://weborders.brinksinc.com/
Title: Cash Order

Search URL Search Domain Scan URL

URL: https://www.centresuite.com/Centre/Public/Logon/Index?ReturnUrl=%2fCentre%3fsite%3d2129&site=2129
Title: CentreSuite

Search URL Search Domain Scan URL

URL: https://www.youraccessone.com/1590mtb
Title: AccessOne

Search URL Search Domain Scan URL

URL: https://www.mtbsupplierpay.com/UserLogin/UserLogin.do?ino=mtb
Title: M&T Supplier Pay

Search URL Search Domain Scan URL

URL: https://mtb.com/olb-enroll
Title: Enroll Now

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://bat.bing.com/bat.js HTTP 307
https://bat.bing.com/bat.js

164 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
authmtb.duckdns.org/ 183 KB
184 KB 5366ms
131ms Document
text/html 20.97.56.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 20.97.56.22 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 414beb02948e26f4dc99621b1b83ffa39c87899fcdd25e6e75d0517f9f563c34

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 11 Feb 2022 13:00:23 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 optout_check Show response
beacon.krxd.net/ 73 B
233 B 115ms
37ms Script
text/javascript 52.31.15.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.mtbankcorporationus.kxjsonp_optOutCheck
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.15.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-15-140.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bec3120eb0298bdc01d313d6fc8f754156cffeaf3806a18e3a8a77a136ea5713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:23 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=29 t=1644584423
x-served-by: beacon-n009-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 332 B
557 B 163ms
115ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5fbc882d-fc17-416e-8069-4c0fc55390a2&technographics=1&callback=Krux.ns.mtbankcorporationus.kxjsonp_userdata
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b1fec83f9be2c7704170a91566ea7195565d9ac895dee5deeb113aac41fb16ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a020-ash-prod.krxd.net, cache-hhn4052-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=3600
x-age: 0
accept-ranges: bytes
x-timer: S1644584424.950231,VS0,VE94
content-length: 254
x-cache-hits: 0, 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 124ms
65ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 111ms
48ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3333
date: Fri, 11 Feb 2022 12:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 14:04:52 GMT

GET
H2 200 5fbc882d-fc17-416e-8069-4c0fc55390a2 Show response
consumer.krxd.net/consent/get/ 247 B
436 B 91ms
45ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5fbc882d-fc17-416e-8069-4c0fc55390a2?idt=device&dt=kxcookie&callback=Krux.ns.mtbankcorporationus.kxjsonp_consent_get_0
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 57e3e5ae03a534374ceda8c6b67138f825e60ef752df30bd168df7a23e9b999f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:23 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a009-dub-prod.krxd.net, cache-hhn4055-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644584424.947225,VS0,VE29
content-length: 197
x-cache-hits: 0, 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 199ms
138ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-785909637&l=dataLayer&cx=c

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0df64f926316661d10155f32456520f6b2e3649ca76c95a91393759885b1e7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39547
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 202ms
141ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-344010384&l=dataLayer&cx=c

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdc5082bc0d8aee4d70cf2a24882c2d0936be7b854d1876a6617709c6ed02d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39546
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 121ms
60ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174040385-1&l=dataLayer&cx=c

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3a6fa6f34c1a83e2a745c43cee16d358419527e0c2d80fdd692ad061de2d0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36101
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 163ms
101ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-954895323&l=dataLayer&cx=c

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b163715b0c25210fbad739e9a0ae7200f80fb33aeadf00f23218612cd40c8593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39549
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 176ms
115ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-948713993&l=dataLayer&cx=c

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22c65a6834a4feef53c6fb9023098af4ee64b5ee97871ce873fbde9287dd4668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39548
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 157ms
96ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-994979083&l=dataLayer&cx=c

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fe9e1fbd2d3ae7a05b6a0e823c9c6f4922dfa8d0af9ad979ee1de77d0dc0e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39546
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 148ms
148ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-997504364&l=dataLayer&cx=c

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19b921c1c2b1a6365642326d12c8dcbee9c76ba90f0491a864fddd4e82fdd4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39548
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 38ms
19ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Age: 1171953
x-amz-server-side-encryption: AES256
X-Cache: HIT
Connection: keep-alive
Content-Length: 84509
X-Served-By: cache-hhn4083-HHN
Last-Modified: Mon, 02 Aug 2021 12:06:17 GMT
X-Timer: S1644584425.106751,VS0,VE0
ETag: "a1705c5ac5f06cf0c202ff70908fc042"
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Thu, 31 Jul 2031 12:06:16 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
X-Cache-Hits: 1114293

GET
H2 200 290387871401930 Show response
connect.facebook.net/signals/config/ 41 KB
11 KB 115ms
44ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/290387871401930?v=2.9.52&r=stable

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf17e16e68333ef5819f7d19561adf97b094ff9f7b1d6fc01674a3f3de04a85b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11018
x-xss-protection: 0
pragma: public
x-fb-debug: hKSV5QVREVe/vvEyQOJSXIL8zWzeB5CRC1DAE5V5ln2cZiuHLOKuDc392p2uHWKdxWmQnD57qbZc5wJJSbkstw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Fri, 11 Feb 2022 13:00:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 293418718495934 Show response
connect.facebook.net/signals/config/ 41 KB
11 KB 91ms
45ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/293418718495934?v=2.9.52&r=stable

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5aff7aeba883c09e28b8d81caf7df7bab9810e2f3029b65cc349ab8a356aa72f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11023
x-xss-protection: 0
pragma: public
x-fb-debug: bKmFwhlkq6cdKdRm4hrBAcBBL1UcH9R/lQGDRCloSrjODU35iwPDVptxVKBthyPnuPVg66pFPwdpPE1iG7Wtxg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Fri, 11 Feb 2022 13:00:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 53ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: hLx6mqugW0yr+41mDGFWVGIgXmChfU0KgmqWtca5lhYAwVENqsoJv4+YwfXzN9dAPrReWq95vGkatq2WfOe3fA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Feb 2022 13:00:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 90ms
90ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-990489911

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b0065cf1167cc79c9c1f55294fcd07c21b93662ab01ec6ac717426251636d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39652
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2

200

bat.js Show response
bat.bing.com/
Redirect Chain

http://bat.bing.com/bat.js
https://bat.bing.com/bat.js

36 KB
11 KB

99ms
42ms

Script
application/javascript

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FCF2A99F6AE742378876A1CB69678FDB Ref B: FRAEDGE1406 Ref C: 2022-02-11T13:00:25Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

Redirect headers

Location: https://bat.bing.com/bat.js
Non-Authoritative-Reason: HSTS

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 77ms
18ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 11 Feb 2022 12:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: OmArQWA6083oXFYRwfopoxrnWrL/fBbJX0BOkMyFCS9ba4bou142BmaWg7Vmeahz/urI/TwFhwI=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: ZBNDXAMTJY8RBA8A
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 29ms
14ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://static.ads-twitter.com/uwt.js
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Feb 2022 00:44:37 GMT
Etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
Vary: Accept-Encoding,Host
x-tw-cdn: FT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
X-Cache: HIT, HIT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 5410
X-Served-By: cache-iad-kjyo7100048-IAD, cache-fra19182-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 73ms
18ms Script
application/x-javascript 2a02:26f0:fb::5f65:58d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f65:58d9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=35183
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 tqvdv1ilp.js Show response
cdn.krxd.net/controltag/ 25 KB
5 KB 24ms
17ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tqvdv1ilp.js
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a1d2c24d0bdf57daa4e20bde865546d7e04234db9257a7db9ac103b48f3a262e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 11 Feb 2022 13:00:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 735
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4762
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100151-IAD, cache-hhn4052-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1644584425.095429,VS0,VE1
etag: "7189d5e1924b173bc2d95e51a3e7fa6cc80b5e12"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H/1.1 200
OK dnb_coretag_v5.min.js Show response
cdn-0.d41.co/tags/ 74 KB
75 KB 61ms
19ms Script
application/javascript 18.66.248.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-0.d41.co/tags/dnb_coretag_v5.min.js
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 18.66.248.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-23.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 12:55:53 GMT
Via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Nov 2021 14:57:39 GMT
Server: AmazonS3
Age: 273
ETag: "13bc1e6c74c25b3098a3b54b58b70b3c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 76038
X-Amz-Cf-Id: JwH3p3gyfW-RYiXkM3yOsWhuXHR0SXyeEANxof-QCMu3uukhYPrWiQ==

GET
H/1.1 204
No Content / Show response
api4921.d41.co/sync/ 0
738 B 286ms
111ms Script
text/plain 54.81.37.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://api4921.d41.co/sync/

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

HTTP/1.1

Server

54.81.37.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-81-37-132.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 13:00:25 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: http://authmtb.duckdns.org
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 48 KB
12 KB 752ms
745ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4b91b45b60834fa569c19b7b081acf4f970c728c13a18b3ad437c003617afd5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: gzip
last-modified: Fri, 04 Feb 2022 22:20:19 GMT
server: AkamaiNetStorage
etag: "c08caa85238b19efb3b7e75b18384d70:1644013219.806652"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 11841
expires: Fri, 11 Feb 2022 13:05:25 GMT

GET
H/1.1 200
OK mtb_app_wbk.js Show response
onlinebanking.mtb.com/Assets/js/ 240 KB
139 KB 566ms
112ms Script
application/javascript 24.75.29.69
MTB

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.75.29.69 , United States, ASN16490 (MTB, US),
Reverse DNS
Software: /
Resource Hash: 8a7a7cb1bd84dee53ddedca148062b50d05cf67144476baf6023787461a727c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 13:00:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
X-Ion-Hop: 1
Expires: 0

GET
H2 200 clientlib-base.css
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/ 374 KB
51 KB 127ms
28ms Stylesheet
text/css 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7c00070631d43a26a951a71a89d531b0e3a7473cfcca08c4b08090ec4d0901e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Fri, 11 Feb 2022 12:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 761
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
vary: Accept-Encoding
content-length: 51356
last-modified: Tue, 14 Dec 2021 22:27:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "5d782-5d322b135dfc0-gzip"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css;charset=utf-8
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: max-age=3600, public, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: 21nVj3naR_B3x-iKWYXy3Lew5GDS8bTozkVfwCzLHNYZYJg7BMhw8g==

GET
H2 200 vendor.js Show response
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/ 189 KB
59 KB 510ms
411ms Script
application/javascript 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/vendor.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1d727a0b4bbf95539bf95ff63e3b8fe5c382a8046c9edb2dbaea3498bb57855c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish
x-cache: Miss from cloudfront
content-disposition: inline
vary: Accept-Encoding
last-modified: Tue, 09 Mar 2021 22:44:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2f4cd-5bd224c1c15c0-gzip"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript;charset=utf-8
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: max-age=3600, public, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: 3j49S82arudyL7pVAONvjSWreZZfTx_FpZH4S_4BFXggJZwXNutdiw==

GET
H2 200 clientlib-header.js Show response
www3.mtb.com/etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/ 2 KB
1 KB 123ms
24ms Script
application/javascript 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/axp-common/components/content/disclosure/v1/disclosure/clientlib-header.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

572335ead369a8439ef6aaafb0d894d576094c410174814cd9d874895ff96abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Fri, 11 Feb 2022 12:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 761
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
vary: Accept-Encoding
content-length: 883
last-modified: Tue, 23 Nov 2021 22:48:54 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "9b1-5d17c8bbb2180-gzip"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript;charset=utf-8
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: max-age=3600, public, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: nIishNC2-5LSzcXnrHwyxQu2AHDYsjB8C5oTXaDg6efGs2ZA0n54yA==

GET mandtbaltoweb-book.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-light.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-medium.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-bold.otf
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 79 KB
28 KB 383ms
344ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9e7afe6357698c49568d5e7fdc93bba8232b95fc36e53f5d25e202f298f238e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
last-modified: Fri, 04 Feb 2022 22:20:19 GMT
server: AkamaiNetStorage
etag: "45bb77f513d1b2f0b69e07f0015b87ad:1644013219.979698"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 28740
expires: Fri, 11 Feb 2022 13:05:24 GMT

GET
H/1.1 200
OK utag.30.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 69 KB
24 KB 93ms
79ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.30.js?utv=ut4.48.202201271417
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a84ba27234d4fb254d3a0ab3915d594364a78721fcb09d4de71021ac21902cd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 14:17:19 GMT
Server: AkamaiNetStorage
ETag: "0e886ce926dc4623e18dca9d77a9af50:1643293039.747188"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24288
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.20.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 3 KB
2 KB 31ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.20.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b49f818ca5b5923505dd79d707f456c43954edc3f7af96f266e68e989e88a48d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:17:35 GMT
Server: AkamaiNetStorage
ETag: "d01df1984ce94336735ec6258078a406:1626275855.555116"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1350
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.40.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 21 KB
7 KB 35ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.40.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 79b6fead7c4a43f10b08e11f3cb2dc4dd327e4c6e78e64d75b429e5cf1e40ced

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:17:37 GMT
Server: AkamaiNetStorage
ETag: "6aee8d06fa7d12e85e22f7f753800b16:1626275857.080324"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7112
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.41.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 25 KB
5 KB 31ms
16ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.41.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f24759040466b1ece341bc80e69bb8d33ccb631b1f5101f1532b1363adcea90d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:17:41 GMT
Server: AkamaiNetStorage
ETag: "5f41a2ce184115ea955a7b55e5e903e9:1626275861.298481"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4594
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.42.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 34ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.42.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 491e9638801840db60c83d038f7e02712f35e15d5bd53edc45a6e9ec783a7ab5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:17:43 GMT
Server: AkamaiNetStorage
ETag: "e5507c033367f75f18a3ce9ec9bdbc2e:1626275863.439287"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1362
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.43.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 10 KB
3 KB 19ms
18ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.43.js?utv=ut4.48.202006232100
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0d5ebfe1a572fbfd6bb9930df03c417f1bb6790fbea6c0a3811b8394b6f43b08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Sep 2020 17:01:24 GMT
Server: AkamaiNetStorage
ETag: "b78d8a73ab9e8e23cbc705cfb7a6f173:1599843684.929965"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2360
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.44.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 20ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.44.js?utv=ut4.48.202109282124
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e239a8c9eee9bb8cad251218da62dcdecb90cd57531dac58e7b430914b6b8584

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Sep 2021 21:25:19 GMT
Server: AkamaiNetStorage
ETag: "9d78a66a7845aeb5635e0abca2b5839c:1632864319.857683"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1787
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.45.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 11 KB
4 KB 49ms
48ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.45.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e081f20187ff71b0e1b57157d3b0dd965235c5a15c64f8934f7cb3dc39422051

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:17:37 GMT
Server: AkamaiNetStorage
ETag: "0c86f1683869e7b82ca4adbdefea005c:1626275857.591997"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3523
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.46.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 21 KB
7 KB 34ms
27ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.46.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ae60ac0770fd05a15346016e91cfa4ebff75c54e81ae327e5c4de2a4db6404f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:17:38 GMT
Server: AkamaiNetStorage
ETag: "efe16448e3a96b99605f09498f231fd4:1626275858.022841"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7113
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.47.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 4 KB
2 KB 27ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.47.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 01762df479ae04d2d7842b5826ffd4a3f6d164addbbc380f88a0e66b62393ff5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:17:39 GMT
Server: AkamaiNetStorage
ETag: "1814e80368864455bdf5ac0442601c31:1626275859.169676"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1362
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.48.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 11 KB
4 KB 19ms
18ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.48.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: befd77bc402760199228179cc7955f48d2ec812df25a2949890b54a4ebcf6f87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:17:41 GMT
Server: AkamaiNetStorage
ETag: "1194b53518e12bb76ac240140dd3db71:1626275861.793472"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3524
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.49.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 11 KB
4 KB 25ms
25ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.49.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2bfd59f2378fb766943cf1ba7a2d2f9cd966bf60cf0cfbb39bdc5298614b0d29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:17:36 GMT
Server: AkamaiNetStorage
ETag: "0bd7ce75a2105d5619a0f3395be99158:1626275856.071479"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3524
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.58.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 20 KB
6 KB 25ms
25ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.58.js?utv=ut4.48.202109282124
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0b7a6c8f838e7dcc8c50cfca8513f6aeeb0a3f36aa733b9a22fbb7f47e6e2070

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Sep 2021 21:25:20 GMT
Server: AkamaiNetStorage
ETag: "5bf2523f73497c382bfa078a6dd03a2a:1632864320.050723"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5388
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.76.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 11 KB
4 KB 48ms
47ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.76.js?utv=ut4.48.202106282113
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 323293c2e2f83b1eb73483b8dff2f4e8ab1acab39393a3759a59591dc6478117

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 21:13:48 GMT
Server: AkamaiNetStorage
ETag: "ddd2175549f5b82a0d78b87b0f6d4e97:1624914828.076653"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3524
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.84.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 11 KB
4 KB 17ms
16ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.84.js?utv=ut4.48.202109282124
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d98eadc35f8560ee479b52519edca4f91784ab8b71f3da4a935cb30f617bec54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Sep 2021 21:25:17 GMT
Server: AkamaiNetStorage
ETag: "13b1727a01041bc27a6eb1b3def7ad19:1632864317.327234"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3524
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.96.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 11 KB
4 KB 17ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.96.js?utv=ut4.48.202109282124
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99604bd8293401d122465b1f286189bfc9d4eafa0105636de384eb64c2089316

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Sep 2021 21:25:21 GMT
Server: AkamaiNetStorage
ETag: "7daaee315a2d0aa63c272baae35f8e55:1632864321.64092"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3524
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H/1.1 200
OK utag.129.js Show response
tags.tiqcdn.com/utag/mtbank/main/prod/ 11 KB
4 KB 40ms
40ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/mtbank/main/prod/utag.129.js?utv=ut4.48.202109162105
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c94e069162bef47ec52dde36d66863f77b9066d27229dc26a2cea5a93c78ff49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Sep 2021 21:05:59 GMT
Server: AkamaiNetStorage
ETag: "426876ca9622025750a0ef964ed87f2a:1631826359.095275"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3524
Expires: Sat, 26 Feb 2022 13:00:25 GMT

GET
H2 204 5564484.js Show response
bat.bing.com/p/action/ 0
201 B 210ms
156ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5564484.js
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 11 Feb 2022 13:00:24 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC01B9ED1F2F4F4EBFB426E78E3BDF84 Ref B: FRAEDGE1406 Ref C: 2022-02-11T13:00:25Z
x-cache: CONFIG_NOCACHE

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/ 2 KB
1 KB 76ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1644355187701&cv=9&fst=1644355187701&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

970414240343e5a3f0fddd37923eb527f50ddefc9146a5a74e5d03989482c34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/997504364/ 2 KB
1 KB 77ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/997504364/?random=1644355187776&cv=9&fst=1644355187776&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1f5d0a67330ff85d5b6d669317fd45539056c1d5d6e33847371ab671283373d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1078
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994979083/ 2 KB
2 KB 73ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994979083/?random=1644355187784&cv=9&fst=1644355187784&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd4f66b3003be24e0f0ed65e24d9ce634ab1dea6f112d0da9fd3812024040790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/ 2 KB
1 KB 93ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/?random=1644355187789&cv=9&fst=1644355187789&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6297f01aee2bd41279f9eb689fa3e101e10877e5445b5a1f1913f1600ba4428d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/954895323/ 2 KB
1 KB 91ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954895323/?random=1644355187793&cv=9&fst=1644355187793&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d75d34a3ae5eea46f85411645231413c6e0a474a7b0fa10d4f696a1848710ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/344010384/ 2 KB
1 KB 92ms
49ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/344010384/?random=1644355187797&cv=9&fst=1644355187797&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53017e3ff27f7c4cc5042bd05a54ad2fd1767caaea39959ee3d8cf69a761fd0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/ 2 KB
1 KB 92ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/?random=1644355187801&cv=9&fst=1644355187801&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

856458e3fea6bc61f6bd33e73f8e46124a55d2ece4e763ba69a062931ea08379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1078
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/ 2 KB
1 KB 89ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/?random=1644355187802&cv=9&fst=1644355187802&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3509e0ddc57ccc52c9fe60dd09d25972435ef7389d03631c61c830c1dca35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/ 2 KB
1 KB 90ms
49ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1644355211176&cv=9&fst=1644355211176&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

461f2e5ca80c2444754ae1c2848bb5d54fa36fddca1c187fa2f17464f1863080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/997504364/ 2 KB
1 KB 89ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/997504364/?random=1644355211186&cv=9&fst=1644355211186&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5245979e33f9b51f0086bc7f3bbce383ebb39625b0631a54dec8799da6477c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994979083/ 2 KB
1 KB 89ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994979083/?random=1644355211191&cv=9&fst=1644355211191&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3032a3292747992196025ad31aba0c79dcaeccbe9487360b0ae6682841662c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/ 2 KB
1 KB 92ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/?random=1644355211197&cv=9&fst=1644355211197&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1335707c023004beca0db992c2cadb9dce14801311999171baedb4d2322719c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/954895323/ 2 KB
1 KB 87ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954895323/?random=1644355211201&cv=9&fst=1644355211201&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec432c22109b8c5fe75d8a5ec125fa0c12add373869c59dab0ee4c8fd9d3dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/344010384/ 2 KB
1 KB 93ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/344010384/?random=1644355211206&cv=9&fst=1644355211206&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1bba7724c25cf53ba734b40a45fa3a7cf4c67e3a79df96c57e0d5d021f3f755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/ 2 KB
1 KB 93ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/?random=1644355211211&cv=9&fst=1644355211211&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e194c6673a75bbce3d5940613f949239f869ce27a61703e771e80e1c4093d4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/ 2 KB
1 KB 92ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/?random=1644355211213&cv=9&fst=1644355211213&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28cb833f4359fe7dd0349350d6ea6a722091603114c1b4c32afb8930ac418bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/ 2 KB
1 KB 93ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990489911/?random=1644355214596&cv=9&fst=1644355214596&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af4379b04744368ff05504efd4fb922e2a4befd674179ac59e29aeb8067e7aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/997504364/ 2 KB
1 KB 70ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/997504364/?random=1644355214599&cv=9&fst=1644355214599&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565270b647ad2f3f587e99c1db98d121a3bcdf140526f48729672b2fda62c0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994979083/ 2 KB
1 KB 95ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994979083/?random=1644355214602&cv=9&fst=1644355214602&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682d82dccb22a6d4ea67d9a06e3b7180e9624c695612bee794bf913f2af27c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/ 2 KB
1 KB 73ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948713993/?random=1644355214605&cv=9&fst=1644355214605&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f87415d67a116e364fe00c63d6f07692ed2f68f74b8b9df15438236875d8fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/954895323/ 2 KB
1 KB 74ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954895323/?random=1644355214607&cv=9&fst=1644355214607&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f821e785179210833b33a0b9138aa5cd7b499f14cab13a327683415358cd00a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/344010384/ 2 KB
1 KB 73ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/344010384/?random=1644355214611&cv=9&fst=1644355214611&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e28c0393a3697df6d22cc4dae8fb37c032754f23fd47983b8953b134883e4710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/ 2 KB
1 KB 83ms
44ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/?random=1644355214613&cv=9&fst=1644355214613&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0c1060d2afb6fb53a5b01afcecaf6b876f7effa231de795b375c5d929a5ac52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/ 2 KB
1 KB 73ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/785909637/?random=1644355214615&cv=9&fst=1644355214615&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcd1693fb95152e98f276b924db6bca55e7fde7cd98da920a8c5da413f305375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found es-language-icon.svg
authmtb.duckdns.org/content/dam/mtb-web/images/spanish/ 315 B
315 B 131ms
131ms Image
text/html 20.97.56.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://authmtb.duckdns.org/content/dam/mtb-web/images/spanish/es-language-icon.svg
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 20.97.56.22 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found green-logo.png
authmtb.duckdns.org/content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/ 315 B
315 B 245ms
129ms Image
text/html 20.97.56.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://authmtb.duckdns.org/content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/green-logo.png
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 20.97.56.22 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found top10bb.png
authmtb.duckdns.org/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/ 315 B
315 B 252ms
130ms Image
text/html 20.97.56.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://authmtb.duckdns.org/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/top10bb.png
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 20.97.56.22 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found excellence-2019.jpeg
authmtb.duckdns.org/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.jpeg/1612991529802/ 315 B
315 B 302ms
173ms Image
text/html 20.97.56.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://authmtb.duckdns.org/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.jpeg/1612991529802/excellence-2019.jpeg
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 20.97.56.22 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found mtb-icon-mortgage-2c-cmyk.png
authmtb.duckdns.org/content/dam/mtb-web/images/icons/ 315 B
315 B 281ms
159ms Image
text/html 20.97.56.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://authmtb.duckdns.org/content/dam/mtb-web/images/icons/mtb-icon-mortgage-2c-cmyk.png
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: HTTP/1.1
Server: 20.97.56.22 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 13:00:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 alert_new_design.css
www3.mtb.com//content/dam/mtb-web/scripts/alert_scripts/ 2 KB
1 KB 26ms
25ms Stylesheet
text/css 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com//content/dam/mtb-web/scripts/alert_scripts/alert_new_design.css

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b5c4f84863e8dae702e1fe95afde0694076e896b6dca5b895749bfcf2736ba68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Fri, 11 Feb 2022 12:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3529
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
vary: Accept-Encoding
content-length: 764
last-modified: Mon, 25 Oct 2021 13:54:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "8c9-5cf2db47b2300-gzip"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: 00c28cVHSuuXawwQFM6g6tMnm8zumals4xCDGFp3TiDj04YJBrmcUw==

GET
H2 200 allAlertobject.js Show response
www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/ 17 KB
3 KB 18ms
17ms Script
application/javascript 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

4ad05c13b13437edb6bfdf7f9993afe186b16d474912125de1f657fb8cdbde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 761
x-vhost: publish
x-cache: Hit from cloudfront
date: Fri, 11 Feb 2022 12:50:41 GMT
content-disposition: inline
content-length: 2197
last-modified: Fri, 14 Jan 2022 21:02:17 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "4300-5d5911e302840-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: Hs69omHYaWJzOp-Dfb4EGl6P-dQ1b9ztNtWuExMU-LICymnZr1c6DA==

GET
H2 200 status.js Show response
www3.mtb.com/content/dam/mtb-web/scripts/ 6 KB
2 KB 407ms
406ms Script
application/javascript 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/content/dam/mtb-web/scripts/status.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

099623841921ed1a5c7059f47ba54f002d862c33c43ae5dc77e485503d603071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish
x-cache: Miss from cloudfront
content-disposition: inline
vary: Accept-Encoding
content-length: 1828
last-modified: Fri, 14 Jan 2022 21:05:05 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "16f0-5d5912833a240-gzip"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: dGnCHO6nFJUqRo5w762KwnzRCIeK9_43oezXfoAyan58yDn8Dj-23A==

GET
H2 200 charReplace.js Show response
www3.mtb.com/content/dam/mtb-web/scripts/ 2 KB
1 KB 21ms
21ms Script
application/javascript 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/content/dam/mtb-web/scripts/charReplace.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

349fcbc04454df744fd82c5e90f76cc8d7d406daad8a3ce2733228ea97362b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 761
x-vhost: publish
x-cache: Hit from cloudfront
date: Fri, 11 Feb 2022 12:50:41 GMT
content-disposition: inline
content-length: 510
last-modified: Mon, 08 Nov 2021 13:21:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "677-5d046deb14180-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: vYdAAhxFkMrY7gy-v3tnoadeGWC5ScbouXu_id-R7gUBNkavIOECfg==

GET
H2 200 cdsession.js Show response
www3.mtb.com/content/dam/mtb-web/scripts/ 605 KB
114 KB 21ms
15ms Script
application/javascript 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

302462d4283c45e7405dcaf5036c9f1e34982c47baaa0a39c2b45e6cb9a203f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 751
x-vhost: publish
x-cache: Hit from cloudfront
date: Fri, 11 Feb 2022 12:50:41 GMT
content-disposition: inline
last-modified: Fri, 04 Feb 2022 16:45:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "974c5-5d733fbb80b80-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: A_tV-InXcBebYEEpYTrVzlo0k1nj-uz_W4TYSDyeSJdCw5Y5RuDeYw==

GET
H2 200 clientlib-base.js Show response
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/ 393 KB
96 KB 43ms
34ms Script
application/javascript 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1bca59593bd66b189014cbf7df54ff5758a09d5203a2e51025c441deec8a68bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Fri, 11 Feb 2022 12:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 750
x-vhost: publish
x-cache: Hit from cloudfront
content-disposition: inline
vary: Accept-Encoding
last-modified: Tue, 14 Dec 2021 22:38:56 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "623e4-5d322dac14000-gzip"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript;charset=utf-8
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: max-age=3600, public, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: ECkSTZntKVSSg2JH1Jt6lq3zBx7HWQC8jC2uyxyglOf8qEdEO8BH1g==

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
715 B 146ms
47ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2008%20Feb%202022%2021%3A19%3A47%20GMT&n=-1&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2F&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
328 B 150ms
58ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10087193&f=https%3A%2F%2Fwww3.mtb.com%2F&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&tagmgr=tealium

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
328 B 123ms
59ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2F&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 204 0
bat.bing.com/action/ 0
150 B 45ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5564484&Ver=2&mid=fd087e28-609a-4426-a502-3e2b3120ee6e&sid=cdfa83e0892411ecb85d090a44cb805f&vid=cdfa98f0892411ecae5965e1dd72994f&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=fr&sw=1920&sh=1080&sc=24&tl=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking,%20Mortgages,%20%26%20More%20%7C%20M%26T%20Bank&p=https%3A%2F%2Fwww3.mtb.com%2F&r=https%3A%2F%2Fwww3.mtb.com%2F&lt=2690&evt=pageLoad&msclkid=N&sv=1&rn=834455
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 48E09F7DBA764209A8E89D581C8B33E6 Ref B: FRAEDGE1406 Ref C: 2022-02-11T13:00:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
458 B 172ms
135ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a87e9e81-589e-492b-8c62-24ad3805ac2f&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 115
date: Fri, 11 Feb 2022 13:00:24 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5a16fbc8812cba2d1debdf61c342ca293a66175a94728e60c762e7187decd54a
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
328 B 74ms
61ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2F&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
79 B 45ms
44ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
79 B 46ms
45ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2F&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&tagmgr=tealium%2Cgtm

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 11 Feb 2022 13:00:25 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/990489911/ 42 B
108 B 137ms
89ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/990489911/?random=1644355187701&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=960497137&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/990489911/ 42 B
108 B 138ms
93ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/990489911/?random=1644355187701&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=960497137&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/997504364/ 42 B
108 B 134ms
96ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/997504364/?random=1644355187776&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=3007125327&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/997504364/ 42 B
548 B 123ms
87ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/997504364/?random=1644355187776&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=3007125327&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/994979083/ 42 B
548 B 122ms
86ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994979083/?random=1644355187784&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=132445307&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/994979083/ 42 B
108 B 121ms
88ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994979083/?random=1644355187784&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=132445307&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948713993/ 42 B
108 B 93ms
89ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948713993/?random=1644355187789&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2595261250&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948713993/ 42 B
108 B 101ms
98ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948713993/?random=1644355187789&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2595261250&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/954895323/ 42 B
108 B 93ms
90ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/954895323/?random=1644355187793&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=269512717&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/954895323/ 42 B
108 B 102ms
99ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/954895323/?random=1644355187793&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=269512717&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/344010384/ 42 B
108 B 96ms
93ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/344010384/?random=1644355187797&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=217846123&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/344010384/ 42 B
108 B 94ms
90ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/344010384/?random=1644355187797&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=217846123&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/785909637/ 42 B
108 B 97ms
93ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/785909637/?random=1644355187801&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1754606179&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/785909637/ 42 B
108 B 102ms
99ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/785909637/?random=1644355187801&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1754606179&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/785909637/ 42 B
108 B 92ms
89ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/785909637/?random=1644355187802&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2657823918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/785909637/ 42 B
108 B 136ms
133ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/785909637/?random=1644355187802&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2657823918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/990489911/ 42 B
108 B 147ms
144ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/990489911/?random=1644355211176&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1404199108&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/990489911/ 42 B
108 B 137ms
134ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/990489911/?random=1644355211176&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1404199108&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/997504364/ 42 B
108 B 130ms
127ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/997504364/?random=1644355211186&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=3834098779&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/997504364/ 42 B
108 B 137ms
134ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/997504364/?random=1644355211186&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=3834098779&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/994979083/ 42 B
108 B 148ms
144ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994979083/?random=1644355211191&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=475915954&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/994979083/ 42 B
108 B 136ms
133ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994979083/?random=1644355211191&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=475915954&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948713993/ 42 B
108 B 145ms
142ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948713993/?random=1644355211197&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1339957628&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948713993/ 42 B
108 B 136ms
133ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948713993/?random=1644355211197&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1339957628&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/954895323/ 42 B
108 B 146ms
142ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/954895323/?random=1644355211201&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2029532067&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/954895323/ 42 B
108 B 142ms
139ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/954895323/?random=1644355211201&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2029532067&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/344010384/ 42 B
108 B 144ms
141ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/344010384/?random=1644355211206&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2621319850&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/344010384/ 42 B
108 B 143ms
140ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/344010384/?random=1644355211206&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2621319850&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/785909637/ 42 B
108 B 130ms
127ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/785909637/?random=1644355211211&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2205216087&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/785909637/ 42 B
108 B 137ms
134ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/785909637/?random=1644355211211&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2205216087&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/785909637/ 42 B
108 B 148ms
145ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/785909637/?random=1644355211213&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=108844399&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/785909637/ 42 B
108 B 142ms
139ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/785909637/?random=1644355211213&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=108844399&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/990489911/ 42 B
108 B 145ms
142ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/990489911/?random=1644355214596&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1824978631&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/990489911/ 42 B
108 B 144ms
141ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/990489911/?random=1644355214596&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1824978631&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/997504364/ 42 B
108 B 146ms
143ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/997504364/?random=1644355214599&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=879501178&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/997504364/ 42 B
108 B 142ms
139ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/997504364/?random=1644355214599&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=879501178&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/994979083/ 42 B
108 B 130ms
128ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994979083/?random=1644355214602&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1979835369&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/994979083/ 42 B
108 B 141ms
138ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994979083/?random=1644355214602&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=1979835369&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948713993/ 42 B
108 B 131ms
128ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948713993/?random=1644355214605&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=4091443518&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948713993/ 42 B
108 B 143ms
140ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948713993/?random=1644355214605&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=4091443518&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/954895323/ 42 B
108 B 146ms
143ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/954895323/?random=1644355214607&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=3303229899&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/954895323/ 42 B
108 B 137ms
134ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/954895323/?random=1644355214607&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=3303229899&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/344010384/ 42 B
108 B 130ms
128ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/344010384/?random=1644355214611&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2013104932&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/344010384/ 42 B
108 B 141ms
138ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/344010384/?random=1644355214611&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2013104932&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/785909637/ 42 B
108 B 130ms
127ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/785909637/?random=1644355214613&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2540151683&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/785909637/ 42 B
108 B 140ms
138ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/785909637/?random=1644355214613&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2540151683&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/785909637/ 42 B
108 B 147ms
144ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/785909637/?random=1644355214615&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2357080711&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/785909637/ 42 B
108 B 143ms
140ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/785909637/?random=1644355214615&cv=9&fst=1644354000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1050&u_aw=1920&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa270&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww3.mtb.com%2F&ref=https%3A%2F%2Fwww3.mtb.com%2F&tiba=M%26T%20Bank%20-%20Personal%20%26%20Business%20Banking%2C%20Mortgages%2C%20%26%20More%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=2357080711&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 13:00:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asian-lunar-new-year-2022-olb-desktop.jpg
www3.mtb.com/content/dam/mtb-web/images/olb-modal/ 447 KB
448 KB 60ms
60ms Image
image/jpeg 2600:9000:2250:fc00:b:2146:1340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.mtb.com/content/dam/mtb-web/images/olb-modal/asian-lunar-new-year-2022-olb-desktop.jpg

Requested by

Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:fc00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

aa8254fc8bc2f7de9abb38ad79af79fe3d9deb1a47cb33dfec41b2487e6b5ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3529
x-vhost: publish
x-cache: Hit from cloudfront
date: Fri, 11 Feb 2022 12:01:36 GMT
content-disposition: inline
content-length: 457937
last-modified: Fri, 28 Jan 2022 18:37:01 GMT
server: Apache
etag: "6fcd1-5d6a8b873cd40"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=3600, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: cutk041j-oRgg1afIajqKYX8eKIqpwRZ0_DTqNHI6XovbE1tqiShcg==

GET mandtbaltoweb-medium.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-book.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET mandtbaltoweb-light.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 0
0

GET
BLOB 200
OK ee50a78c-333c-421e-b035-53a6c5bef93b
http://authmtb.duckdns.org/ 165 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://authmtb.duckdns.org/ee50a78c-333c-421e-b035-53a6c5bef93b
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 169098

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 00D1 805 B
865 B 17ms
17ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: http://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 11 Feb 2022 13:00:25 GMT
via: 1.1 varnish
age: 3242604
x-served-by: cache-hhn4052-HHN
x-cache: HIT
x-cache-hits: 626033
x-timer: S1644584425.341252,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame FAE5 805 B
614 B 15ms
15ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 11 Feb 2022 13:00:25 GMT
via: 1.1 varnish
age: 3242604
x-served-by: cache-hhn4052-HHN
x-cache: HIT
x-cache-hits: 626034
x-timer: S1644584425.375138,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 collect
px.ads.linkedin.com/ 0
588 B 281ms
148ms Image
application/javascript 2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1644584425530&url=http%3A%2F%2Fauthmtb.duckdns.org%2F
Requested by: Host: authmtb.duckdns.org
URL: http://authmtb.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6FCFDFCC6B1140039F335809EE52B9CD Ref B: VIEEDGE1011 Ref C: 2022-02-11T13:00:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXXvaaBO46K/IlnYu4hyw==
x-li-fabric: prod-lva1

GET
H2 200 tqvdv1ilp.js Show response
cdn.krxd.net/controltag/ Frame 00D1 25 KB
5 KB 16ms
16ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tqvdv1ilp.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a1d2c24d0bdf57daa4e20bde865546d7e04234db9257a7db9ac103b48f3a262e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 11 Feb 2022 13:00:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 735
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4762
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100151-IAD, cache-hhn4052-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1644584426.564773,VS0,VE0
etag: "7189d5e1924b173bc2d95e51a3e7fa6cc80b5e12"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

GET
H2 200 tqvdv1ilp.js Show response
cdn.krxd.net/controltag/ Frame FAE5 25 KB
5 KB 17ms
17ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tqvdv1ilp.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a1d2c24d0bdf57daa4e20bde865546d7e04234db9257a7db9ac103b48f3a262e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 11 Feb 2022 13:00:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 735
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4762
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100151-IAD, cache-hhn4052-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1644584426.572755,VS0,VE0
etag: "7189d5e1924b173bc2d95e51a3e7fa6cc80b5e12"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 3

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 00D1 259 KB
83 KB 19ms
19ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tqvdv1ilp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: gzip
age: 1517543
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 2716644
content-length: 84509
x-served-by: cache-hhn4052-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1644584426.614997,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame FAE5 259 KB
83 KB 74ms
71ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tqvdv1ilp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 11 Feb 2022 13:00:25 GMT
content-encoding: gzip
age: 1517543
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 2716645
content-length: 84509
x-served-by: cache-hhn4052-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1644584426.618572,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 5fbc882d-fc17-416e-8069-4c0fc55390a2 Show response
consumer.krxd.net/consent/get/ Frame 00D1 232 B
310 B 67ms
66ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5fbc882d-fc17-416e-8069-4c0fc55390a2?idt=device&dt=kxcookie&callback=Krux.ns.mtbankcorporationus.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0428b6971a0e270ddcad27f92394bce96e25debf7db6eb8000f55b4e2f585511

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a015-dub-prod.krxd.net, cache-hhn4055-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644584426.701029,VS0,VE38
content-length: 187
x-cache-hits: 0, 0

GET
H2 200 5fbc882d-fc17-416e-8069-4c0fc55390a2 Show response
consumer.krxd.net/consent/get/ Frame FAE5 232 B
262 B 17ms
16ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5fbc882d-fc17-416e-8069-4c0fc55390a2?idt=device&dt=kxcookie&callback=Krux.ns.mtbankcorporationus.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0428b6971a0e270ddcad27f92394bce96e25debf7db6eb8000f55b4e2f585511

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 13:00:25 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a015-dub-prod.krxd.net, cache-hhn4055-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644584426.821844,VS0,VE0
content-length: 187
x-cache-hits: 0, 1

GET
H2 200 crossdomain.html Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 8146 221 B
546 B 99ms
18ms Document
text/html 2600:9000:2156:b600:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by: Host: www3.mtb.com
URL: https://www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b600:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/

Response headers

content-type: text/html
content-length: 221
date: Fri, 11 Feb 2022 09:43:27 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wyEtru84f9ln9Hyny1nmAsKdhpLWjuMsF42dMCxnX-C454xw1ItRvQ==
age: 11819

GET
H2 200 crossdomain.html Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame D284 221 B
537 B 89ms
16ms Document
text/html 2600:9000:223f:ba00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by: Host: www3.mtb.com
URL: https://www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ba00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/

Response headers

content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 11 Feb 2022 01:51:50 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ksbfAdPm-n9BxOsASDywwEGbpPbP0OBPytAvR9hbeWOn_z1-jIGUzQ==
age: 40116

GET
H2 200 crossdomain.html Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 6CC8 221 B
537 B 75ms
16ms Document
text/html 2600:9000:2250:5c00:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by: Host: www3.mtb.com
URL: https://www3.mtb.com/content/dam/mtb-web/scripts/cdsession.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://authmtb.duckdns.org/

Response headers

content-type: text/html
content-length: 221
date: Thu, 10 Feb 2022 14:28:32 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 9krD1G5-6AA1AYjFmCVlJfXndCuFko12pYwkdk4CMf4a7Hmzg6R7Tw==
age: 81114

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 6CC8 3 KB
3 KB 17ms
16ms Script
application/javascript 2600:9000:2250:5c00:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.c81358859121583b7adf2ace89cb39f44.com
URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:26:18 GMT
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
age: 66849
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: nc-lihK8w9q4IfkB_lZ9UFVRPiBtvyfAVoETl11fKyCw7BI4v5mz-g==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame D284 3 KB
3 KB 17ms
17ms Script
application/javascript 2600:9000:223f:ba00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.b406929acabac9b095f124c81bdfcf57f.com
URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ba00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:29:51 GMT
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
age: 70236
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: OKRxmfUvadGC6VGjmjMXBBVoLeKfDBXB74OJ4tBjHPfqfaN1huHGUw==

GET
H2 200 crossdomain2.12.0.5273.b96c35cc.min.js Show response
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 8146 3 KB
3 KB 18ms
18ms Script
application/javascript 2600:9000:2156:b600:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by: Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b600:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:43:27 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
age: 11819
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3227
x-amz-cf-id: guWoEo-pmO-DWexH8r2Ip_8I6FF9YRGVwEugP31yEOBuGciKG4FHNA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff

Domain: www3.mtb.com
URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
authmtb.duckdns.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 78a99a5d3d38a223f23d8721626f7806
.doubleclick.net/	1970-01-20 00:49:45	Name: test_cookie Value: CheckForPermission
.authmtb.duckdns.org/	1970-01-20 09:35:20	Name: bmuid Value: 1644584425174-1B19C72D-8B73-44F3-B3CF-03710EB04498
authmtb.duckdns.org/	1969-12-31 23:59:59	Name: cdSessionId Value: 25d30bc4-c54a-43a2-a1ff-9630f293729a
.authmtb.duckdns.org/	1969-12-31 23:59:59	Name: cdContextId Value: 2
.twitter.com/	1970-01-20 18:20:56	Name: personalization_id Value: "v1_EtYBp4Nh9Q2Rd23pZE+6eQ=="
.bing.com/	1970-01-20 10:11:20	Name: MUID Value: 031700654BE860E2256E112D4A8361BB
.yahoo.com/	1970-01-20 09:35:42	Name: A3 Value: d=AQABBOldBmICEGWRlxMW9KvoDg9kw2gph8sFEgEBAQGvB2IQYgAAAAAA_eMAAA&S=AQAAAhIeOzwfkVoCyK8LzquI558
.krxd.net/	1970-01-20 05:08:56	Name: _kuid_ Value: Op_mknWH
.authmtb.duckdns.org/	1970-01-20 09:35:20	Name: cdSNum Value: 1644584425784-sjn0000975-ac43d0be-6e10-491e-b014-d20d43b1ff13
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:21:38	Name: bcookie Value: "v=2&2208dedb-419f-4cb1-8e07-6e63f526e42b"
.linkedin.com/	1970-01-20 00:51:10	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2543:u=1:x=1:i=1644584425:t=1644670825:v=2:sig=AQHfM5_ddgDY5uI9ASVZtLNfNelIDeU6"

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://authmtb.duckdns.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff' from origin 'http://authmtb.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://authmtb.duckdns.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff' from origin 'http://authmtb.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://authmtb.duckdns.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff' from origin 'http://authmtb.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://authmtb.duckdns.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf' from origin 'http://authmtb.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-bold.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://authmtb.duckdns.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff' from origin 'http://authmtb.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://authmtb.duckdns.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff' from origin 'http://authmtb.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://authmtb.duckdns.org/ Message: Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff' from origin 'http://authmtb.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://authmtb.duckdns.org/content/dam/mtb-web/images/spanish/es-language-icon.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://authmtb.duckdns.org/content/experience-fragments/mtb-web/info-icon-exp-fragment/info-icon-experience-fragment-2/_jcr_content/root/columns/col_1/image.coreimg.png/1601342332140/green-logo.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://authmtb.duckdns.org/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgOne.coreimg.png/1634134966175/top10bb.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://authmtb.duckdns.org/content/dam/mtb-web/images/icons/mtb-icon-mortgage-2c-cmyk.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://authmtb.duckdns.org/content/experience-fragments/mtb-web/homepage-body-experience-fragment/personal3/_jcr_content/root/columns/col_2/testimonial/imgThree.coreimg.jpeg/1612991529802/excellence-2019.jpeg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1.b406929acabac9b095f124c81bdfcf57f.com
1.c81358859121583b7adf2ace89cb39f44.com
analytics.twitter.com
api4921.d41.co
authmtb.duckdns.org
bat.bing.com
beacon.krxd.net
cdn-0.d41.co
cdn.krxd.net
connect.facebook.net
consumer.krxd.net
googleads.g.doubleclick.net
onlinebanking.mtb.com
px.ads.linkedin.com
s.yimg.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
tags.tiqcdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www3.mtb.com
www3.mtb.com
104.244.42.3
104.75.88.194
151.101.12.157
151.101.130.133
151.101.66.133
172.217.23.98
18.66.248.23
20.97.56.22
212.82.100.181
24.75.29.69
2600:9000:2156:b600:a:6cdf:4440:93a1
2600:9000:223f:ba00:1e:54f1:26c0:93a1
2600:9000:2250:5c00:13:ab57:d440:93a1
2600:9000:2250:fc00:b:2146:1340:93a1
2620:1ec:22::14
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:810::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2008
2a02:26f0:fb::5f65:58d9
2a03:2880:f01c:8012:face:b00c:0:3
52.31.15.140
54.81.37.132
01762df479ae04d2d7842b5826ffd4a3f6d164addbbc380f88a0e66b62393ff5
0428b6971a0e270ddcad27f92394bce96e25debf7db6eb8000f55b4e2f585511
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
099623841921ed1a5c7059f47ba54f002d862c33c43ae5dc77e485503d603071
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
0b7a6c8f838e7dcc8c50cfca8513f6aeeb0a3f36aa733b9a22fbb7f47e6e2070
0d5ebfe1a572fbfd6bb9930df03c417f1bb6790fbea6c0a3811b8394b6f43b08
0df64f926316661d10155f32456520f6b2e3649ca76c95a91393759885b1e7f1
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
1335707c023004beca0db992c2cadb9dce14801311999171baedb4d2322719c5
19b921c1c2b1a6365642326d12c8dcbee9c76ba90f0491a864fddd4e82fdd4d9
1bca59593bd66b189014cbf7df54ff5758a09d5203a2e51025c441deec8a68bf
1d727a0b4bbf95539bf95ff63e3b8fe5c382a8046c9edb2dbaea3498bb57855c
22c65a6834a4feef53c6fb9023098af4ee64b5ee97871ce873fbde9287dd4668
25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28cb833f4359fe7dd0349350d6ea6a722091603114c1b4c32afb8930ac418bc8
2bfd59f2378fb766943cf1ba7a2d2f9cd966bf60cf0cfbb39bdc5298614b0d29
302462d4283c45e7405dcaf5036c9f1e34982c47baaa0a39c2b45e6cb9a203f4
3032a3292747992196025ad31aba0c79dcaeccbe9487360b0ae6682841662c3f
323293c2e2f83b1eb73483b8dff2f4e8ab1acab39393a3759a59591dc6478117
349fcbc04454df744fd82c5e90f76cc8d7d406daad8a3ce2733228ea97362b7a
3509e0ddc57ccc52c9fe60dd09d25972435ef7389d03631c61c830c1dca35856
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
414beb02948e26f4dc99621b1b83ffa39c87899fcdd25e6e75d0517f9f563c34
461f2e5ca80c2444754ae1c2848bb5d54fa36fddca1c187fa2f17464f1863080
491e9638801840db60c83d038f7e02712f35e15d5bd53edc45a6e9ec783a7ab5
4ad05c13b13437edb6bfdf7f9993afe186b16d474912125de1f657fb8cdbde66
4b91b45b60834fa569c19b7b081acf4f970c728c13a18b3ad437c003617afd5c
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
53017e3ff27f7c4cc5042bd05a54ad2fd1767caaea39959ee3d8cf69a761fd0e
565270b647ad2f3f587e99c1db98d121a3bcdf140526f48729672b2fda62c0c9
572335ead369a8439ef6aaafb0d894d576094c410174814cd9d874895ff96abf
57e3e5ae03a534374ceda8c6b67138f825e60ef752df30bd168df7a23e9b999f
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5aff7aeba883c09e28b8d81caf7df7bab9810e2f3029b65cc349ab8a356aa72f
6297f01aee2bd41279f9eb689fa3e101e10877e5445b5a1f1913f1600ba4428d
682d82dccb22a6d4ea67d9a06e3b7180e9624c695612bee794bf913f2af27c94
6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720
79b6fead7c4a43f10b08e11f3cb2dc4dd327e4c6e78e64d75b429e5cf1e40ced
7c00070631d43a26a951a71a89d531b0e3a7473cfcca08c4b08090ec4d0901e4
856458e3fea6bc61f6bd33e73f8e46124a55d2ece4e763ba69a062931ea08379
8a7a7cb1bd84dee53ddedca148062b50d05cf67144476baf6023787461a727c0
8f87415d67a116e364fe00c63d6f07692ed2f68f74b8b9df15438236875d8fc8
970414240343e5a3f0fddd37923eb527f50ddefc9146a5a74e5d03989482c34a
99604bd8293401d122465b1f286189bfc9d4eafa0105636de384eb64c2089316
9b0065cf1167cc79c9c1f55294fcd07c21b93662ab01ec6ac717426251636d6f
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
9e7afe6357698c49568d5e7fdc93bba8232b95fc36e53f5d25e202f298f238e7
9ec432c22109b8c5fe75d8a5ec125fa0c12add373869c59dab0ee4c8fd9d3dda
9fe9e1fbd2d3ae7a05b6a0e823c9c6f4922dfa8d0af9ad979ee1de77d0dc0e3a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d2c24d0bdf57daa4e20bde865546d7e04234db9257a7db9ac103b48f3a262e
a84ba27234d4fb254d3a0ab3915d594364a78721fcb09d4de71021ac21902cd9
aa8254fc8bc2f7de9abb38ad79af79fe3d9deb1a47cb33dfec41b2487e6b5ed6
ae60ac0770fd05a15346016e91cfa4ebff75c54e81ae327e5c4de2a4db6404f1
af4379b04744368ff05504efd4fb922e2a4befd674179ac59e29aeb8067e7aeb
b0c1060d2afb6fb53a5b01afcecaf6b876f7effa231de795b375c5d929a5ac52
b163715b0c25210fbad739e9a0ae7200f80fb33aeadf00f23218612cd40c8593
b1f5d0a67330ff85d5b6d669317fd45539056c1d5d6e33847371ab671283373d
b1fec83f9be2c7704170a91566ea7195565d9ac895dee5deeb113aac41fb16ce
b49f818ca5b5923505dd79d707f456c43954edc3f7af96f266e68e989e88a48d
b5245979e33f9b51f0086bc7f3bbce383ebb39625b0631a54dec8799da6477c9
b5c4f84863e8dae702e1fe95afde0694076e896b6dca5b895749bfcf2736ba68
bd4f66b3003be24e0f0ed65e24d9ce634ab1dea6f112d0da9fd3812024040790
bec3120eb0298bdc01d313d6fc8f754156cffeaf3806a18e3a8a77a136ea5713
befd77bc402760199228179cc7955f48d2ec812df25a2949890b54a4ebcf6f87
c3a6fa6f34c1a83e2a745c43cee16d358419527e0c2d80fdd692ad061de2d0d3
c94e069162bef47ec52dde36d66863f77b9066d27229dc26a2cea5a93c78ff49
cf17e16e68333ef5819f7d19561adf97b094ff9f7b1d6fc01674a3f3de04a85b
d1bba7724c25cf53ba734b40a45fa3a7cf4c67e3a79df96c57e0d5d021f3f755
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d75d34a3ae5eea46f85411645231413c6e0a474a7b0fa10d4f696a1848710ac0
d98eadc35f8560ee479b52519edca4f91784ab8b71f3da4a935cb30f617bec54
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e081f20187ff71b0e1b57157d3b0dd965235c5a15c64f8934f7cb3dc39422051
e194c6673a75bbce3d5940613f949239f869ce27a61703e771e80e1c4093d4ef
e239a8c9eee9bb8cad251218da62dcdecb90cd57531dac58e7b430914b6b8584
e28c0393a3697df6d22cc4dae8fb37c032754f23fd47983b8953b134883e4710
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24759040466b1ece341bc80e69bb8d33ccb631b1f5101f1532b1363adcea90d
f821e785179210833b33a0b9138aa5cd7b499f14cab13a327683415358cd00a2
fcd1693fb95152e98f276b924db6bca55e7fde7cd98da920a8c5da413f305375
fdc5082bc0d8aee4d70cf2a24882c2d0936be7b854d1876a6617709c6ed02d26
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

authmtb.duckdns.org Open in urlscan Pro 20.97.56.22 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

164 Requests

78 %HTTPS

54 %IPv6

22 Domains

26 Subdomains

27 IPs

4 Countries

2035 kBTransfer

5122 kBSize

13 Cookies

19 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

authmtb.duckdns.org Open in urlscan Pro
20.97.56.22 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

78 %
HTTPS

54 %
IPv6

22
Domains

26
Subdomains

27
IPs

4
Countries

2035 kB
Transfer

5122 kB
Size

13
Cookies

164 HTTP transactions
1 data transactions