| gentle-haze-2898.mbtcom.workers.dev/Assets/scripts/Login/Index.js | 104.21.38.40 | 200 OK | 19 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/scripts/Login/Index.js IP104.21.38.40:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:48:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOg8n5C9uThZQcDUB7XBt%2FO49wfweCh2%2FPUonzOB3s6u656UE8GoldMzbmBNPR9sOnftj0RufiszSqfrI2U%2BchfynPZw%2FX2i%2FG%2F6aoubNxZivy6WlZ8SBG%2Bb%2B7kw21hooPtUaP2Bfb0QRVr%2FcAisdTnKhMQ2xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e3e7d08fe9298-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gentle-haze-2898.mbtcom.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=9 | 104.21.38.40 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=9 IP104.21.38.40:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=9 HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:48:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mEev9OfIpS2h2Xc3eE%2B2xR%2BvkGCRGqaDqHCCaTBoA0hVWBNzMFDGnO08s8ZUGIBm6N7qhHhyqZe3qn9tau8Y3voAfTsv1Q9ToWgVaj9y9VU2UN743xDp8HRM%2BdDCeLrWbdLLfdy0SUsuAYfq4iJJTSzaPqpZnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e3e7ce8ca9298-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gentle-haze-2898.mbtcom.workers.dev/Assets/js/tealium_prod.js | 104.21.38.40 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/js/tealium_prod.js IP104.21.38.40:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/js/tealium_prod.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:48:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MhMB2RIiPZNMVHa5xg6WpK60WSYlaI5ET8V2a7Bf8YcUJqz1IY04g8TiWcp9Hk057HTG6P3qrDq8e%2BpgRkEhAeNNv7h%2B4a%2F67nfNfnXMktwYfcr%2B5bhI08MTcIVF5Kn3NRO9MzCMmv3%2FHrW8oh%2BERaDrYKBgbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e3e7ce8de9298-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| resources.mtb.com/Assets/img/mtb-entrust.svg | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/Assets/img/mtb-entrust.svg IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ | 104.21.38.40 | 200 OK | 69 kB |
URL User Request GET HTTP/2gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ IP104.21.38.40:443
CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Suspicious Javascript code | OpenPhish | phishing | M & T Bank Coporation |
GET /assets/scripts/ HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:48:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVSvGcUzmRS7oRNoh8aA%2FUA6G67u7I7jI2m6yssx6xsYtfqfWBadQJPBI1o7ehX7u8vFigv671%2F4Q2QgpRlC17JJTbPlvTMS8UEPbMyJoT7xqB0Y%2Btf5EI2EkGhdUwAznGdvkKuuib8Qs%2Fx5WTEJimxaL5dZaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e3e7b2a8a92e6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gentle-haze-2898.mbtcom.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 | 104.21.38.40 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 IP104.21.38.40:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:48:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDCWaZyKjwh0dwTm1daOZBgBgnO1kmgVhdVv7pfWtBkSvNG%2FWmnt1k8Tj%2FyfUzybaYzOS%2Bqo9VZvvzjUt%2Fx%2BCVfTVJqy1AxPVa1gOfigLlVyU7v54kjSWaFIyBZ5VFduLW%2Bex6XkO4OOJLfEpF0K5RSfkuvEcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e3e7ce8cd9298-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gentle-haze-2898.mbtcom.workers.dev/ruxitagentjs_ICA2Vfhjqrux_10233220201140653.js | 104.21.38.40 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/ruxitagentjs_ICA2Vfhjqrux_10233220201140653.js IP104.21.38.40:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /ruxitagentjs_ICA2Vfhjqrux_10233220201140653.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:48:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZon7NTcRyYTSRIKEvwueCMCbmteN5XJ1zkh9dy%2FZqmGSHsJBB2gAWXl4m85pIAZ%2B9Oe1tAjVH5CZVv7OOp2bl6UlhTVgOFT3QzXJioWvOahHHvggRLFpQLX%2BBDJv%2Fz7Qj%2FFkqbn4NFXGrPQHE6dLRFIKHupCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e3e7ce8d69298-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gentle-haze-2898.mbtcom.workers.dev/Assets/js/mtb_app_wbk.js | 104.21.38.40 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/js/mtb_app_wbk.js IP104.21.38.40:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:48:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3A1kycElYCOXG5ZyBKKJQEA2VsGUnGefYoGuc2E3MYcAGvErFZi4Rs%2BEJMTDrX8Yb4GODOtO4GTRLf%2FD9ijALurBh1nAZ7XOm3qbvDsM5oQRV2uLkkp2S6cHzNjVXCSr04xH3NU9h3xtZojHhv3UAOYpAs67g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e3e7ce8d19298-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| resources.mtb.com/Assets/img/mtb-logo.svg | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/Assets/img/mtb-logo.svg IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| resources.mtb.com/Assets/img/mtb-equalhousinglender.svg | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/Assets/img/mtb-equalhousinglender.svg IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| resources.mtb.com/r/simple-layout-responsive/js.mtb?v=11242021100000 | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/r/simple-layout-responsive/js.mtb?v=11242021100000 IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/simple-layout-responsive/js.mtb?v=11242021100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| gentle-haze-2898.mbtcom.workers.dev/Assets/scripts/kessel-help.js | 104.21.38.40 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/scripts/kessel-help.js IP104.21.38.40:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/scripts/kessel-help.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:48:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPVjB7j3bU3zDaD7EEEomSyCVjtd3%2B1wGPTBO63KLsDk9wi9X3Y9WnvK1PbYagglB%2B%2BkBV%2F1rwWGcc%2BlW843JHMpt9mux00yIDmGhkAR789vmuwwk6diifeSshnVTuZg2jqH04qtijY6awOGlB8VK3kW1HAMVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e3e7d08fa9298-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| asset.mtb.com/Documents/html/homepage/favicon.ico | 0.0.0.0 | | 0 B |
URL GET asset.mtb.com/Documents/html/homepage/favicon.ico IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| resources.mtb.com/r/simple-layout-responsive/css.mtb?v=11242021100000 | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/r/simple-layout-responsive/css.mtb?v=11242021100000 IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/simple-layout-responsive/css.mtb?v=11242021100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| gentle-haze-2898.mbtcom.workers.dev/Assets/js/kessel-client-prod.js | 104.21.38.40 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/js/kessel-client-prod.js IP104.21.38.40:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/js/kessel-client-prod.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:48:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uhutzoHp%2BlBiJD3YWXAYarckq5oFk3TqYFeCiNcGt0%2F2UG5HseZIFoDQ91YicYC2vef3CIiN7338qavCQg4oDrUMhOVh9yCNIVJAu7sUNqEH44jOMxeh8OwtNw1rkm9D22UIqruLWI3zwoLCkqRi8q4q9C2zpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875e3e7cf8f79298-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|