| gentle-haze-2898.mbtcom.workers.dev/ruxitagentjs_ICA2Vfhjqrux_10233220201140653.js | 172.67.218.195 | 200 OK | 18 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/ruxitagentjs_ICA2Vfhjqrux_10233220201140653.js IP172.67.218.195:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /ruxitagentjs_ICA2Vfhjqrux_10233220201140653.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:55:29 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uj1Ps22Gkqvz0iBr6ZbOcQjT%2B%2FUb7jtE11urgAPeMYifK%2FxnMoWSWk%2BiuKX%2FVnZeWx6qMo5W7A%2FkVSnadfyE4gcfXCValcnxE%2BluU1taa%2FSfhhw%2BLK3Na4G6rYcBpAKKsg%2FEIbD6AEF8uEt86NV7q1ulGj9nIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875ef9146e0c5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gentle-haze-2898.mbtcom.workers.dev/Assets/scripts/Login/Index.js | 172.67.218.195 | 200 OK | 18 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/scripts/Login/Index.js IP172.67.218.195:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:55:29 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTZTvc6%2FbA0nWj3xLSqN4w67%2FculZTGsobVTUJZn6mCuIBG0WcqYXP5ABFJXU0mkBnYJy3laPxi034M2IuVYe1e64uxL7y2QtZtkrrXfeM%2F87dHyXwhq700WNnFxdEK5HC7ztoqk6N6fR5w%2BGLrTCqIMkC11ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875ef9147e2c5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ | 172.67.218.195 | 200 OK | 16 kB |
URL User Request GET HTTP/2gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ IP172.67.218.195:443
CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Suspicious Javascript code | OpenPhish | phishing | M & T Bank Coporation |
GET /assets/scripts/login/ HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:55:29 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tN6J29GR4L%2FKh4Gr4fs2TGTSCvQTwKq907kPCrIySMw2Xl048T7GYoVDcfweuCBv20wj5Sv1BflJb96f%2BIfh2GOQMsh1wFJajwqyqEactrLvoLjZLVqmkmMXeCQvQnwgmWAH3x1Mu3wsRV%2FcNyzhxEMMulolbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875ef9134d95b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gentle-haze-2898.mbtcom.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 | 172.67.218.195 | 200 OK | 17 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 IP172.67.218.195:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:55:29 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0vwZrgPdA%2BQArGLcBuDnMn508Lv7iBQ7k%2FjEmc%2Bp2jk5xRJnWpwFklO4QGJV2cBFb6p0n4OdnrftwoP%2BVic7k5S%2BSAO1fgdZAKyVJ6Hxcy8wj505Xu9jpr2FYZfFdfgYrMh1MriM0k4AO6ByZlxqpdZLpKq1xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875ef9146e055685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gentle-haze-2898.mbtcom.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=9 | 172.67.218.195 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=9 IP172.67.218.195:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=9 HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:55:29 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awvCRnJF9PP4NGIVhF%2FzG%2Fd3UU2HP3LDisFjAK5dhREZNqRaFhKR8ub0nYwShdaq1bsIfTOkIbMFSIptkxoWXpwImAu%2B4iOGCTzM%2Fw3f7n4poogfve9uz4Uk3p%2FUavq7GtSMNpIAHmHKyhS8CFz1bU3UFYYGKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875ef9146e045685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gentle-haze-2898.mbtcom.workers.dev/Assets/js/tealium_prod.js | 172.67.218.195 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/js/tealium_prod.js IP172.67.218.195:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/js/tealium_prod.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:55:29 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nPm85cB9NQtilFZfc0kzXqgRy8PrWbrmKmZdT2ehsyI59TiNqozmSLq5zN9j6sAd4MyF2c%2FpxmXR1pxizXC%2FeUoO54lUaBtxrhmi36bCj5Kyd05jMa5UQ1WnKSKZhCYTMppCttJ7vXHD0yVlk2j0hgMBp5BMlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875ef9146e135685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| asset.mtb.com/Documents/html/homepage/favicon.ico | 0.0.0.0 | | 0 B |
URL GET asset.mtb.com/Documents/html/homepage/favicon.ico IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| gentle-haze-2898.mbtcom.workers.dev/Assets/js/mtb_app_wbk.js | 172.67.218.195 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/js/mtb_app_wbk.js IP172.67.218.195:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:55:29 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOu%2BykG8ok%2B4ryrHpgJe2%2BTKnR7Vx2j3celVNgK7Sf%2Fg44urQOFlOGTRwxsqun62RahwAAw9W9J0PFyhKQ9zg0N0NDFZHc%2F2Og%2BNg4wISAr%2F7JyxeysWOwC923Dd%2BFAWf6uvwN%2FHxq2AoIMRmEW2Lh%2FKzTPohg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875ef9146e065685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| resources.mtb.com/Assets/img/mtb-entrust.svg | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/Assets/img/mtb-entrust.svg IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| resources.mtb.com/r/simple-layout-responsive/js.mtb?v=11242021100000 | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/r/simple-layout-responsive/js.mtb?v=11242021100000 IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/simple-layout-responsive/js.mtb?v=11242021100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| gentle-haze-2898.mbtcom.workers.dev/Assets/js/kessel-client-prod.js | 172.67.218.195 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/js/kessel-client-prod.js IP172.67.218.195:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/js/kessel-client-prod.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:55:29 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeDleeOs6AjJJ%2Bsn0reNW7H%2FobBzuQiynQtXDS88EPPzpNqmLj0Wtj8NM33047MNit3EuVp01T12VGTV4nkC%2BTBcW7ue%2FsH7Dsc2QsAQ40CAXd0Q2RJ7qZlsMKUW3GWo2QtYpgyn%2B%2FWWR%2BZ0%2F9c7cXgdawrwTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875ef9147e1e5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gentle-haze-2898.mbtcom.workers.dev/Assets/scripts/kessel-help.js | 172.67.218.195 | 200 OK | 69 kB |
URL GET HTTP/3gentle-haze-2898.mbtcom.workers.dev/Assets/scripts/kessel-help.js IP172.67.218.195:443
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/ CertificateIssuerGoogle Trust Services LLC Subjectmbtcom.workers.dev FingerprintEB:79:D0:27:C0:E9:62:F3:00:AE:D4:6A:32:FE:2A:7D:CD:4C:72:83 ValidityWed, 10 Apr 2024 19:00:51 GMT - Tue, 09 Jul 2024 19:00:50 GMT
File typeHTML document, ASCII text, with very long lines (65443) Hashfd30b9e568ff4b7e255d100cc5499b21 e77b14c34891cd8c54f580132fb9c43e837c08a9 df1f3429433dbc07cf2b671c263c5039fc3e1d216b25a7b8b16a74ee745f7f74
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/scripts/kessel-help.js HTTP/1.1
Host: gentle-haze-2898.mbtcom.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 19:55:29 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcYnkarHdSw9pYznDnbjE7mR%2BHZ9zc%2Bt0Hi%2Bp8YSDtaWer3D1CCc8fbb1%2BQH6PYIdhiyMfR2GnZmehP5dJlc7vK9%2BE18rhViigZEt%2FORkSR4sAOPBJF1PA0IuMFwti0TZjk1BcyC0yRWz0l12wfpDT3PpfU1kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875ef9147e235685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| resources.mtb.com/r/simple-layout-responsive/css.mtb?v=11242021100000 | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/r/simple-layout-responsive/css.mtb?v=11242021100000 IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/simple-layout-responsive/css.mtb?v=11242021100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| resources.mtb.com/Assets/img/mtb-logo.svg | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/Assets/img/mtb-logo.svg IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| resources.mtb.com/Assets/img/mtb-equalhousinglender.svg | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/Assets/img/mtb-equalhousinglender.svg IP0.0.0.0:0
Requested byhttps://gentle-haze-2898.mbtcom.workers.dev/assets/scripts/login/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gentle-haze-2898.mbtcom.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|