www.mantbank.cesseguranca.com.br Open in urlscan Pro
15.235.39.189 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.mantbank.cesseguranca.com.br/email.html
Submission: On October 25 via api (October 25th 2022, 8:10:51 pm UTC) from JP — Scanned from CA

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 15.235.39.189, located in Canada and belongs to OVH, FR. The main domain is www.mantbank.cesseguranca.com.br.

This is the only time www.mantbank.cesseguranca.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
8	15.235.39.189 15.235.39.189		16276 (OVH) (OVH)
8	1

8 15.235.39.189 (Canada)

ASN16276 (OVH, FR)
PTR: ip189.ip-15-235-39.fmhospeda.com.br

www.mantbank.cesseguranca.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cesseguranca.com.br www.mantbank.cesseguranca.com.br	308 KB
8	1

	Domain	Requested by
8	www.mantbank.cesseguranca.com.br	www.mantbank.cesseguranca.com.br
8	1

This site contains links to these domains. Also see Links.

Domain
wearesolidarite.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.mantbank.cesseguranca.com.br/email.html
Frame ID: CABA26B9999F94390FF910A339B0CF7E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Confirm Email - Verify Account | M&T Bank

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

308 kB
Transfer

306 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wearesolidarite.com/wp-admin/fellass/Home/Login/contact.php

Search URL Search Domain Scan URL

URL: https://wearesolidarite.com/Enrollment
Title: EXIT

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request email.html Show response www.mantbank.cesseguranca.com.br/	27 KB 27 KB	21ms 10ms	Document text/html	15.235.39.189 OVH
General Check archive.org Show headers Download Go to Full URL http://www.mantbank.cesseguranca.com.br/email.html Protocol HTTP/1.1 Server 15.235.39.189 , Canada, ASN16276 (OVH, FR), Reverse DNS ip189.ip-15-235-39.fmhospeda.com.br Software Apache / Resource Hash `598bcdba9abf2af3988ffe9d88f30fc6e8d6e1ab7839dc2c6180171128198d8f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 27355 Content-Type text/html Date Tue, 25 Oct 2022 20:10:47 GMT Keep-Alive timeout=5, max=100 Last-Modified Wed, 31 Aug 2022 22:07:42 GMT Server Apache
GET H/1.1	200 OK	foundation-all.css www.mantbank.cesseguranca.com.br/email_files/	205 KB 205 KB	15ms 10ms	Stylesheet text/css	15.235.39.189 OVH
General Check archive.org Show headers Download Go to Full URL http://www.mantbank.cesseguranca.com.br/email_files/foundation-all.css Requested by Host: www.mantbank.cesseguranca.com.br URL: http://www.mantbank.cesseguranca.com.br/email.html Protocol HTTP/1.1 Server 15.235.39.189 , Canada, ASN16276 (OVH, FR), Reverse DNS ip189.ip-15-235-39.fmhospeda.com.br Software Apache / Resource Hash `9a24ae7591030cd771ca3cc35078bb10c8c57aa3d4109fa8328026dafacf5fa1` Request headers accept-language en-CA,en;q=0.9 Referer http://www.mantbank.cesseguranca.com.br/email.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Tue, 25 Oct 2022 20:10:47 GMT Last-Modified Wed, 31 Aug 2022 10:47:20 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 210130
GET H/1.1	200 OK	mtb.css www.mantbank.cesseguranca.com.br/email_files/	68 KB 68 KB	19ms 10ms	Stylesheet text/css	15.235.39.189 OVH
General Check archive.org Show headers Download Go to Full URL http://www.mantbank.cesseguranca.com.br/email_files/mtb.css Requested by Host: www.mantbank.cesseguranca.com.br URL: http://www.mantbank.cesseguranca.com.br/email.html Protocol HTTP/1.1 Server 15.235.39.189 , Canada, ASN16276 (OVH, FR), Reverse DNS ip189.ip-15-235-39.fmhospeda.com.br Software Apache / Resource Hash `fa72bf5cf7823e5a20ff40085d311170a7e62744396d26bc6ffa968b7be306cb` Request headers accept-language en-CA,en;q=0.9 Referer http://www.mantbank.cesseguranca.com.br/email.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Tue, 25 Oct 2022 20:10:47 GMT Last-Modified Wed, 31 Aug 2022 10:47:20 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 69422
GET H/1.1	200 OK	white%20logo.png www.mantbank.cesseguranca.com.br/email_files/	5 KB 5 KB	11ms 10ms	Image image/png	15.235.39.189 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.mantbank.cesseguranca.com.br/email_files/white%20logo.png Requested by Host: www.mantbank.cesseguranca.com.br URL: http://www.mantbank.cesseguranca.com.br/email.html Protocol HTTP/1.1 Server 15.235.39.189 , Canada, ASN16276 (OVH, FR), Reverse DNS ip189.ip-15-235-39.fmhospeda.com.br Software Apache / Resource Hash `68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652` Request headers accept-language en-CA,en;q=0.9 Referer http://www.mantbank.cesseguranca.com.br/email.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Tue, 25 Oct 2022 20:10:47 GMT Last-Modified Wed, 31 Aug 2022 10:47:20 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4936
GET H/1.1	200 OK	mtb-equalhousinglender.svg www.mantbank.cesseguranca.com.br/email_files/	230 B 475 B	20ms 10ms	Image image/svg+xml	15.235.39.189 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.mantbank.cesseguranca.com.br/email_files/mtb-equalhousinglender.svg Requested by Host: www.mantbank.cesseguranca.com.br URL: http://www.mantbank.cesseguranca.com.br/email.html Protocol HTTP/1.1 Server 15.235.39.189 , Canada, ASN16276 (OVH, FR), Reverse DNS ip189.ip-15-235-39.fmhospeda.com.br Software Apache / Resource Hash `d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad` Request headers accept-language en-CA,en;q=0.9 Referer http://www.mantbank.cesseguranca.com.br/email.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Tue, 25 Oct 2022 20:10:47 GMT Last-Modified Wed, 31 Aug 2022 10:47:20 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 230
GET H/1.1	200 OK	mtb-entrust.svg www.mantbank.cesseguranca.com.br/email_files/	1 KB 2 KB	22ms 9ms	Image image/svg+xml	15.235.39.189 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://www.mantbank.cesseguranca.com.br/email_files/mtb-entrust.svg Requested by Host: www.mantbank.cesseguranca.com.br URL: http://www.mantbank.cesseguranca.com.br/email.html Protocol HTTP/1.1 Server 15.235.39.189 , Canada, ASN16276 (OVH, FR), Reverse DNS ip189.ip-15-235-39.fmhospeda.com.br Software Apache / Resource Hash `b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5` Request headers accept-language en-CA,en;q=0.9 Referer http://www.mantbank.cesseguranca.com.br/email.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Tue, 25 Oct 2022 20:10:47 GMT Last-Modified Wed, 31 Aug 2022 10:47:20 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1349
GET H/1.1	404 Not Found	mandtbaltoweb-book.woff www.mantbank.cesseguranca.com.br/assets/fonts/	0 0	10ms 10ms	Font text/html	15.235.39.189 OVH
General Check archive.org Show headers Download Go to Full URL http://www.mantbank.cesseguranca.com.br/assets/fonts/mandtbaltoweb-book.woff Requested by Host: www.mantbank.cesseguranca.com.br URL: http://www.mantbank.cesseguranca.com.br/email_files/mtb.css Protocol HTTP/1.1 Server 15.235.39.189 , Canada, ASN16276 (OVH, FR), Reverse DNS ip189.ip-15-235-39.fmhospeda.com.br Software Apache / Resource Hash Request headers Referer http://www.mantbank.cesseguranca.com.br/email_files/mtb.css Origin http://www.mantbank.cesseguranca.com.br accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Tue, 25 Oct 2022 20:10:47 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	mandtbaltoweb-medium.woff www.mantbank.cesseguranca.com.br/assets/fonts/	0 0	11ms 11ms	Font text/html	15.235.39.189 OVH
General Check archive.org Show headers Download Go to Full URL http://www.mantbank.cesseguranca.com.br/assets/fonts/mandtbaltoweb-medium.woff Requested by Host: www.mantbank.cesseguranca.com.br URL: http://www.mantbank.cesseguranca.com.br/email_files/mtb.css Protocol HTTP/1.1 Server 15.235.39.189 , Canada, ASN16276 (OVH, FR), Reverse DNS ip189.ip-15-235-39.fmhospeda.com.br Software Apache / Resource Hash Request headers Referer http://www.mantbank.cesseguranca.com.br/email_files/mtb.css Origin http://www.mantbank.cesseguranca.com.br accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Tue, 25 Oct 2022 20:10:47 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.mantbank.cesseguranca.com.br/assets/fonts/mandtbaltoweb-book.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.mantbank.cesseguranca.com.br/assets/fonts/mandtbaltoweb-medium.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.mantbank.cesseguranca.com.br
15.235.39.189
598bcdba9abf2af3988ffe9d88f30fc6e8d6e1ab7839dc2c6180171128198d8f
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
9a24ae7591030cd771ca3cc35078bb10c8c57aa3d4109fa8328026dafacf5fa1
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
fa72bf5cf7823e5a20ff40085d311170a7e62744396d26bc6ffa968b7be306cb

www.mantbank.cesseguranca.com.br Open in urlscan Pro 15.235.39.189 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

308 kBTransfer

306 kBSize

0 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

www.mantbank.cesseguranca.com.br Open in urlscan Pro
15.235.39.189 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

308 kB
Transfer

306 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!