urlscan.io logo urlscan.io
SecurityTrails logo

sammywestsmtp.com Open in urlscan Pro
162.0.228.128  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sammywestsmtp.com/M&T/M&T/
Effective URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e3...
Submission: On February 20 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 25 HTTP transactions. The main IP is 162.0.228.128, located in United States and belongs to NAMECHEAP-NET, US. The main domain is sammywestsmtp.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 19th 2024. Valid for: 3 months.
This is the only time sammywestsmtp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

12    162.0.228.128 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.sammywestsmtp.com
sammywestsmtp.com
1    2600:9000:26e8:5e00:b:2146:1340:93a1 (United States)

ASN16509 (AMAZON-02, US)
www3.mtb.com
2    2600:9000:2450:5e00:a:6cdf:4440:93a1 (None, )

ASN- ()
1.a79ab95c1589a13f8a4cab612bc71f9f7.com
2    2600:9000:21f3:a400:1e:54f1:26c0:93a1 (None, )

ASN- ()
1.b406929acabac9b095f124c81bdfcf57f.com
2    2600:9000:2250:7a00:13:ab57:d440:93a1 (None, )

ASN- ()
1.c81358859121583b7adf2ace89cb39f44.com
Domain Requested by
12 sammywestsmtp.com 1 redirects sammywestsmtp.com
2 1.c81358859121583b7adf2ace89cb39f44.com sammywestsmtp.com
1.c81358859121583b7adf2ace89cb39f44.com
2 1.b406929acabac9b095f124c81bdfcf57f.com sammywestsmtp.com
1.b406929acabac9b095f124c81bdfcf57f.com
2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com sammywestsmtp.com
1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1 www3.mtb.com sammywestsmtp.com
www3.mtb.com
25 5

This site contains no links.

Subject Issuer Validity Valid
sammywestsmtp.com
cPanel, Inc. Certification Authority		 2024-02-19 -
2024-05-19		 3 months crt.sh
www.mtb.com
Entrust Certification Authority - L1M		 2023-11-30 -
2024-06-02		 6 months crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-26 -
2024-04-04		 a year crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-02 -
2024-04-07		 a year crt.sh
*.c81358859121583b7adf2ace89cb39f44.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-02 -
2024-04-07		 a year crt.sh

This page contains 4 frames:

Primary Page: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Frame ID: ABD50919F2A46ED7DB1D9CA3F1B3BA98
Requests: 20 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: 58831F33D676B140F016912B29D47EB1
Requests: 2 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: CB0A0B65C3AB32239AE85B4A745DC875
Requests: 2 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: C9BBC92FEBE3B4A3A5788B8467E1346A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to M&T Online Banking or Commercial Treasury CenterNavigation Menu

Page URL History Show full URLs

  1. https://sammywestsmtp.com/M&T/M&T/ HTTP 302
    https://sammywestsmtp.com/M&T/M&T/MegaBrunch/ Page URL
  2. https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f34... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*aem-Grid
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

25
Requests

72 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

1279 kB
Transfer

1806 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sammywestsmtp.com/M&T/M&T/ HTTP 302
    https://sammywestsmtp.com/M&T/M&T/MegaBrunch/ Page URL
  2. https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://sammywestsmtp.com/M&T/M&T/ HTTP 302
  • https://sammywestsmtp.com/M&T/M&T/MegaBrunch/

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sammywestsmtp.com/M&T/M&T/MegaBrunch/
Redirect Chain
  • https://sammywestsmtp.com/M&T/M&T/
  • https://sammywestsmtp.com/M&T/M&T/MegaBrunch/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
6fbc53bb629a1f1d59f81aea4c4df1e21137eecd2941b6f0cbd72f856706582f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 12:50:50 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 12:50:48 GMT
Keep-Alive
timeout=5, max=100
Location
MegaBrunch/
Server
Apache
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
cf.css
sammywestsmtp.com/M&T/M&T/Guard/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sammywestsmtp.com/M&T/M&T/Guard/css/cf.css
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
6026255cc26e031389358227ccd1b7de6cba842c3978f9144d31cb30032276ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:50:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 02 May 2021 02:27:02 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1751
X-XSS-Protection
1; mode=block
Primary Request index.php
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/ 		59 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
6ed3fed6b2438987449e75c9ea55bf528a519dd87e4240f4fc02060f77c8bb3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 12:50:54 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
clientlib-base.css
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/ 		425 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:5e00:b:2146:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Tue, 20 Feb 2024 11:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 38dab0d877593711162f7409f4fc8fca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
age
3328
x-vhost
publish
x-cache
Hit from cloudfront
content-disposition
inline
content-length
57814
last-modified
Mon, 27 Mar 2023 20:18:46 GMT
server
Apache
etag
"6a323-5f7e773365580-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=3600, public, no-cache="set-cookie"
permissions-policy
browsing-topics=()
accept-ranges
bytes
x-amz-cf-id
vKLzjGoQup-l_vL5soSYXVgmV7bZgcsT8Pf0_i7Orx3TyQiU-YABnQ==
mtb_app_wbk.js
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/ 		242 KB
243 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/mtb_app_wbk.js
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
b9b7a642f229db0bbc0a820e1eee063041d03ab631f868e8106c1aa1c4647b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:50:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Jun 2022 23:30:38 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
248194
X-XSS-Protection
1; mode=block
cdsession.js
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/ 		605 KB
606 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/cdsession.js
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
302462d4283c45e7405dcaf5036c9f1e34982c47baaa0a39c2b45e6cb9a203f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:50:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Jun 2022 23:30:54 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
619717
X-XSS-Protection
1; mode=block
vendor.js
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/ 		236 KB
237 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/vendor.js
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
c5bac5c06dfc6a8b1547af4e6dfa0d784f70db7c92cfe1e97c45e962f0283d0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:50:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Jun 2022 22:31:44 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
242127
X-XSS-Protection
1; mode=block
white%20logo.png
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/white%20logo.png
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:50:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Jun 2022 23:25:30 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4936
X-XSS-Protection
1; mode=block
equal-housing-lender-logo.png
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/equal-housing-lender-logo.png
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:50:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Jun 2022 23:27:38 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1509
X-XSS-Protection
1; mode=block
fszullhwyai6bvj-desktop-720x816-update.jpeg
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/fszullhwyai6bvj-desktop-720x816-update.jpeg
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
ed305c6fbe8bfbc0a34f339f2430f89e03d49cf628945a0c126896d96760f86c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:50:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Jun 2022 23:36:50 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26353
X-XSS-Protection
1; mode=block
fszullhwyai6bvj.jpeg
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/fszullhwyai6bvj.jpeg
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
a06dcffedaadc56b236deaf03906e025341b8fe314430247de506bd37237d42e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:50:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Jun 2022 23:37:36 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
25445
X-XSS-Protection
1; mode=block
9b798b06-ac26-4ff6-ad96-f04e7717282d
https://sammywestsmtp.com/ 		165 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://sammywestsmtp.com/9b798b06-ac26-4ff6-ad96-f04e7717282d
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
169098
Content-Type
chevron_down.8adc6731.svg
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/ 		970 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/chevron_down.8adc6731.svg
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.228.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.sammywestsmtp.com
Software
Apache /
Resource Hash
03cc12570299da2da582ed1f055f77f31f7d77899f1ada7ced1dfeea50068298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 12:50:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Jun 2022 23:35:42 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
970
X-XSS-Protection
1; mode=block
mandtbaltoweb-book.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 		0
0
mandtbaltoweb-light.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 		0
0
mandtbaltoweb-medium.woff
www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 		0
0
mandtbaltoweb-book.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 		0
0
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
mandtbaltoweb-medium.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 		0
0
mandtbaltoweb-light.woff
www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/ 		0
0
crossdomain.html
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 5883 		221 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/cdsession.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:5e00:a:6cdf:4440:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer
https://sammywestsmtp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
30911
content-length
221
content-type
text/html
date
Tue, 20 Feb 2024 04:15:46 GMT
etag
"21e34cf6a03f570df49e212018a567d0"
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
via
1.1 a13e42093f0d6dc965236581ea51a662.cloudfront.net (CloudFront)
x-amz-cf-id
B21-guWollgo-gvF2xmeG8dNCVSzORcXFyEn6jDGPeydqkDzdYToMA==
x-amz-cf-pop
CDG50-P4
x-amz-version-id
null
x-cache
Hit from cloudfront
crossdomain.html
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame CB0A 		221 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/cdsession.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a400:1e:54f1:26c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer
https://sammywestsmtp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
32898
content-length
221
content-type
text/html
date
Tue, 20 Feb 2024 03:42:39 GMT
etag
"21e34cf6a03f570df49e212018a567d0"
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-amz-cf-id
Mw5focLdQNCUcSR3yg31FdJ4A9yGxL09aoshXlx77TnItX1gvkbvCA==
x-amz-cf-pop
FRA2-C2
x-amz-version-id
null
x-cache
Hit from cloudfront
crossdomain.html
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame C9BB 		221 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by
Host: sammywestsmtp.com
URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/cdsession.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7a00:13:ab57:d440:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer
https://sammywestsmtp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
39186
content-length
221
content-type
text/html
date
Tue, 20 Feb 2024 01:57:51 GMT
etag
"21e34cf6a03f570df49e212018a567d0"
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-amz-cf-id
EoD5aW6TSybP8CK_jn1szCOdZXo89mVjvUO-VM_lz9iH1sA06z5fQQ==
x-amz-cf-pop
FRA60-P2
x-amz-version-id
null
x-cache
Hit from cloudfront
crossdomain2.12.0.5273.b96c35cc.min.js
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame C9BB 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by
Host: 1.c81358859121583b7adf2ace89cb39f44.com
URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7a00:13:ab57:d440:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 20 Feb 2024 06:40:59 GMT
via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
22198
etag
"9ee48a4da9c402e8a23ad085fb71f28f"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3227
x-amz-cf-id
MeSJQUaHcQqFM2VocR0jgepbgwXJaflOZGVCeaJ_g5SrTYqemoMKfA==
crossdomain2.12.0.5273.b96c35cc.min.js
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame CB0A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a400:1e:54f1:26c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 03:42:35 GMT
x-amz-version-id
null
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
32902
etag
"9ee48a4da9c402e8a23ad085fb71f28f"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3227
x-amz-cf-id
vk6HVJ5iuK7RM5X0vHY8K1XA8PC1rAdItyG3vuikgbJBJQv9nBbc6w==
crossdomain2.12.0.5273.b96c35cc.min.js
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 5883 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:5e00:a:6cdf:4440:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 01:53:45 GMT
x-amz-version-id
null
via
1.1 a13e42093f0d6dc965236581ea51a662.cloudfront.net (CloudFront)
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P4
age
39432
etag
"9ee48a4da9c402e8a23ad085fb71f28f"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3227
x-amz-cf-id
bkD6fdnbWODabR6KNPRtnVjKxrm1L9pNOV4zuMRPFAwLZ8oBEmIpkw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www3.mtb.com
URL
https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Domain
www3.mtb.com
URL
https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Domain
www3.mtb.com
URL
https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Domain
www3.mtb.com
URL
https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Domain
www3.mtb.com
URL
https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Domain
www3.mtb.com
URL
https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| UIEvent object| cdwpb object| cdApi object| Utils object| customEventsObject object| cookiesUtils object| modalObject object| tealiumUtils function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| $ function| jQuery function| Cookies function| forceIE89Synchronicity object| lazySizes function| populateUserId function| cdSession string| style string| d string| t string| m object| s

4 Cookies

Domain/Path Name / Value
sammywestsmtp.com/M&T/M&T/MegaBrunch/Login Name: cdSessionId
Value: b459c58c-56ce-4a76-a583-91d9c4aea7e4
sammywestsmtp.com/ Name: PHPSESSID
Value: u7j6pcranr5vjiquuulsgt6116
.sammywestsmtp.com/ Name: cdContextId
Value: 1
.sammywestsmtp.com/ Name: bmuid
Value: 1708433455509-6781C27F-74A9-49ED-9C21-1661D12DD07E

14 Console Messages

Source Level URL
Text
javascript error URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Message:
Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff' from origin 'https://sammywestsmtp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Message:
Failed to load resource: net::ERR_FAILED
rendering warning URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/mtb_app_wbk.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
javascript error URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Message:
Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff' from origin 'https://sammywestsmtp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Message:
Access to font at 'https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff' from origin 'https://sammywestsmtp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www3.mtb.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Message:
Failed to load resource: net::ERR_FAILED
rendering warning URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/css/mtb_app_wbk.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
javascript error URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Message:
Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff' from origin 'https://sammywestsmtp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Message:
Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff' from origin 'https://sammywestsmtp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://sammywestsmtp.com/M&T/M&T/MegaBrunch/Login/index.php?token=a132002d4d071b8afd807bdab9529a39f344a7b19d45922db4874e305aefe34ab9a4ffe71a73364a601d0ea1f9d926f8801467fd5c98d09e11a8cdee2b327b14
Message:
Access to font at 'https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff' from origin 'https://sammywestsmtp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www3.mtb.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1.b406929acabac9b095f124c81bdfcf57f.com
1.c81358859121583b7adf2ace89cb39f44.com
sammywestsmtp.com
www3.mtb.com
www3.mtb.com
162.0.228.128
2600:9000:21f3:a400:1e:54f1:26c0:93a1
2600:9000:2250:7a00:13:ab57:d440:93a1
2600:9000:2450:5e00:a:6cdf:4440:93a1
2600:9000:26e8:5e00:b:2146:1340:93a1
03cc12570299da2da582ed1f055f77f31f7d77899f1ada7ced1dfeea50068298
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6
302462d4283c45e7405dcaf5036c9f1e34982c47baaa0a39c2b45e6cb9a203f4
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
6026255cc26e031389358227ccd1b7de6cba842c3978f9144d31cb30032276ef
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
6ed3fed6b2438987449e75c9ea55bf528a519dd87e4240f4fc02060f77c8bb3c
6fbc53bb629a1f1d59f81aea4c4df1e21137eecd2941b6f0cbd72f856706582f
8e36f036be3313f66918b7f296388c199468b0ffb75d3f8908cd04f58d966964
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
a06dcffedaadc56b236deaf03906e025341b8fe314430247de506bd37237d42e
b9b7a642f229db0bbc0a820e1eee063041d03ab631f868e8106c1aa1c4647b75
c5bac5c06dfc6a8b1547af4e6dfa0d784f70db7c92cfe1e97c45e962f0283d0c
ed305c6fbe8bfbc0a34f339f2430f89e03d49cf628945a0c126896d96760f86c