Submitted URL: http://spotxtech.com/
Effective URL: https://spotxtech.com/
Submission: On October 24 via automatic, source openphish — Scanned from DE

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 24 HTTP transactions. The main IP is 63.250.38.7, located in United States and belongs to NAMECHEAP-NET, US. The main domain is spotxtech.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 11th 2022. Valid for: a year.
This is the only time spotxtech.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 18 63.250.38.7 22612 (NAMECHEAP...)
2 2600:9000:219... 16509 (AMAZON-02)
2 2600:9000:238... 16509 (AMAZON-02)
2 2600:9000:219... 16509 (AMAZON-02)
24 5
Apex Domain
Subdomains
Transfer
18 spotxtech.com
spotxtech.com
1 MB
2 c81358859121583b7adf2ace89cb39f44.com
1.c81358859121583b7adf2ace89cb39f44.com — Cisco Umbrella Rank: 21968
4 KB
2 b406929acabac9b095f124c81bdfcf57f.com
1.b406929acabac9b095f124c81bdfcf57f.com — Cisco Umbrella Rank: 21948
4 KB
2 a79ab95c1589a13f8a4cab612bc71f9f7.com
1.a79ab95c1589a13f8a4cab612bc71f9f7.com — Cisco Umbrella Rank: 21978
4 KB
24 4
Domain Requested by
18 spotxtech.com 1 redirects spotxtech.com
2 1.c81358859121583b7adf2ace89cb39f44.com spotxtech.com
1.c81358859121583b7adf2ace89cb39f44.com
2 1.b406929acabac9b095f124c81bdfcf57f.com spotxtech.com
1.b406929acabac9b095f124c81bdfcf57f.com
2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com spotxtech.com
1.a79ab95c1589a13f8a4cab612bc71f9f7.com
24 4

This site contains links to these domains. Also see Links.

Domain
wearesolidarite.com
Subject Issuer Validity Valid
spotxtech.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-11 -
2023-05-11
a year crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com
Sectigo RSA Domain Validation Secure Server CA
2022-04-04 -
2023-04-04
a year crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-04-07
a year crt.sh
*.c81358859121583b7adf2ace89cb39f44.com
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-04-07
a year crt.sh

This page contains 4 frames:

Primary Page: https://spotxtech.com/
Frame ID: 5E77BA5ADE7EA39C4AEA30D081A6D8A9
Requests: 22 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: 006115D32D9B2CED71CA03F015AA947E
Requests: 2 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: 9124B12BA052092E06261A1D2308D90D
Requests: 2 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: 22EC3CFDD8092F63287619D3E3E236BF
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Log in to M&T Online Banking or Commercial Treasury CenterNavigation Menu

Page URL History Show full URLs

  1. http://spotxtech.com/ HTTP 301
    https://spotxtech.com/ Page URL

Page Statistics

24
Requests

96 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

1288 kB
Transfer

1888 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://spotxtech.com/ HTTP 301
    https://spotxtech.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
spotxtech.com/
Redirect Chain
  • http://spotxtech.com/
  • https://spotxtech.com/
80 KB
16 KB
Document
General
Full URL
https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
56a6f99d8872d78782b4ca6da983ed70ea0a41973e604b21a1544c54a23fc427

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
16582
content-type
text/html
date
Mon, 24 Oct 2022 13:02:28 GMT
last-modified
Thu, 01 Sep 2022 02:13:00 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

content-length
707
content-type
text/html
date
Mon, 24 Oct 2022 13:02:27 GMT
keep-alive
timeout=5, max=100
location
https://spotxtech.com/
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
clientlib-base.css
spotxtech.com/index_files/
426 KB
53 KB
Stylesheet
General
Full URL
https://spotxtech.com/index_files/clientlib-base.css
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
0241159456863a6baa0790dfb58ab3c6dd892f080ee2a52259fb101f4c166412

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:02:28 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 14:43:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
53758
expires
Mon, 31 Oct 2022 13:02:28 GMT
mtb_app_wbk.js.download
spotxtech.com/index_files/
242 KB
243 KB
Script
General
Full URL
https://spotxtech.com/index_files/mtb_app_wbk.js.download
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
b9b7a642f229db0bbc0a820e1eee063041d03ab631f868e8106c1aa1c4647b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:02:28 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 31 Aug 2022 14:43:12 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
248194
content-type
application/octet-stream
cdsession.js.download
spotxtech.com/index_files/
605 KB
606 KB
Script
General
Full URL
https://spotxtech.com/index_files/cdsession.js.download
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
302462d4283c45e7405dcaf5036c9f1e34982c47baaa0a39c2b45e6cb9a203f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:02:28 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 31 Aug 2022 14:43:12 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
619717
content-type
application/octet-stream
vendor.js.download
spotxtech.com/index_files/
236 KB
237 KB
Script
General
Full URL
https://spotxtech.com/index_files/vendor.js.download
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
c5bac5c06dfc6a8b1547af4e6dfa0d784f70db7c92cfe1e97c45e962f0283d0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:02:28 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 31 Aug 2022 14:43:12 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
242127
content-type
application/octet-stream
white%20logo.png
spotxtech.com/index_files/
5 KB
5 KB
Image
General
Full URL
https://spotxtech.com/index_files/white%20logo.png
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:02:30 GMT
last-modified
Wed, 31 Aug 2022 14:43:12 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4936
expires
Mon, 31 Oct 2022 13:02:30 GMT
equal-housing-lender-logo.png
spotxtech.com/index_files/
1 KB
2 KB
Image
General
Full URL
https://spotxtech.com/index_files/equal-housing-lender-logo.png
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:02:30 GMT
last-modified
Wed, 31 Aug 2022 14:43:14 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1509
expires
Mon, 31 Oct 2022 13:02:30 GMT
fszullhwyai6bvj-desktop-720x816-update.jpeg
spotxtech.com/index_files/
111 KB
111 KB
Image
General
Full URL
https://spotxtech.com/index_files/fszullhwyai6bvj-desktop-720x816-update.jpeg
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
e3600cc522d109bf4d7aeb56960790240e80d9f22f6ae99e9a77d020bdf8f3cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:02:30 GMT
last-modified
Wed, 31 Aug 2022 14:43:14 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
113904
expires
Mon, 31 Oct 2022 13:02:30 GMT
fszullhwyai6bvj.jpeg
spotxtech.com/index_files/
1 KB
1 KB
Image
General
Full URL
https://spotxtech.com/index_files/fszullhwyai6bvj.jpeg
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
mandtbaltoweb-book.woff
spotxtech.com/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/
0
0
Font
General
Full URL
https://spotxtech.com/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/index_files/clientlib-base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://spotxtech.com/index_files/clientlib-base.css
Origin
https://spotxtech.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
75c501f7-e584-46df-8438-57cb468f43e8
https://spotxtech.com/
165 KB
0
Other
General
Full URL
blob:https://spotxtech.com/75c501f7-e584-46df-8438-57cb468f43e8
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
169098
chevron_down.8adc6731.svg
spotxtech.com/css/
1 KB
1 KB
Image
General
Full URL
https://spotxtech.com/css/chevron_down.8adc6731.svg
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
mandtbaltoweb-light.woff
spotxtech.com/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/
0
0
Font
General
Full URL
https://spotxtech.com/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/index_files/clientlib-base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://spotxtech.com/index_files/clientlib-base.css
Origin
https://spotxtech.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
mandtbaltoweb-medium.woff
spotxtech.com/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/
0
0
Font
General
Full URL
https://spotxtech.com/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/index_files/clientlib-base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://spotxtech.com/index_files/clientlib-base.css
Origin
https://spotxtech.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
fszullhwyai6bvj-desktop-720x816-update.jpeg
spotxtech.com/css/
1 KB
1 KB
Image
General
Full URL
https://spotxtech.com/css/fszullhwyai6bvj-desktop-720x816-update.jpeg
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spotxtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
truncated
/
89 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
811bbc4f8c2334d1a7d1224cd8ad1c8a7d1e44bd640eb4fff19ef7c240b3bc82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
89 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
964a8e8f8115296b4aa7331a151b027124da518fa18e25ac6b7151ac88c6c279

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
89 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b620b74d4b30e71868a1756d4a9704ae9d58831283ec904c4bde3d408776e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
89 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86ecd944ec62f9f810e7d2b3a7286b35c53a8676e17e9e7704f9c4745083a5bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
mandtbaltoweb-book.woff
spotxtech.com/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/
0
0
Font
General
Full URL
https://spotxtech.com/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/index_files/clientlib-base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://spotxtech.com/index_files/clientlib-base.css
Origin
https://spotxtech.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
mandtbaltoweb-light.woff
spotxtech.com/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/
0
0
Font
General
Full URL
https://spotxtech.com/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/index_files/clientlib-base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://spotxtech.com/index_files/clientlib-base.css
Origin
https://spotxtech.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
mandtbaltoweb-medium.woff
spotxtech.com/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/
0
0
Font
General
Full URL
https://spotxtech.com/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/index_files/clientlib-base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://spotxtech.com/index_files/clientlib-base.css
Origin
https://spotxtech.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 13:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
crossdomain.html
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 0061
221 B
556 B
Document
General
Full URL
https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/index_files/cdsession.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:fe00:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer
https://spotxtech.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
60894
content-length
221
content-type
text/html
date
Sun, 23 Oct 2022 20:07:38 GMT
etag
"21e34cf6a03f570df49e212018a567d0"
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
via
1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-amz-cf-id
rhXhgoCLMPw0i0MduiEkU2iXJns2XWJ1nikGjdfSS7m7qX6mSyy6IA==
x-amz-cf-pop
ZRH50-C1
x-amz-version-id
null
x-cache
Hit from cloudfront
crossdomain.html
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 9124
221 B
553 B
Document
General
Full URL
https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/index_files/cdsession.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:b000:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer
https://spotxtech.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5827
content-length
221
content-type
text/html
date
Mon, 24 Oct 2022 11:25:25 GMT
etag
"21e34cf6a03f570df49e212018a567d0"
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
via
1.1 f5d6b2021b5a22554c0e7f5b20207324.cloudfront.net (CloudFront)
x-amz-cf-id
53BEHlq7rM0USarntqD7hLddZBlWj4ZENKxQr1M3VaEVxOkfr22ufw==
x-amz-cf-pop
AMS1-P1
x-amz-version-id
null
x-cache
Hit from cloudfront
crossdomain.html
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 22EC
221 B
555 B
Document
General
Full URL
https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by
Host: spotxtech.com
URL: https://spotxtech.com/index_files/cdsession.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6c00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

Request headers

Referer
https://spotxtech.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
53706
content-length
221
content-type
text/html
date
Sun, 23 Oct 2022 22:07:26 GMT
etag
"21e34cf6a03f570df49e212018a567d0"
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
via
1.1 01ec1718bcc130455b377ec6b38ad50c.cloudfront.net (CloudFront)
x-amz-cf-id
bSMHNPqR8R-3rYnhde_6H53JEvMqL3-_K4c6I8gxhsu0EyPzZA-2qw==
x-amz-cf-pop
ZRH50-C1
x-amz-version-id
null
x-cache
Hit from cloudfront
crossdomain2.12.0.5273.b96c35cc.min.js
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame 22EC
3 KB
3 KB
Script
General
Full URL
https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by
Host: 1.c81358859121583b7adf2ace89cb39f44.com
URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6c00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 22:07:26 GMT
x-amz-version-id
null
via
1.1 01ec1718bcc130455b377ec6b38ad50c.cloudfront.net (CloudFront)
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
53706
etag
"9ee48a4da9c402e8a23ad085fb71f28f"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3227
x-amz-cf-id
UKaddZkB7HXaFBb_q2gGnUlYHZjawgqQVnPIOKTb8aVo0RZTjsbnNQ==
crossdomain2.12.0.5273.b96c35cc.min.js
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 9124
3 KB
3 KB
Script
General
Full URL
https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:b000:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 23 Oct 2022 16:57:54 GMT
via
1.1 f5d6b2021b5a22554c0e7f5b20207324.cloudfront.net (CloudFront)
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
72278
etag
"9ee48a4da9c402e8a23ad085fb71f28f"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3227
x-amz-cf-id
Dx4bm4gCWUrYCCVpbowtyGWrIkYY_aOhH8ItaHmtJR7hXNfgAoqPjg==
crossdomain2.12.0.5273.b96c35cc.min.js
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 0061
3 KB
3 KB
Script
General
Full URL
https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
Requested by
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:fe00:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 18:44:32 GMT
x-amz-version-id
null
via
1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified
Tue, 13 Oct 2020 12:04:25 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
65880
etag
"9ee48a4da9c402e8a23ad085fb71f28f"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3227
x-amz-cf-id
m6pyXHcNg6_aUoRKql9xwCCpkJ8GwcNeu8oA0kc5yyNVocFjjzCLyg==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| UIEvent object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cdwpb object| cdApi object| Utils object| customEventsObject object| cookiesUtils object| modalObject object| tealiumUtils function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| $ function| jQuery function| Cookies function| forceIE89Synchronicity object| lazySizes function| webkitAudioContext function| populateUserId function| cdSession string| style string| d string| t string| m object| s

4 Cookies

Domain/Path Name / Value
.spotxtech.com/ Name: cdContextId
Value: 1
.spotxtech.com/ Name: bmuid
Value: 1666616550471-2F4D4569-57A3-4683-ABC9-893AF93236F1
spotxtech.com/ Name: cdSessionId
Value: ca427bb4-df80-4663-8f9a-03f07c925356
.spotxtech.com/ Name: cdSNum
Value: 1666616550924-sjn0000977-c2a3bbe5-75fd-461d-896f-9fb93525cebd

15 Console Messages

Source Level URL
Text
network error URL: https://spotxtech.com/index_files/fszullhwyai6bvj.jpeg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://spotxtech.com/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://spotxtech.com/(Line 124)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network error URL: https://spotxtech.com/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://spotxtech.com/index_files/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://spotxtech.com/css/chevron_down.8adc6731.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://spotxtech.com/(Line 124)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://spotxtech.com/(Line 124)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://spotxtech.com/(Line 124)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://spotxtech.com/(Line 124)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network error URL: https://spotxtech.com/css/fszullhwyai6bvj-desktop-720x816-update.jpeg
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://spotxtech.com/(Line 124)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network error URL: https://spotxtech.com/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://spotxtech.com/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://spotxtech.com/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
Message:
Failed to load resource: the server responded with a status of 404 ()