| resources.mtb.com/r/simple-layout-responsive/css.mtb?v=11242021100000 | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/r/simple-layout-responsive/css.mtb?v=11242021100000 IP0.0.0.0:0
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/simple-layout-responsive/css.mtb?v=11242021100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| resources.mtb.com/Assets/img/mtb-logo.svg | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/Assets/img/mtb-logo.svg IP0.0.0.0:0
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 | 188.114.97.1 | 200 OK | 38 kB |
URL User Request GET HTTP/2www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcoso.workers.dev Fingerprint55:65:FA:2B:55:72:AC:C9:CB:35:DF:6C:A3:42:3E:54:52:C6:3E:D8 ValidityWed, 24 Apr 2024 19:15:23 GMT - Tue, 23 Jul 2024 19:15:22 GMT
File typeHTML document, ASCII text, with very long lines (38281) Hashccbff270d43aa6463b2ec34eae35e583 054c65c93c90c48488f529e24dc139e111c7b85a 0fc5c2ee45293b5d8a7fdb2da43ae6490aeb7220c97fe4e8f7e2552022f44794
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Suspicious Javascript code |
GET /tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 HTTP/1.1
Host: www3.coso.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:42:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytFeXX%2BkeFiJNIL5oFoKB9KjT6Eyn0JwO3QENGiZ1bRO848oSa20RTVG%2BybzGGrjSyWDcIwcGu5mD5k1mmvngoX0fXqVEf%2BO%2FyZA1IKKSGpldsaWMZ9qfGpbAuLhxk5WAHjtCZXpYsg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7af180d1b5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www3.coso.workers.dev/Assets/js/tealium_prod.js | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www3.coso.workers.dev/Assets/js/tealium_prod.js IP188.114.97.1:443
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 CertificateIssuerGoogle Trust Services LLC Subjectcoso.workers.dev Fingerprint55:65:FA:2B:55:72:AC:C9:CB:35:DF:6C:A3:42:3E:54:52:C6:3E:D8 ValidityWed, 24 Apr 2024 19:15:23 GMT - Tue, 23 Jul 2024 19:15:22 GMT
File typeHTML document, ASCII text, with very long lines (38281) Hashccbff270d43aa6463b2ec34eae35e583 054c65c93c90c48488f529e24dc139e111c7b85a 0fc5c2ee45293b5d8a7fdb2da43ae6490aeb7220c97fe4e8f7e2552022f44794
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/js/tealium_prod.js HTTP/1.1
Host: www3.coso.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 15:42:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BD8UJRTuRNMi%2BCeSB47PbgAeuXSnJQQO%2FrY5olBqdq1nczJNAGvvBdpu5uWmlCWGA253fuc06DrWHo61pCiadxvc87m6Mawat3TQCOtQKpblZiQGJVKWXRLZMBKOSE4mOE7sAqegs4o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7af19687956b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| resources.mtb.com/Assets/img/mtb-equalhousinglender.svg | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/Assets/img/mtb-equalhousinglender.svg IP0.0.0.0:0
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| resources.mtb.com/Assets/img/mtb-entrust.svg | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/Assets/img/mtb-entrust.svg IP0.0.0.0:0
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| resources.mtb.com/r/simple-layout-responsive/js.mtb?v=11242021100000 | 0.0.0.0 | | 0 B |
URL GET resources.mtb.com/r/simple-layout-responsive/js.mtb?v=11242021100000 IP0.0.0.0:0
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/simple-layout-responsive/js.mtb?v=11242021100000 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www3.coso.workers.dev/Assets/js/kessel-client-prod.js | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www3.coso.workers.dev/Assets/js/kessel-client-prod.js IP188.114.97.1:443
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 CertificateIssuerGoogle Trust Services LLC Subjectcoso.workers.dev Fingerprint55:65:FA:2B:55:72:AC:C9:CB:35:DF:6C:A3:42:3E:54:52:C6:3E:D8 ValidityWed, 24 Apr 2024 19:15:23 GMT - Tue, 23 Jul 2024 19:15:22 GMT
File typeHTML document, ASCII text, with very long lines (38281) Hashccbff270d43aa6463b2ec34eae35e583 054c65c93c90c48488f529e24dc139e111c7b85a 0fc5c2ee45293b5d8a7fdb2da43ae6490aeb7220c97fe4e8f7e2552022f44794
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/js/kessel-client-prod.js HTTP/1.1
Host: www3.coso.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 15:42:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BatVb1LjypdTHJubWhXSglseiFj9rh88AMEgA6wE%2Fn8hOb5GQ%2F3ghMZSz3wHOHxP0KeItBE2ss5BF3ddQDRPG2wZLA4OP7JBYYtlFkwGDH8HALtZoKubwPWshjO7asMICZxklPsRax0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7af1988a956b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www3.coso.workers.dev/Assets/scripts/kessel-help.js | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www3.coso.workers.dev/Assets/scripts/kessel-help.js IP188.114.97.1:443
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 CertificateIssuerGoogle Trust Services LLC Subjectcoso.workers.dev Fingerprint55:65:FA:2B:55:72:AC:C9:CB:35:DF:6C:A3:42:3E:54:52:C6:3E:D8 ValidityWed, 24 Apr 2024 19:15:23 GMT - Tue, 23 Jul 2024 19:15:22 GMT
File typeHTML document, ASCII text, with very long lines (38281) Hashccbff270d43aa6463b2ec34eae35e583 054c65c93c90c48488f529e24dc139e111c7b85a 0fc5c2ee45293b5d8a7fdb2da43ae6490aeb7220c97fe4e8f7e2552022f44794
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/scripts/kessel-help.js HTTP/1.1
Host: www3.coso.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 15:42:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGeo4KynXkN5nf6sc0bNmCX3ryVvkqBMdb2YbAydDAPNXv%2F%2F2F0pzjBBv7cyx%2BUXYPF0Ii01fQK3Z9XOhlGDShoFPLZ8g9kyBUxxgcd83I8RBYb%2FRpo7aQ0BpVrLQj8bVifiQI77BsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7af1988b256b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www3.coso.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=9 | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www3.coso.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=9 IP188.114.97.1:443
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 CertificateIssuerGoogle Trust Services LLC Subjectcoso.workers.dev Fingerprint55:65:FA:2B:55:72:AC:C9:CB:35:DF:6C:A3:42:3E:54:52:C6:3E:D8 ValidityWed, 24 Apr 2024 19:15:23 GMT - Tue, 23 Jul 2024 19:15:22 GMT
File typeHTML document, ASCII text, with very long lines (38281) Hashccbff270d43aa6463b2ec34eae35e583 054c65c93c90c48488f529e24dc139e111c7b85a 0fc5c2ee45293b5d8a7fdb2da43ae6490aeb7220c97fe4e8f7e2552022f44794
GET /TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=9 HTTP/1.1
Host: www3.coso.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 15:42:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9J8DGwah4fzEB3Og05vZLlj0P6HNPhlGBtL5l9pCk19Ny05j8IomqoLw6M6gNOBJvTs4cVNahakjDV48Ofw93yKWLpYGbroXeigh8T6DujHevptnLxXDwZvypk3FoZ2nxBOw%2BFsHU6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7af19585d56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| asset.mtb.com/Documents/html/homepage/favicon.ico | 0.0.0.0 | | 0 B |
URL GET asset.mtb.com/Documents/html/homepage/favicon.ico IP0.0.0.0:0
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www3.coso.workers.dev/Assets/js/mtb_app_wbk.js | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www3.coso.workers.dev/Assets/js/mtb_app_wbk.js IP188.114.97.1:443
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 CertificateIssuerGoogle Trust Services LLC Subjectcoso.workers.dev Fingerprint55:65:FA:2B:55:72:AC:C9:CB:35:DF:6C:A3:42:3E:54:52:C6:3E:D8 ValidityWed, 24 Apr 2024 19:15:23 GMT - Tue, 23 Jul 2024 19:15:22 GMT
File typeHTML document, ASCII text, with very long lines (38281) Hashccbff270d43aa6463b2ec34eae35e583 054c65c93c90c48488f529e24dc139e111c7b85a 0fc5c2ee45293b5d8a7fdb2da43ae6490aeb7220c97fe4e8f7e2552022f44794
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/js/mtb_app_wbk.js HTTP/1.1
Host: www3.coso.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 15:42:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJhfhuxfoom5KSzPUoBePzPisiAHNG8Ubrc84IwOEy4swdFp0uiZKjNx9COJiiXVDJGFhHG7pTnevJBzMe%2BWQhbH1aagps2kzvFLdwAdEEAxa8XJV5ZSX0tKyZMGzb%2BeQiu9c9fOVkA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7af19586456b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www3.coso.workers.dev/ruxitagentjs_ICA2Vfhjqrux_10233220201140653.js | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www3.coso.workers.dev/ruxitagentjs_ICA2Vfhjqrux_10233220201140653.js IP188.114.97.1:443
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 CertificateIssuerGoogle Trust Services LLC Subjectcoso.workers.dev Fingerprint55:65:FA:2B:55:72:AC:C9:CB:35:DF:6C:A3:42:3E:54:52:C6:3E:D8 ValidityWed, 24 Apr 2024 19:15:23 GMT - Tue, 23 Jul 2024 19:15:22 GMT
File typeHTML document, ASCII text, with very long lines (38281) Hashccbff270d43aa6463b2ec34eae35e583 054c65c93c90c48488f529e24dc139e111c7b85a 0fc5c2ee45293b5d8a7fdb2da43ae6490aeb7220c97fe4e8f7e2552022f44794
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /ruxitagentjs_ICA2Vfhjqrux_10233220201140653.js HTTP/1.1
Host: www3.coso.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 15:42:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFWuqbcpg%2B9IGCWTdj1T1MXfbnAScVO9yTBby1MoPxJ8OFkF9SM9Df039jMu0HNNfL8roKSYXKd%2B3P%2FLLLoHq0GW%2Bx%2BKn4LPXTofJdAbfu1qxeQoLwE10umflYcwKCh04pYD9bdmfqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7af19586b56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www3.coso.workers.dev/Assets/scripts/Login/Index.js | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www3.coso.workers.dev/Assets/scripts/Login/Index.js IP188.114.97.1:443
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 CertificateIssuerGoogle Trust Services LLC Subjectcoso.workers.dev Fingerprint55:65:FA:2B:55:72:AC:C9:CB:35:DF:6C:A3:42:3E:54:52:C6:3E:D8 ValidityWed, 24 Apr 2024 19:15:23 GMT - Tue, 23 Jul 2024 19:15:22 GMT
File typeHTML document, ASCII text, with very long lines (38281) Hashccbff270d43aa6463b2ec34eae35e583 054c65c93c90c48488f529e24dc139e111c7b85a 0fc5c2ee45293b5d8a7fdb2da43ae6490aeb7220c97fe4e8f7e2552022f44794
Analyzer | Verdict | Alert | OpenPhish | phishing | M & T Bank Coporation |
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: www3.coso.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 15:42:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xk2Ljq1jyUsjuGtlCAC1yaj4H7JB%2FFLfFRmVxeSmpDL7L4eP4eymVPZVOR%2FdTz6KxdEUEWbpvb7dXMHwRP9gg4gqmvG5dXnPk%2Bc7ms279qPjvOd7HSDrPXvtH3jZorC0bz7rSjEg7%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7af1988b456b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www3.coso.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www3.coso.workers.dev/TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 IP188.114.97.1:443
Requested byhttps://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 CertificateIssuerGoogle Trust Services LLC Subjectcoso.workers.dev Fingerprint55:65:FA:2B:55:72:AC:C9:CB:35:DF:6C:A3:42:3E:54:52:C6:3E:D8 ValidityWed, 24 Apr 2024 19:15:23 GMT - Tue, 23 Jul 2024 19:15:22 GMT
File typeHTML document, ASCII text, with very long lines (38281) Hashccbff270d43aa6463b2ec34eae35e583 054c65c93c90c48488f529e24dc139e111c7b85a 0fc5c2ee45293b5d8a7fdb2da43ae6490aeb7220c97fe4e8f7e2552022f44794
GET /TSPD/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17 HTTP/1.1
Host: www3.coso.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www3.coso.workers.dev/tspd/0856addebbab20004666d7ee90a9c1cc91098e9a327422308cb14c168b5247d9da57f332fcae7aa2?type=17
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 15:42:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6oUyS1SFOl0UUgbSRmXrLXUqVK9O71W8RpCMOhxDK4yMrQJZmQamAJzySqP6E9WehkdYVYz6p5eZeMAqQLTyL7bdwjJRsICaUB1NHeTcMHNZihkcET3gvodFHJP7gnJ%2F%2BWbmbNsX9WI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7af19586056b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|