firefox.settings.services.mozilla.com/v1/
13.224.222.54200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 13.224.222.54:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 22:03:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 320b04684a5b16980772c5d36c63ecea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: O3_WtUeSKg_WXUdF-uk2rC0jXZQZIekZSX4G1ED4VOzRkzPq5deqxQ==
Age: 189
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17812
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Sun, 02 Oct 2022 22:06:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
13.224.222.85200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 13.224.222.85:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9d050fbf11362165fc47c03a14392c36.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: YBgpDEMYGqJsPDiOtqgX-VSajd9Hfg-FOctRcgSpxHb8zI2wf3al0Q==
age: 66794
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:06:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
test.atomicvalidation.com/
192.3.204.194200 OK 100 kB URL HTTP/1.1 test.atomicvalidation.com/
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 100 kB (100278 bytes)
Hash 07b5e56b140ca6d0d6f0469aaa8a9aef
653e89e58086ea26478268b424daa7b502925834
b6467c1102dfc4795d0a19626b6fd7797d243b622edef63f36a325ac1285f5d8
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET / HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:30 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 20:25:54 GMT
Accept-Ranges: bytes
Content-Length: 100278
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
13.224.222.54200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 13.224.222.54:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 21:32:53 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 21:45:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9061e936b29505d1b542db7af99b46c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: Ixi2rNqwmgDoVbWR-2TLy7godl8vqDquu0IR9N488JlVxPbV_uySmg==
Age: 2018
test.atomicvalidation.com/content/dam/mtb-web/scripts/status.js
192.3.204.194200 OK 19 kB URL HTTP/1.1 test.atomicvalidation.com/content/dam/mtb-web/scripts/status.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type Unicode text, UTF-8 text, with very long lines (457), with CRLF line terminators
Hash 8c998ad1bb276144adaf1ed19ec66d45
8acdd3e5f1485f5e59acc1071a51168254ca70a4
d0760c79fd13959928a7061bd3d619b27daebee47ae94483439a70a8de198a3b
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /content/dam/mtb-web/scripts/status.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 14:22:00 GMT
Accept-Ranges: bytes
Content-Length: 18783
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
192.3.204.194404 Not Found 315 B URL HTTP/1.1 test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
test.atomicvalidation.com/content/dam/mtb-web/scripts/axp.js
192.3.204.194200 OK 3.3 kB URL HTTP/1.1 test.atomicvalidation.com/content/dam/mtb-web/scripts/axp.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with CRLF line terminators
Hash 9f8789c1d686164ef99ff3a2cda2f581
7a3152623ee2e0348ef74588419df39f2b5afbb3
74b2301f83da81152130c5ada202f02c790977b4fe669ed0b6c0b59ffba63174
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /content/dam/mtb-web/scripts/axp.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Wed, 01 Jun 2022 22:08:06 GMT
Accept-Ranges: bytes
Content-Length: 3269
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5245
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:06:31 GMT
Last-Modified: Sun, 02 Oct 2022 20:39:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
test.atomicvalidation.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js
192.3.204.194200 OK 24 kB URL HTTP/1.1 test.atomicvalidation.com/content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type HTML document, Unicode text, UTF-8 text, with very long lines (597), with CRLF line terminators
Hash 7481919c3c7a8d8978d5e3f60649d304
467d3272ec1472d76aa927bf763d9166adfa343c
b52491c27cecf65625609e90b2e38241196e162ade5ba7f4c280d2fb6c00d8a9
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /content/dam/mtb-web/scripts/alert_scripts/allAlertobject.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Thu, 22 Sep 2022 17:19:04 GMT
Accept-Ranges: bytes
Content-Length: 24249
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
192.3.204.194200 OK 404 kB URL HTTP/1.1 test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (460)
Size 404 kB (404045 bytes)
Hash e12f1c15a62f7a6fa051b2642b7df935
4de43276af9cb960ac79c848655d8ac3ed44b1a1
3960cdb6b4a1c46d19d1d974c8bd8c429b12fbd7dde63617fd008b6b5c0671da
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Wed, 29 Jun 2022 20:38:00 GMT
Accept-Ranges: bytes
Content-Length: 404045
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
test.atomicvalidation.com/onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
192.3.204.194200 OK 296 kB URL HTTP/1.1 test.atomicvalidation.com/onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (65536), with no line terminators
Size 296 kB (296457 bytes)
Hash b06093cb87ab6ff11d387cdf51cb63d6
ec9bd9719297b4891a2421137d6e95c58987e7b3
e83279a6bc054a051b5a8ff9e5e5031cd2419482d691b53e5b5cbe6c7fad1086
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /onlinebanking.mtb.com/Assets/js/mtb_app_wbk.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 17:47:56 GMT
Accept-Ranges: bytes
Content-Length: 296457
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5n4KsMY57pXsBZnEayskTg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yaTwmENHmVLJONyWU5gDQixdc9Q=
test.atomicvalidation.com/etc.clientlibs/axp-common/clientlibs/vendor.js
192.3.204.194200 OK 242 kB URL HTTP/1.1 test.atomicvalidation.com/etc.clientlibs/axp-common/clientlibs/vendor.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (53751)
Size 242 kB (242127 bytes)
Hash e925d338a698462d022127e9e2e838c0
6234d6c994412965680756c6fcc4fe36589bf5ff
c5bac5c06dfc6a8b1547af4e6dfa0d784f70db7c92cfe1e97c45e962f0283d0c
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /etc.clientlibs/axp-common/clientlibs/vendor.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Thu, 21 Apr 2022 21:02:30 GMT
Accept-Ranges: bytes
Content-Length: 242127
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
test.atomicvalidation.com/content/dam/mtb-web/scripts/cdsession.js
192.3.204.194200 OK 620 kB URL HTTP/1.1 test.atomicvalidation.com/content/dam/mtb-web/scripts/cdsession.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type ASCII text, with very long lines (64196), with CRLF line terminators
Size 620 kB (619717 bytes)
Hash 19ee225881ecdaf3ff36b3531076c680
151c6ad0d4589a12d12c6610cff38bec490709f3
302462d4283c45e7405dcaf5036c9f1e34982c47baaa0a39c2b45e6cb9a203f4
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /content/dam/mtb-web/scripts/cdsession.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Fri, 04 Feb 2022 16:45:50 GMT
Accept-Ranges: bytes
Content-Length: 619717
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
test.atomicvalidation.com/content/dam/mtb-web/logos/white%20logo.png
192.3.204.194200 OK 4.9 kB URL HTTP/1.1 test.atomicvalidation.com/content/dam/mtb-web/logos/white%20logo.png
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type PNG image data, 174 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash c0147602bcf486443b17ad6f3e31b2af
5b1b036726ede6f2186c0e85ad1a201f560ecd64
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
Analyzer Verdict Alert openphish M & T Bank Coporation
GET /content/dam/mtb-web/logos/white%20logo.png HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Thu, 16 Apr 2020 22:07:44 GMT
Accept-Ranges: bytes
Content-Length: 4936
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
test.atomicvalidation.com/content/dam/mtb-web/coupon/equal-housing-lender-logo.png
192.3.204.194200 OK 1.5 kB URL HTTP/1.1 test.atomicvalidation.com/content/dam/mtb-web/coupon/equal-housing-lender-logo.png
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type PNG image data, 23 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash df5acca843cd10a9f0b683403207812f
40e3af1ed5c19e8caf85eb9d5a11c92e1e7ed624
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3
Analyzer Verdict Alert openphish M & T Bank Coporation
GET /content/dam/mtb-web/coupon/equal-housing-lender-logo.png HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Wed, 31 Mar 2021 12:58:52 GMT
Accept-Ranges: bytes
Content-Length: 1509
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
192.3.204.194404 Not Found 315 B URL HTTP/1.1 test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /tags.tiqcdn.com/utag/mtbank/main/prod/utag.sync.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
192.3.204.194404 Not Found 315 B URL HTTP/1.1 test.atomicvalidation.com/tags.tiqcdn.com/utag/mtbank/main/prod/utag.js
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /tags.tiqcdn.com/utag/mtbank/main/prod/utag.js HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 4183e49ca4e5b86e66e108ba0464c2d7
1da7e01e9b94c1d047faa524f7b1aae977785e8d
a059bd125dd6e9954e5a27316541956643bbab7867e6136e8dd00613ea304986
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 02 Oct 2022 22:06:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 01 Oct 2022 23:41:25 GMT
Expires: Sun, 02 Oct 2022 23:41:25 GMT
ETag: "1da7e01e9b94c1d047faa524f7b1aae977785e8d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A3YWg4-DAQAAc8igJhAJwx6ZrdjsbMU6Zt_yxcQX5fOCR9HRS35VGdG3iqeAAWaBmLp4z6G0wH8AAEB3AAAAAA==&c=240388775
107.162.179.174200 OK 921 B URL HTTP/1.0 ponos.zeronaught.com/1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A3YWg4-DAQAAc8igJhAJwx6ZrdjsbMU6Zt_yxcQX5fOCR9HRS35VGdG3iqeAAWaBmLp4z6G0wH8AAEB3AAAAAA==&c=240388775
IP 107.162.179.174:0
File type ASCII text, with very long lines (921), with no line terminators
Hash bbddd83ddbd2d1e661ae8ff535c2643e
fd4198943f5686dca49847cd387e985c356b49e2
ab455596a7af3cc8ba1548e0776273bfea8c7516296e4b432e35fe264f94ec3b
GET /1?a=2bf6dbb2864396b97f1160826d33cb1158d36fce&b=A3YWg4-DAQAAc8igJhAJwx6ZrdjsbMU6Zt_yxcQX5fOCR9HRS35VGdG3iqeAAWaBmLp4z6G0wH8AAEB3AAAAAA==&c=240388775 HTTP/1.1
Host: ponos.zeronaught.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://test.atomicvalidation.com
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.0 200 OK
Access-Control-Allow-Origin: *
Content-Type: text/plain; charset=UTF-8
Connection: close
Content-Length: 921
locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg
104.18.116.52200 OK 568 B URL HTTP/2 locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg
IP 104.18.116.52:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (564)
Hash c16a3f3b20927f9e6f7528182f845c04
574d873533eb2c64cbdb9ea3e0acb5ec6faaffe8
8410635c0b7e1b3a1fa82e4e04a4578d44aa6b8505c4494bf4a280304bdc5a77
GET /permanent-b0b701/assets/images/chevron_down.8adc6731.svg HTTP/1.1
Host: locations.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:06:32 GMT
content-type: image/svg+xml
content-length: 568
cache-control: max-age=31536000
content-encoding: gzip
etag: "050cee664fbeeeea1650f8360bc400ef"-gzip
last-modified: Fri, 27 Aug 2021 20:52:43 GMT
owner: sitescog-19087
strict-transport-security: max-age=31536000; includeSubDomains
surrogate-key: locations.mtb.com locations.mtb.com%2Fpermanent-b0b701%2Fassets%2Fimages%2Fchevron_down.8adc6731.svg
vary: Accept-Encoding
x-amz-id-2: jEBdHqO0HvschBmuhZ1/1JnGcSAAs5cUQ1ApLG4zB9uLTiVKrmzoRNzU7YDeEZwSJMsT+zOPXlo=
x-amz-request-id: CFPV64X512BNFMN5
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-yext-site: us2
x-yext-subendpoint: static
cf-cache-status: HIT
age: 44627
accept-ranges: bytes
set-cookie: __cf_bm=jiGvnDS9RgjfwieeJryeOsOiT1eiRZAD2qQGFHWzlEQ-1664748392-0-Ab1A8asB0voWxFPadGyXIPkgEyOFW7VOG7slMjTUORQitbqn1MYALjC5qRwsy44BmqPNGRLpJpkUhlcBw5mVjxU=; path=/; expires=Sun, 02-Oct-22 22:36:32 GMT; domain=.locations.mtb.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7540beebfdfbb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
192.3.204.194200 OK 66 kB URL HTTP/1.1 test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Hash 2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Last-Modified: Thu, 30 Jan 2020 22:52:24 GMT
Accept-Ranges: bytes
Content-Length: 66170
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff
test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
192.3.204.194200 OK 64 kB URL HTTP/1.1 test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Last-Modified: Thu, 30 Jan 2020 22:52:24 GMT
Accept-Ranges: bytes
Content-Length: 64318
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff
test.atomicvalidation.com/content/dam/mtb-web/logos/Login-Minimal-Modal-Background.jpg
192.3.204.194200 OK 28 kB URL HTTP/1.1 test.atomicvalidation.com/content/dam/mtb-web/logos/Login-Minimal-Modal-Background.jpg
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=Adobe Photoshop CC 2019 Macintosh\012- GLS_BINARY_LSB_FIRST DIY-Thermocam raw data\012- (Lepton 2.x), scale -10784--4818, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 2011659602231296.000000], baseline, precision 8, 721x900, components 3\012- data
Hash abb950c3fbe4bd1d1b08ce5f223f368c
d20f2fa4c966000c6b19c59a17352a1abb41075c
60f064cd48214cb73f54404a2eda28d731f49bf853509d47da070174784e11b9
Analyzer Verdict Alert openphish M & T Bank Coporation
GET /content/dam/mtb-web/logos/Login-Minimal-Modal-Background.jpg HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Last-Modified: Thu, 16 Apr 2020 22:07:42 GMT
Accept-Ranges: bytes
Content-Length: 27608
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
192.3.204.194200 OK 68 kB URL HTTP/1.1 test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Last-Modified: Thu, 30 Jan 2020 22:52:24 GMT
Accept-Ranges: bytes
Content-Length: 67671
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff
test.atomicvalidation.com/bin/wcm/articles
192.3.204.194404 Not Found 315 B URL HTTP/1.1 test.atomicvalidation.com/bin/wcm/articles
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /bin/wcm/articles HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 80e61ba00059e1c9bf442f4fa29524ee
22c66082e2cfde867bd6fd55486ab2e357f25f9c
bc22cf613cf329b3b85e0e600dbaf946e762c5c800995f47571650fe3ce927f3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 02 Oct 2022 22:06:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 02 Oct 2022 20:07:39 GMT
Expires: Mon, 03 Oct 2022 20:07:39 GMT
ETag: "22c66082e2cfde867bd6fd55486ab2e357f25f9c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
52.141.217.134200 OK 899 B URL HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (899), with no line terminators
Hash 41efeb9daff8754a66330fbfa14c0e1e
5bef84200d935d7b7bbc16761c6f63d27253f237
566a3c4d6f7a41bebd3e336adcabab8981a861f66d1eb1055931d681e9ae0b1c
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: https://test.atomicvalidation.com
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 899
date: Sun, 02 Oct 2022 22:06:32 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 16eef4b9-8988-41c4-9c12-509df228c548
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
test.atomicvalidation.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
192.3.204.194200 OK 66 kB URL HTTP/1.1 test.atomicvalidation.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Hash 2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Last-Modified: Thu, 15 Oct 2020 22:08:14 GMT
Accept-Ranges: bytes
Content-Length: 66170
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff
test.atomicvalidation.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
192.3.204.194200 OK 68 kB URL HTTP/1.1 test.atomicvalidation.com/etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
Analyzer Verdict Alert openphish M & T Bank Coporation
fortinet Phishing
GET /etc.clientlibs/axp-common/clientlibs/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Last-Modified: Thu, 15 Oct 2020 22:08:14 GMT
Accept-Ranges: bytes
Content-Length: 67671
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6950
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:06:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6950
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:06:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 1265
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
test.atomicvalidation.com/favicon.ico
192.3.204.194404 Not Found 315 B URL HTTP/1.1 test.atomicvalidation.com/favicon.ico
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish M & T Bank Coporation
GET /favicon.ico HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Cookie: cdContextId=1; bmuid=1664748391830-65CA3D4A-FB3D-44D7-B293-CCA8B60D4DEF; cdSNum=1664748392557-sjn0000378-daf2a023-47e2-4423-bdff-94e3a58ddd6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:06:32 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 62732
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bb7613964aef696917cb85a6d0bcac4
89ce0e6d742144439a96ace034adae4e7e167311
24b100b10aa041effad83e9379447f4f62d95dcf6eb27a6b093a7caaa484f964
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6321
x-amzn-requestid: 605adeca-4345-4481-999e-d50ebc123767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabGsgIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-68542d1b56697ab33dd63941;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xZUu90wyCNVEexHxRRNQz0aDhNy_u0WC2v8TVxHkQvW-evaDwfKTtQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "89ce0e6d742144439a96ace034adae4e7e167311"
content-type: image/jpeg
age: 1265
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 1265
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91079e915678800d2e2e1f68415d5dc4
2d543d6b1bed9901437c3b880bd415ece354cbf7
b9bda55eef23a199fff3bd3fde22486ef4d50edd36b105b0ee13479b96c2ba22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6983
x-amzn-requestid: e551848c-073a-4317-8841-1fc5fd8a38c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWb3EGdoAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044b-6c6a638527bb19f621cd40b1;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dovur2A7-Vx80FdqmWlJZDBBKnAqX0t9FYOIaqikEumI9bebg171KQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "2d543d6b1bed9901437c3b880bd415ece354cbf7"
content-type: image/jpeg
age: 1265
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
13.224.222.34200 OK 221 B URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
IP 13.224.222.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 02:02:13 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 9020b755bdec9fbd562cc16c0a42d6f2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: DzBKq_vs3Rm2pmZcWGLSgejxTH8ph6gb2X7cX1wYL2qNOiXh5wLuLA==
age: 72260
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 3148d49ad0fadc5f25a235e4bf1dabb5
a713cc9102db2438355e9bbfd41ecd7250289796
c6170fc49936e98565ac6178ed254e8f3ba48b0c172296fd08d6fa8e6113e7f2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 23:15:45 GMT
Expires: Thu, 06 Oct 2022 23:15:44 GMT
Etag: "a713cc9102db2438355e9bbfd41ecd7250289796"
Cache-Control: max-age=349151,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7540beeef91cb511-OSL
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
13.224.222.111200 OK 221 B URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
IP 13.224.222.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Sun, 02 Oct 2022 02:41:37 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a411e1d9cf3f776cc77733eb0d71fb34.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: 3vRryh21WO1q0WqL8aDc-3l6lnz0IziVXHhrEmXaIx5mtaFZ2-RBIQ==
age: 69896
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif
34.120.237.76400 Bad Request 3 B URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif
IP 34.120.237.76:0
File type ASCII text, with no line terminators
Hash fcc3d7489d15ef49dbbf735234234cf7
654e0aaee80e38636c503629d32225db31a616de
52109349dabf69106e04ec2f493fb8b6ade94ea100227cccce6559ab8b96553f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Sun, 02 Oct 2022 22:06:32 GMT
content-type: application/json
content-length: 3
x-amzn-requestid: 1c8d9e15-568c-4e86-af90-7cb83d7f76dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZa2dG91oAMF8ag=
cache-control: max-age=120,public
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0b5c-15309edb4d6a8560538b6c5a;Sampled=0
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Error from cloudfront
x-amz-cf-id: _AjEWTMo1GQJvcOYl9QGOvnTJLDbLhozg67shJh180Gcem2itIITFw==
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450
34.120.237.76200 OK 1 B URL HTTP/2 img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450
IP 34.120.237.76:0
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450 HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 1
x-amzn-requestid: e07bcab1-4238-4f19-bd9f-5c13df7d377f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWamH3tIAMFzbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0443-074d95046d062c2475ab5efb;Sampled=0
x-amzn-remapped-date:
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5YU9gPtzbBt1JHoOo05mPgE4n4VPzMcFzGczDf49M3vsULsxlD_4oQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:42:47 GMT
age: 1425
etag:
content-type: application/x-empty; charset=binary
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
13.224.222.34200 OK 3.2 kB URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 13.224.222.34:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 18:18:48 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 9020b755bdec9fbd562cc16c0a42d6f2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: GWQrCN-oXWX8yGmVlfu09XHoumke3rp_oU7cwEzAvflZTPWpCGgj8w==
age: 13666
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
13.224.222.111200 OK 3.2 kB URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 13.224.222.111:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 15:50:51 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 a411e1d9cf3f776cc77733eb0d71fb34.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: eEg_tkjxQ_AnV-CPmYzAqhi2FvXqHd0ipujUYIJrbGO9XrRYQEUfbQ==
age: 22543
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
13.224.222.68200 OK 221 B URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
IP 13.224.222.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Sun, 02 Oct 2022 03:08:40 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 340acc109468df693ec024a66dbb0f1e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: rfrEQrwx4Rb4Gwi8cfFkJuPYN7CPwdu9GFZq4Q_BIuKQVLE2cgksxg==
age: 68274
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
13.224.222.68200 OK 3.2 kB URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 13.224.222.68:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 21:40:45 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 340acc109468df693ec024a66dbb0f1e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: 3B-Hniz0GnYug0-b8gRWTfV5OKWhiwYzjminKobBxU1a3mNjCh502A==
age: 1549
X-Firefox-Spdy: h2
log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1664748392557-sjn0000378-daf2a023-47e2-4423-bdff-94e3a58ddd6a&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51
52.238.253.184204 No Content 0 B URL HTTP/2 log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1664748392557-sjn0000378-daf2a023-47e2-4423-bdff-94e3a58ddd6a&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51
IP 52.238.253.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=mufasa&cdsnum=1664748392557-sjn0000378-daf2a023-47e2-4423-bdff-94e3a58ddd6a&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51 HTTP/1.1
Host: log-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1252
Origin: https://test.atomicvalidation.com
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 02 Oct 2022 22:06:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
52.141.217.134200 OK 558 B URL HTTP/2 wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash 10802999129789f3bb88d59eef5f006a
4543c710f000476b70c0ff53c87c0447424db5fd
564e2cb6831bc9366eec6c9e395ccac53e6aaf39bae3bf1ce679ee340fa3fe71
POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2402
Origin: https://test.atomicvalidation.com
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Sun, 02 Oct 2022 22:06:36 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: db0233e7-5f1c-42f3-94a8-ae13d5633e80
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
192.3.204.194200 OK 0 B URL HTTP/1.1 test.atomicvalidation.com/etc.clientlibs/mtb-web/clientlibs/clientlib-base.css
IP 192.3.204.194:0
ASN #36352 AS-COLOCROSSING
Analyzer Verdict Alert openphish M & T Bank Coporation
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.css HTTP/1.1
Host: test.atomicvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.atomicvalidation.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:06:31 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 20:28:58 GMT
Accept-Ranges: bytes
Content-Length: 434661
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css