Report - up1igo.com/YBA%20M&T/login.php

Report Overview

Submitted URL
up1igo.com/YBA%20M&T/login.php
IP
164.92.140.107
ASN
#0
Submitted
2022-11-05 20:53:28
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	1.4 kB	2.8 kB	142.250.74.35
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.41.91.37
up1igo.com	unknown	2022-11-05T19:54:09Z	2023-03-10T16:35:11Z	13 kB	2.2 MB	164.92.140.107
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
ocsp.entrust.net	1208	2014-01-10T03:18:45Z	2023-03-10T05:15:17Z	340 B	2.0 kB	104.110.10.32
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	823 B	757 B	142.250.74.164
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	1.7 kB	4.8 kB	172.64.155.188
1.c81358859121583b7adf2ace89cb39f44.com	75217	2020-11-23T10:04:27Z	2023-03-10T04:41:21Z	1.0 kB	4.4 kB	54.230.111.57
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	55 kB	34.120.237.76
log-5d65a0ab.us.v2.we-stats.com	127984	2022-06-27T02:08:21Z	2023-03-10T04:41:23Z	616 B	231 B	52.238.253.184
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
1.a79ab95c1589a13f8a4cab612bc71f9f7.com	75111	2020-11-23T10:04:27Z	2023-03-10T04:41:21Z	1.0 kB	4.4 kB	54.230.111.21
1.b406929acabac9b095f124c81bdfcf57f.com	75277	2020-11-23T10:04:27Z	2023-03-10T04:41:21Z	1.0 kB	4.4 kB	54.230.111.127
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.77.32
asset.mtb.com	246397	2017-02-13T05:24:51Z	2023-03-10T13:08:34Z	399 B	16 kB	54.230.111.64
www.google.com.gh	28753	2012-07-15T18:24:20Z	2023-03-10T07:12:17Z	826 B	757 B	142.250.74.163
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-10T05:13:22Z	340 B	2.3 kB	192.124.249.23
wup-5d65a0ab.us.v2.we-stats.com	124155	2022-06-23T15:53:25Z	2023-03-10T04:41:19Z	1.5 kB	3.4 kB	52.141.217.134
mtb-app.quantummetric.com	unknown	2022-06-20T23:58:22Z	2023-03-10T04:41:23Z	3.7 kB	5.9 kB	34.67.142.127
mtb.d1.sc.omtrdc.net	81289	2012-11-08T18:12:31Z	2023-03-10T04:41:20Z	1.1 kB	1.6 kB	13.36.218.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-05	medium	up1igo.com/assets/fonts/mandtbaltoweb-book.woff	Phishing
2022-11-05	medium	up1igo.com/assets/fonts/mandtpg-iconfont.woff	Phishing
2022-11-05	medium	up1igo.com/assets/fonts/mandtbaltoweb-medium.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	up1igo.com/YBA%20M&T/ybafiles/utag.1.js.download	64 kB	2023-03-07	2023-03-13
Pretty URL up1igo.com/YBA%20M&T/ybafiles/utag.1.js.download IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:22 Last Seen2023-03-13 01:11:03 Times Seen1 Hash b7b2579a56826f6fb809d52437a371c6 e25dc681d01279a0796a171575b79f74efc89f9c aef620f2df948984d87998af09e21321374346640cdf967fb95731d9cb8c66bb Loading...

	up1igo.com/YBA%20M&T/ybafiles/utag.9.js.download	6.0 kB	2023-03-07	2023-03-13
Pretty URL up1igo.com/YBA%20M&T/ybafiles/utag.9.js.download IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:22 Last Seen2023-03-13 01:11:44 Times Seen1 Hash 4ed8051b60fc854744610f73509b8514 c3cf967eaffb319457c83257d41b7e9143542fd7 9b5c814faea9d36f3008b6c05721fbdaf0885a9a6d9615bf8f4d1749785398d5 Loading...

	up1igo.com/YBA%20M&T/ybafiles/f(1).txt	2.4 kB	2023-03-10	2023-03-13
Pretty URL up1igo.com/YBA%20M&T/ybafiles/f(1).txt IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:39:17 Last Seen2023-03-13 01:11:44 Times Seen1 Hash ae5f9d45e5db6c7fab0dafbc3a3ae3c8 099b06202fdaaa652aafc74a68f44024a2baed96 b36709de66d6e90bca55d0e2291cab131c4291aadcc6b87501cdd68aa173bfec Loading...

	1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js	3.2 kB	2023-03-07	2024-04-12
Pretty URL 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js IP 54.230.111.127 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:16 Last Seen2024-04-12 17:43:01 Times Seen5046 Hash 9ee48a4da9c402e8a23ad085fb71f28f f0c59306d6313f9bee02b53ca8903991bd24bfd7 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622 Loading...

	1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html	87 B	2023-03-07	2023-04-05
Pretty URL 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html IP 54.230.111.127 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:16 Last Seen2023-04-05 01:48:21 Times Seen54 Hash 2e4d7d52e5909922bf021f1cc09b8932 dc20df92c388423464243e53c7a378f0016effc9 0242c236e7c83d9c9d5281fc2614b82c4bf516e7e2552c4e042ecbf9fcf45027 Loading...

	up1igo.com/YBA%20M&T/login.php	1 B	2023-03-07	2024-04-16
Pretty URL up1igo.com/YBA%20M&T/login.php IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-16 08:08:27 Times Seen68265 Hash 68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Loading...

	up1igo.com/YBA%20M&T/ybafiles/utag.8.js.download	11 kB	2023-03-07	2023-03-13
Pretty URL up1igo.com/YBA%20M&T/ybafiles/utag.8.js.download IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:22 Last Seen2023-03-13 01:11:44 Times Seen1 Hash 55e2dafd4e2f01e1da100818637f6e46 d6c8b0b942eefbed9e13215a7b0624e01b721aa2 651c517ff5f016be06ef6497924c898fdbe4dac5a612ae65c407c60e64c8f8b8 Loading...

	up1igo.com/YBA%20M&T/ybafiles/js	117 kB	2023-03-10	2023-03-13
Pretty URL up1igo.com/YBA%20M&T/ybafiles/js IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:39:17 Last Seen2023-03-13 01:11:44 Times Seen1 Hash b2adeb3f0f77b5b2d18b9ea85a7e51d1 06605cf09bb0443b391e646ae40b61f21c2e4a00 f5b069d9c0a76fafa63a388140825a1104caec542c6105499f53e8d7fa89b6ea Loading...

	up1igo.com/YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229(1)	134 kB	2023-03-10	2023-03-13
Pretty URL up1igo.com/YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229(1) IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:39:17 Last Seen2023-03-13 01:11:03 Times Seen1 Hash 7d4651ee2f05a01d7b113b9408f40eac bb6a88a6838562cdf644f9707b03ae048cd00f7d f81e8c83ef2605415fac2298229d0f05c6ee030b50738c59f41e2b31ca152f8a Loading...

	up1igo.com/YBA%20M&T/ybafiles/f.txt	40 kB	2023-03-10	2024-03-21
Pretty URL up1igo.com/YBA%20M&T/ybafiles/f.txt IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:39:17 Last Seen2024-03-21 21:10:25 Times Seen7 Hash 16abfd8d8b09ca49bc4198c62a291d6c 18e4de02e8543743b7e6365ed1008be8a4b18ffe 406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b Loading...

	unknown	0 B	2023-03-07	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-16 11:48:52 Times Seen36896020 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	up1igo.com/YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229	60 kB	2023-03-10	2023-03-13
Pretty URL up1igo.com/YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229 IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:39:17 Last Seen2023-03-13 01:11:44 Times Seen1 Hash 54b967d797a161b5ddfa967c6bae592c 6d206533b5ab89d32003e961d7c56020976aaa5c 9c040f790682348cf4530f04a74dd0f1b4be9d9944031c88fda897a842542c0b Loading...

	up1igo.com/YBA%20M&T/ybafiles/js.mtb	322 kB	2023-03-07	2024-04-14
Pretty URL up1igo.com/YBA%20M&T/ybafiles/js.mtb IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-14 19:38:09 Times Seen2461 Hash 9c5a48bd789473f18b8bf7bd777371f9 f84d9237854640f2b0cc554b816c17d11376af5a 6ef98ef294d03000d904d5f868598dc98667a0d00338cee40b3080a9d725d1cd Loading...

	up1igo.com/YBA%20M&T/ybafiles/kessel-client-prod.js.download	667 kB	2023-03-08	2023-10-15
Pretty URL up1igo.com/YBA%20M&T/ybafiles/kessel-client-prod.js.download IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:06:43 Last Seen2023-10-15 07:17:08 Times Seen3 Hash 84d301f8f964196d650fb246019dfd44 8659be73c2104742b30960633123810640a71b49 f78201bc5207eca0e7c28127849178c04dfbac606927804c31f6af106b02e266 Loading...

	up1igo.com/YBA%20M&T/ybafiles/kessel-help.js.download	260 B	2023-03-08	2024-01-25
Pretty URL up1igo.com/YBA%20M&T/ybafiles/kessel-help.js.download IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:06:43 Last Seen2024-01-25 03:37:53 Times Seen3 Hash f563b7e002137a16d2b59c25096e5471 bdb0125cbeab231fa71fc7f3335f4a736213b866 0dc8244726314592a0fc6e67259c596a0d89160f844cf6cad576a78ce3331f87 Loading...

	up1igo.com/YBA%20M&T/ybafiles/Index.js.download	4.1 kB	2023-03-08	2023-03-13
Pretty URL up1igo.com/YBA%20M&T/ybafiles/Index.js.download IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:35 Last Seen2023-03-13 01:11:44 Times Seen1 Hash ce3f7b7e82c8492e70e0d5dab169b321 48ec735958905d88369e9c05178f6afcdbe3a4cb 5e783f262717023e3b9fded856f01b39a3c670fe50abe7962ade5a9fdcb276e7 Loading...

	up1igo.com/YBA%20M&T/ybafiles/mtb_app_wbk.js.download	249 kB	2023-03-10	2023-03-13
Pretty URL up1igo.com/YBA%20M&T/ybafiles/mtb_app_wbk.js.download IP 164.92.140.107 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:39:17 Last Seen2023-03-13 01:11:44 Times Seen1 Hash 9f764cb887d4090504d1b2077fd5cd65 f08c0c5a7cb02388d08383248385e403bad090fa 264307518f464b8c669000726da0ff6cc1084d02271c5a321dc744fd59f84613 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 202acf93f78a9049dc13a78452cde5c6	8 B	2023-03-07	2024-04-16
Pretty Observations First Seen2023-03-07 12:06:19 Last Seen2024-04-16 09:51:49 Times Seen534 Hash 202acf93f78a9049dc13a78452cde5c6 b2020e0728418b31434511c792e13a48e4950ca4 120443e43e9f11d641a673958bb3d4c9fc01b621329063c13e8e39ff5193bc53 Loading...

	#2 Eval - ace79e1ed99bbc3510e6b8ce3cb01950	48 B	2023-03-07	2024-02-28
Pretty Observations First Seen2023-03-07 12:06:29 Last Seen2024-02-28 12:01:37 Times Seen32 Hash ace79e1ed99bbc3510e6b8ce3cb01950 1e43f70c7d8e6ac4786538d579267f5dc4994394 fb4b395179f8e9f4ee8e7da018503919e601c3b475b014b2d937ffde76490550 Loading...

	#3 Eval - d7bf63ff7cb0cbf57aed210810b9e7af	36 B	2023-03-07	2023-05-04
Pretty Observations First Seen2023-03-07 13:50:17 Last Seen2023-05-04 05:55:40 Times Seen15 Hash d7bf63ff7cb0cbf57aed210810b9e7af c7fad60912222113d6ef80200c845e4ff900ddcd 927f48b4565ad5d957d920881d5bbc2205484edd4ec47d4ef0957ba8c904c28c Loading...

	#4 Eval - 50a81671e9e6f56e8bd5ffebc195a71c	44 B	2023-03-07	2024-02-28
Pretty Observations First Seen2023-03-07 13:50:17 Last Seen2024-02-28 12:01:37 Times Seen80 Hash 50a81671e9e6f56e8bd5ffebc195a71c dbb6aee47aa8fddd780cf426d1d6cb0bfafbac4b 03ec36c437a2bc34571f26a1a385ebcb000bf047e90a251e83193f6ab1084cf8 Loading...

	#5 Eval - 68934a3e9455fa72420237eb05902327	5 B	2023-03-07	2024-04-16
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-16 09:51:49 Times Seen14039 Hash 68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Loading...

	#6 Eval - f931b60e9e1cc2b73f8f6eee44ccd31b	39 B	2023-03-07	2024-02-28
Pretty Observations First Seen2023-03-07 13:50:17 Last Seen2024-02-28 12:01:37 Times Seen59 Hash f931b60e9e1cc2b73f8f6eee44ccd31b 20e6fe95538f7e0862f211097eeb7592dcd75e04 9492933ff79788410f5024c44781c500f79cd5512a5599f637110848793013d1 Loading...

	#7 Eval - e433541f957d0ae2a9ae8e4080820423	63 B	2023-03-07	2024-02-28
Pretty Observations First Seen2023-03-07 13:50:17 Last Seen2024-02-28 12:01:37 Times Seen32 Hash e433541f957d0ae2a9ae8e4080820423 1fb463409f7f8c7033ddc8c6b7d294b07667c33c f1260ff830e2ca835b77b31bc7050dad4a7e61f8d3c4246502682c34832c7e52 Loading...

HTTP Transactions (76)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3638
Expires: Sat, 05 Nov 2022 21:53:54 GMT
Date: Sat, 05 Nov 2022 20:53:16 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4482
Cache-Control: max-age=136350
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 20:53:16 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:45:46 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3405
Expires: Sat, 05 Nov 2022 21:50:01 GMT
Date: Sat, 05 Nov 2022 20:53:16 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: EGWqFQiE0ZlHXNcJsfXNecs5Exis9fAJFV+qv2Jyu2Nu9uHoueF0B/pSxrMP0gpvY47Gd6lBmPw=
x-amz-request-id: FPWQ35WAW5QAW5AV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 20:10:10 GMT
age: 2586
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

up1igo.com/YBA%20M&T/login.php

164.92.140.107

200 OK

8.9 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/login.php
IP
164.92.140.107:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1003)
Size
8.9 kB (8940 bytes)
Hash
f94ba1ff93867b9564c4af5dd4ee3761
070b6e29032cec8648fbe0e33049b53fd0c1238e
d09db851641b151591055f257825f481ee6cf3b724058d96db181bbae053d931

HTTP Headers

GET /YBA%20M&T/login.php HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 20:53:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

up1igo.com/YBA%20M&T/ybafiles/f.txt

164.92.140.107

200 OK

40 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/f.txt
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (1716)
Size
40 kB (40451 bytes)
Hash
16abfd8d8b09ca49bc4198c62a291d6c
18e4de02e8543743b7e6365ed1008be8a4b18ffe
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b

HTTP Headers

GET /YBA%20M&T/ybafiles/f.txt HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:28:58 GMT
Accept-Ranges: bytes
Content-Length: 40451
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/plain

up1igo.com/YBA%20M&T/ybafiles2/utag.js.download

164.92.140.107

404 Not Found

315 B

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles2/utag.js.download
IP
164.92.140.107:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /YBA%20M&T/ybafiles2/utag.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

up1igo.com/YBA%20M&T/ybafiles/js

164.92.140.107

200 OK

117 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/js
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (1615)
Size
117 kB (116844 bytes)
Hash
b2adeb3f0f77b5b2d18b9ea85a7e51d1
06605cf09bb0443b391e646ae40b61f21c2e4a00
f5b069d9c0a76fafa63a388140825a1104caec542c6105499f53e8d7fa89b6ea

HTTP Headers

GET /YBA%20M&T/ybafiles/js HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:00 GMT
Accept-Ranges: bytes
Content-Length: 116844
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

up1igo.com/YBA%20M&T/ybafiles/mtb_app_wbk.js.download

164.92.140.107

200 OK

249 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/mtb_app_wbk.js.download
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
249 kB (249248 bytes)
Hash
9f764cb887d4090504d1b2077fd5cd65
f08c0c5a7cb02388d08383248385e403bad090fa
264307518f464b8c669000726da0ff6cc1084d02271c5a321dc744fd59f84613

HTTP Headers

GET /YBA%20M&T/ybafiles/mtb_app_wbk.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:04 GMT
Accept-Ranges: bytes
Content-Length: 249248
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

up1igo.com/YBA%20M&T/ybafiles/quantum-mtb.js.download

164.92.140.107

200 OK

241 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/quantum-mtb.js.download
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (3730)
Size
241 kB (241360 bytes)
Hash
ba2d13be9f54b3b881826e8d86ac2153
e26838cf99ece22dcbeddc6997ab33ec1c935a9e
26a30b637d3de8e2e84c38f027e237817c77b2b7cce6ddebff79d876322347f3

HTTP Headers

GET /YBA%20M&T/ybafiles/quantum-mtb.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:00 GMT
Accept-Ranges: bytes
Content-Length: 241360
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

up1igo.com/YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229

164.92.140.107

200 OK

60 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (662)
Size
60 kB (60170 bytes)
Hash
54b967d797a161b5ddfa967c6bae592c
6d206533b5ab89d32003e961d7c56020976aaa5c
9c040f790682348cf4530f04a74dd0f1b4be9d9944031c88fda897a842542c0b

HTTP Headers

GET /YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229 HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:02 GMT
Accept-Ranges: bytes
Content-Length: 60170
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

up1igo.com/YBA%20M&T/ybafiles/ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js.download

164.92.140.107

200 OK

228 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js.download
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (1629)
Size
228 kB (228187 bytes)
Hash
d6cf014f853a88ec351235cdec28e695
89729428078e7c74be88536afea5e035150ac4e3
0c2f511d6730d48ac9dfcdb0703e6bccf1bf0dae2a6190c1d40129e1a78c13c8

HTTP Headers

GET /YBA%20M&T/ybafiles/ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:06 GMT
Accept-Ranges: bytes
Content-Length: 228187
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

up1igo.com/YBA%20M&T/ybafiles/utag.8.js.download

164.92.140.107

200 OK

11 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/utag.8.js.download
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (1579)
Size
11 kB (11312 bytes)
Hash
55e2dafd4e2f01e1da100818637f6e46
d6c8b0b942eefbed9e13215a7b0624e01b721aa2
651c517ff5f016be06ef6497924c898fdbe4dac5a612ae65c407c60e64c8f8b8

HTTP Headers

GET /YBA%20M&T/ybafiles/utag.8.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:08 GMT
Accept-Ranges: bytes
Content-Length: 11312
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

up1igo.com/YBA%20M&T/ybafiles/f(1).txt

164.92.140.107

200 OK

2.4 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/f(1).txt
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (2400), with no line terminators
Size
2.4 kB (2400 bytes)
Hash
ae5f9d45e5db6c7fab0dafbc3a3ae3c8
099b06202fdaaa652aafc74a68f44024a2baed96
b36709de66d6e90bca55d0e2291cab131c4291aadcc6b87501cdd68aa173bfec

HTTP Headers

GET /YBA%20M&T/ybafiles/f(1).txt HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:12 GMT
Accept-Ranges: bytes
Content-Length: 2400
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/plain

up1igo.com/YBA%20M&T/Welcome%20to%20Online%20Banking%20_%20M&T%20Bank_files/tealium_prod.js.download

164.92.140.107

404 Not Found

315 B

URL HTTP/1.1
up1igo.com/YBA%20M&T/Welcome%20to%20Online%20Banking%20_%20M&T%20Bank_files/tealium_prod.js.download
IP
164.92.140.107:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /YBA%20M&T/Welcome%20to%20Online%20Banking%20_%20M&T%20Bank_files/tealium_prod.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

up1igo.com/YBA%20M&T/ybafiles/css.mtb

164.92.140.107

200 OK

258 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/css.mtb
IP
164.92.140.107:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
258 kB (258129 bytes)
Hash
6623fac8ada61b7eed061fb9a82a32af
a4b2f92fc433dc1c21a3a7624cd11659df4cf51f
7f5aaca90325b7e66f37572d6d52eb27a24ac044518bc5f8a7cca48020f78865

HTTP Headers

GET /YBA%20M&T/ybafiles/css.mtb HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:06 GMT
Accept-Ranges: bytes
Content-Length: 258129
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

up1igo.com/YBA%20M&T/ybafiles/utag.9.js.download

164.92.140.107

200 OK

6.0 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/utag.9.js.download
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (1692)
Size
6.0 kB (5954 bytes)
Hash
4ed8051b60fc854744610f73509b8514
c3cf967eaffb319457c83257d41b7e9143542fd7
9b5c814faea9d36f3008b6c05721fbdaf0885a9a6d9615bf8f4d1749785398d5

HTTP Headers

GET /YBA%20M&T/ybafiles/utag.9.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:10 GMT
Accept-Ranges: bytes
Content-Length: 5954
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

up1igo.com/YBA%20M&T/ybafiles/js.mtb

164.92.140.107

200 OK

322 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/js.mtb
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
322 kB (322405 bytes)
Hash
9c5a48bd789473f18b8bf7bd777371f9
f84d9237854640f2b0cc554b816c17d11376af5a
6ef98ef294d03000d904d5f868598dc98667a0d00338cee40b3080a9d725d1cd

HTTP Headers

GET /YBA%20M&T/ybafiles/js.mtb HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:14 GMT
Accept-Ranges: bytes
Content-Length: 322405
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

up1igo.com/YBA%20M&T/ybafiles/Index.js.download

164.92.140.107

200 OK

4.1 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/Index.js.download
IP
164.92.140.107:0
ASN
#0

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
4.1 kB (4122 bytes)
Hash
79acc3341a431eddabc41095e3ff32d4
3f8156a54420c53a616e0ca0ffe83d301401bef2
88a03fd5a35fb9ca00643831929c7f705060fb14525dd202ba458a88e82f2fe5

HTTP Headers

GET /YBA%20M&T/ybafiles/Index.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:16 GMT
Accept-Ranges: bytes
Content-Length: 4122
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

up1igo.com/YBA%20M&T/ybafiles/mtb-equalhousinglender.svg

164.92.140.107

200 OK

230 B

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/mtb-equalhousinglender.svg
IP
164.92.140.107:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
230 B (230 bytes)
Hash
916635d10512ae6a1840614a895dcd38
db175de4c42281bb4d239c57d1b95b8e75c529ec
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad

HTTP Headers

GET /YBA%20M&T/ybafiles/mtb-equalhousinglender.svg HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:14 GMT
Accept-Ranges: bytes
Content-Length: 230
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

up1igo.com/YBA%20M&T/ybafiles/kessel-help.js.download

164.92.140.107

200 OK

263 B

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/kessel-help.js.download
IP
164.92.140.107:0
ASN
#0

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
263 B (263 bytes)
Hash
93ed36bedd8079cd1ef27eb047279cff
455bb906b3dbd6caadbb69f5f1ee05d52a07e5b2
a53088781071700f1d0e54dda3f2238511135c1d92e3056fdd97ff0b86e8afc4

HTTP Headers

GET /YBA%20M&T/ybafiles/kessel-help.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:14 GMT
Accept-Ranges: bytes
Content-Length: 263
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

up1igo.com/YBA%20M&T/ybafiles/mtb-logo.svg

164.92.140.107

200 OK

2.0 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/mtb-logo.svg
IP
164.92.140.107:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators
Size
2.0 kB (2039 bytes)
Hash
f2b901cf895852a0866fe4a16c7f1730
c4240af1ec798477b4e65a185ddbb1b038817da4
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac

HTTP Headers

GET /YBA%20M&T/ybafiles/mtb-logo.svg HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:12 GMT
Accept-Ranges: bytes
Content-Length: 2039
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

up1igo.com/YBA%20M&T/ybafiles/mtb-entrust.svg

164.92.140.107

200 OK

1.3 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/mtb-entrust.svg
IP
164.92.140.107:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators
Size
1.3 kB (1349 bytes)
Hash
9a569ad20708d7453d89fe6c72e7fcdc
60b6a41620583484642f7c826faf8e3c879a6374
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5

HTTP Headers

GET /YBA%20M&T/ybafiles/mtb-entrust.svg HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:14 GMT
Accept-Ranges: bytes
Content-Length: 1349
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

up1igo.com/YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229(1)

164.92.140.107

200 OK

329 B

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229(1)
IP
164.92.140.107:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /YBA%20M&T/ybafiles/0856addebbab200062e10c054cf539a433ed7c175b64254c047dba39cd2589a4a2b3a00cb22fc229(1) HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:04 GMT
Accept-Ranges: bytes
Content-Length: 133662
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

up1igo.com/YBA%20M&T/ybafiles/kessel-client-prod.js.download

164.92.140.107

200 OK

667 kB

URL HTTP/1.1
up1igo.com/YBA%20M&T/ybafiles/kessel-client-prod.js.download
IP
164.92.140.107:0
ASN
#0

File type
ASCII text, with very long lines (63933), with CRLF line terminators
Size
667 kB (666659 bytes)
Hash
84d301f8f964196d650fb246019dfd44
8659be73c2104742b30960633123810640a71b49
f78201bc5207eca0e7c28127849178c04dfbac606927804c31f6af106b02e266

HTTP Headers

GET /YBA%20M&T/ybafiles/kessel-client-prod.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 17:29:14 GMT
Accept-Ranges: bytes
Content-Length: 666659
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

up1igo.com/YBA%20M&T/Welcome%20to%20Online%20Banking%20_%20M&T%20Bank_files/tealium_prod.js.download

164.92.140.107

404 Not Found

315 B

URL HTTP/1.1
up1igo.com/YBA%20M&T/Welcome%20to%20Online%20Banking%20_%20M&T%20Bank_files/tealium_prod.js.download
IP
164.92.140.107:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /YBA%20M&T/Welcome%20to%20Online%20Banking%20_%20M&T%20Bank_files/tealium_prod.js.download HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99; dtCookie=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH; rxVisitor=166768159549702TVAK3UU074O3QFTEVJSBFT8S1M0DAB; dtPC=-48$281595493_62h1vKPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0e0; rxvt=1667683395504|1667681595498; dtLatC=33; dtSa=-

HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 20:53:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3144
Cache-Control: max-age=129954
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 20:53:17 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 08:59:11 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

up1igo.com/assets/fonts/mandtbaltoweb-book.woff

164.92.140.107

404 Not Found

315 B

URL HTTP/1.1
up1igo.com/assets/fonts/mandtbaltoweb-book.woff
IP
164.92.140.107:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/ybafiles/css.mtb
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99; dtCookie=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH; rxVisitor=166768159549702TVAK3UU074O3QFTEVJSBFT8S1M0DAB; dtPC=-48$281595493_62h1vKPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0e0; rxvt=1667683395582|1667681595498; dtLatC=33; dtSa=-; cdContextId=1; bmuid=1667681595599-CB6E0C95-FF7B-45EB-83ED-419CE75E4530

HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 20:53:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

up1igo.com/assets/fonts/mandtpg-iconfont.woff

164.92.140.107

404 Not Found

315 B

URL HTTP/1.1
up1igo.com/assets/fonts/mandtpg-iconfont.woff
IP
164.92.140.107:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/ybafiles/css.mtb
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99; dtCookie=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH; rxVisitor=166768159549702TVAK3UU074O3QFTEVJSBFT8S1M0DAB; dtPC=-48$281595493_62h1vKPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0e0; rxvt=1667683395582|1667681595498; dtLatC=33; dtSa=-; cdContextId=1; bmuid=1667681595599-CB6E0C95-FF7B-45EB-83ED-419CE75E4530

HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 20:53:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

up1igo.com/assets/fonts/mandtbaltoweb-medium.woff

164.92.140.107

404 Not Found

315 B

URL HTTP/1.1
up1igo.com/assets/fonts/mandtbaltoweb-medium.woff
IP
164.92.140.107:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/ybafiles/css.mtb
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99; dtCookie=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH; rxVisitor=166768159549702TVAK3UU074O3QFTEVJSBFT8S1M0DAB; dtPC=-48$281595493_62h1vKPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0e0; rxvt=1667683395582|1667681595498; dtLatC=33; dtSa=-; cdContextId=1; bmuid=1667681595599-CB6E0C95-FF7B-45EB-83ED-419CE75E4530

HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 20:53:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 20:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
9a42cbb31dab10fbb8c77f5768c0087c
0016166d1a2eec84b1933cff0aa0b8a5ef24f498
87af8a6c100f194d46c4f05aaa4b309909c67287ccac2b77979e7c336e3d11cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "87AF8A6C100F194D46C4F05AAA4B309909C67287CCAC2B77979E7C336E3D11CC"
Last-Modified: Sat, 05 Nov 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3227
Expires: Sat, 05 Nov 2022 21:47:04 GMT
Date: Sat, 05 Nov 2022 20:53:17 GMT
Connection: keep-alive

mtb.d1.sc.omtrdc.net/b/ss/mtbdev/1/JS-2.9.0/s47590526327014?AQB=1&ndh=1&pf=1&t=5%2F10%2F2022%2020%3A53%3A15%206%200&fid=4C0E7C2AC20058DF-2D4ADD3699523D5F&ce=UTF-8&g=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&cc=USD&events=event170&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1

13.36.218.177

302 Found

0 B

URL HTTP/1.1
mtb.d1.sc.omtrdc.net/b/ss/mtbdev/1/JS-2.9.0/s47590526327014?AQB=1&ndh=1&pf=1&t=5%2F10%2F2022%2020%3A53%3A15%206%200&fid=4C0E7C2AC20058DF-2D4ADD3699523D5F&ce=UTF-8&g=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&cc=USD&events=event170&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/ss/mtbdev/1/JS-2.9.0/s47590526327014?AQB=1&ndh=1&pf=1&t=5%2F10%2F2022%2020%3A53%3A15%206%200&fid=4C0E7C2AC20058DF-2D4ADD3699523D5F&ce=UTF-8&g=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&cc=USD&events=event170&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://up1igo.com/

HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Sat, 05 Nov 2022 20:53:17 GMT
content-type: text/plain;charset=utf-8
expires: Fri, 04 Nov 2022 20:53:17 GMT
last-modified: Sun, 06 Nov 2022 20:53:17 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_krdbcp=[CS]v4|0-0|6366CD3D[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Mon, 04 Nov 2024 20:53:53 GMT; SameSite=None;
location: http://mtb.d1.sc.omtrdc.net/b/ss/mtbdev/1/JS-2.9.0/s47590526327014?AQB=1&pccr=true&ndh=1&pf=1&t=5%2F10%2F2022%2020%3A53%3A15%206%200&fid=4C0E7C2AC20058DF-2D4ADD3699523D5F&ce=UTF-8&g=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&cc=USD&events=event170&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

www.google.com/pagead/1p-user-list/990489911/?random=1659000319912&cv=9&fst=1658998800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa7p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=4190775665&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/990489911/?random=1659000319912&cv=9&fst=1658998800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa7p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=4190775665&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/990489911/?random=1659000319912&cv=9&fst=1658998800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa7p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=4190775665&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://up1igo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 20:53:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

asset.mtb.com/Documents/html/homepage/favicon.ico

54.230.111.64

200 OK

15 kB

URL HTTP/2
asset.mtb.com/Documents/html/homepage/favicon.ico
IP
54.230.111.64:0
ASN
#16509 AMAZON-02

File type
PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
15 kB (14862 bytes)
Hash
e82f458a5c1c5353a97401eccc925613
949d6c8d06ca14b52f496c20f63fae269b6708c2
cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3

HTTP Headers

GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://up1igo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/x-icon
content-length: 14862
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Sat, 05 Nov 2022 20:40:23 GMT
last-modified: Wed, 04 May 2022 18:18:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "3dce-5de33a8b9cac0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zJilUqnSAAsG55bDL2yyOWfYXrYLbjmMY7Wzp3mjbS1peKk3Z5U8MQ==
age: 774
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 20:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fe19f98e771917fd423b8f15ef7de5ac
e8131193280554924a5392356873da6c75d5f77e
b2d0550f991396271828431a9cf9c20a2d01b2a2961a2ee9532af633d8d22ad5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 20:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com.gh/pagead/1p-user-list/990489911/?random=1659000319912&cv=9&fst=1658998800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa7p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=4190775665&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.com.gh/pagead/1p-user-list/990489911/?random=1659000319912&cv=9&fst=1658998800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa7p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=4190775665&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/990489911/?random=1659000319912&cv=9&fst=1658998800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa7p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.mtb.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Welcome%20to%20Online%20Banking%20%7C%20M%26T%20Bank&async=1&fmt=3&is_vtc=1&random=4190775665&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://up1igo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 20:53:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mtb.d1.sc.omtrdc.net/b/ss/mtbdev/1/JS-2.9.0/s47590526327014?AQB=1&pccr=true&ndh=1&pf=1&t=5%2F10%2F2022%2020%3A53%3A15%206%200&fid=4C0E7C2AC20058DF-2D4ADD3699523D5F&ce=UTF-8&g=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&cc=USD&events=event170&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1

13.36.218.177

200 OK

43 B

URL HTTP/1.1
mtb.d1.sc.omtrdc.net/b/ss/mtbdev/1/JS-2.9.0/s47590526327014?AQB=1&pccr=true&ndh=1&pf=1&t=5%2F10%2F2022%2020%3A53%3A15%206%200&fid=4C0E7C2AC20058DF-2D4ADD3699523D5F&ce=UTF-8&g=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&cc=USD&events=event170&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/mtbdev/1/JS-2.9.0/s47590526327014?AQB=1&pccr=true&ndh=1&pf=1&t=5%2F10%2F2022%2020%3A53%3A15%206%200&fid=4C0E7C2AC20058DF-2D4ADD3699523D5F&ce=UTF-8&g=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&cc=USD&events=event170&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: mtb.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://up1igo.com/
Connection: keep-alive

HTTP/1.1 200 OK
access-control-allow-origin: *
date: Sat, 05 Nov 2022 20:53:17 GMT
expires: Fri, 04 Nov 2022 20:53:17 GMT
last-modified: Sun, 06 Nov 2022 20:53:17 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi_krdbcp=[CS]v4|4C0E7C2AC20058DF-2D4ADD3699523D5F|0[CE]; Path=/; Domain=omtrdc.net; Max-Age=63072000; Expires=Mon, 04 Nov 2024 20:53:53 GMT; SameSite=None;
etag: 3581318961536303104-4619661679377974998
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

push.services.mozilla.com/

52.41.91.37

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.91.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4sz6Mk57QVZoNzpoeN33jA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fdiAX0741J8/uPxmGfsyqrmPDaI=

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fe19f98e771917fd423b8f15ef7de5ac
e8131193280554924a5392356873da6c75d5f77e
b2d0550f991396271828431a9cf9c20a2d01b2a2961a2ee9532af633d8d22ad5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 20:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
c8830dfe84ef8a2b6c94470be4e6df30
befd10fe4ce25b351f6fc2e7ce364a5c2bb1fb0c
4f7ddbb2e9465153f4d33bbd8c769a369db59cecff358ad9f8f4ee2ff2503a8c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 05 Nov 2022 20:53:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 05 Nov 2022 18:53:35 GMT
Expires: Sun, 06 Nov 2022 18:53:35 GMT
ETag: "befd10fe4ce25b351f6fc2e7ce364a5c2bb1fb0c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa

52.141.217.134

200 OK

899 B

URL HTTP/2
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP
52.141.217.134:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with very long lines (899), with no line terminators
Size
899 B (899 bytes)
Hash
b6f5e452c7fdba58d25a4b0bf9307705
b8aa4322273f46bd0e11aafcff3767f156403e9a
42e0785a0f1becc31e2bbefd30eb74556a65b220ca93cabe72570b06164a246b

HTTP Headers

POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 899
date: Sat, 05 Nov 2022 20:53:17 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: acf51c74-7328-4ab0-9df2-912c8d859719
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
03b491637c0814250a475385a7d8f6f1
aff85eb1fbdd51fdf7f9b9c4fe3e74c6ea24f7ac
df8f0ad64b95caf4d8f4fda62946c586aed77744fce9a2614298e04d994ab20c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:17:24 GMT
Expires: Wed, 09 Nov 2022 12:17:23 GMT
Etag: "aff85eb1fbdd51fdf7f9b9c4fe3e74c6ea24f7ac"
Cache-Control: max-age=314044,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76587a635ab50b49-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6dc605c7fa3421233f07eafc9fe8fe7f
e48f3f39dcf0b88e2379c2f742dea41906901478
522ac70e703c92fd9377eea50f744bef786353bd0ff1392fe9af8d36b3710c30

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 23:15:47 GMT
Expires: Thu, 10 Nov 2022 23:15:46 GMT
Etag: "e48f3f39dcf0b88e2379c2f742dea41906901478"
Cache-Control: max-age=439947,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76587a636b6db50b-OSL

1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html

54.230.111.21

200 OK

221 B

URL HTTP/2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
IP
54.230.111.21:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
221 B (221 bytes)
Hash
21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

HTTP Headers

GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://up1igo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Fri, 04 Nov 2022 21:09:20 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UoZfIWmvfdcF8c5C_rJy1c0UuLH2USxTerzlQ-DD2y1kbfLS01F55g==
age: 85439
X-Firefox-Spdy: h2

1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html

54.230.111.127

200 OK

221 B

URL HTTP/2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
IP
54.230.111.127:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
221 B (221 bytes)
Hash
21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

HTTP Headers

GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://up1igo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Sat, 05 Nov 2022 09:38:30 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2WGD03QIK_lfWdwHN7OXsmy7Lr-ZMFBnSFBE0TxD-W8LbWIMZwbnqw==
age: 40489
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
1516083ee79f545dba38f0baec411b2b
23c4a338f82d9bf5c658fb2c57b5628f96e393c1
545c820fd74da20dd168be30028770cad23711f3e728daf0ed9401951fdaf50c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 18:00:08 GMT
Expires: Fri, 11 Nov 2022 18:00:07 GMT
Etag: "23c4a338f82d9bf5c658fb2c57b5628f96e393c1"
Cache-Control: max-age=507408,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76587a638fa60b06-OSL

wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa

52.141.217.134

200 OK

666 B

URL HTTP/2
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP
52.141.217.134:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with very long lines (666), with no line terminators
Size
666 B (666 bytes)
Hash
891f6594e2e0a783e35207a62b0c0918
fa5d3a90e41c7b3314e437077318ee304a392e4e
15499016f5adbedd755643358ac1d434c5f7179ee95d9c601938c0191f3f4a24

HTTP Headers

POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 941
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 666
date: Sat, 05 Nov 2022 20:53:17 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 5b184ade-73aa-49bc-a4ff-c8e6fcd61083
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html

54.230.111.57

200 OK

221 B

URL HTTP/2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
IP
54.230.111.57:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
221 B (221 bytes)
Hash
21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6

HTTP Headers

GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://up1igo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sat, 05 Nov 2022 12:17:59 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E0aHLAGWJjjWJ3YR2ckD_h-zbiHurRjcQm6xKLbc1Sib-Y0Xlj3DKg==
age: 30920
X-Firefox-Spdy: h2

1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js

54.230.111.127

200 OK

3.2 kB

URL HTTP/2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP
54.230.111.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3227), with no line terminators
Size
3.2 kB (3227 bytes)
Hash
9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

HTTP Headers

GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sat, 05 Nov 2022 18:20:55 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OthJWsks4avX1VXZIH5UNIru3xINzRia7-QHvh_BQpExaFF2TT7__w==
age: 9144
X-Firefox-Spdy: h2

1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js

54.230.111.21

200 OK

3.2 kB

URL HTTP/2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP
54.230.111.21:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3227), with no line terminators
Size
3.2 kB (3227 bytes)
Hash
9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

HTTP Headers

GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Sat, 05 Nov 2022 14:27:44 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nenYk0qCx0NmvB4546T1TWz27L2Q-ZXlMf8FHgstGRFco3ZYGDk35Q==
age: 23135
X-Firefox-Spdy: h2

1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js

54.230.111.57

200 OK

3.2 kB

URL HTTP/2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP
54.230.111.57:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3227), with no line terminators
Size
3.2 kB (3227 bytes)
Hash
9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622

HTTP Headers

GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sat, 05 Nov 2022 08:53:31 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dSD9C7ylP0mPzpWm1NhvNDbYjato9TOAeQPSDbYr4mCs_cAAGL30ow==
age: 43188
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2576
Expires: Sat, 05 Nov 2022 21:36:14 GMT
Date: Sat, 05 Nov 2022 20:53:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2576
Expires: Sat, 05 Nov 2022 21:36:14 GMT
Date: Sat, 05 Nov 2022 20:53:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2576
Expires: Sat, 05 Nov 2022 21:36:14 GMT
Date: Sat, 05 Nov 2022 20:53:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2576
Expires: Sat, 05 Nov 2022 21:36:14 GMT
Date: Sat, 05 Nov 2022 20:53:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9150 bytes)
Hash
c7c9c908e891e7277f21a914fea9aa25
596c3c084ae3d850a5dc28e549b4e22f2b8cc71f
709c217b3ac09712d2af4366316c8977b1a4e2a73f887b3e30f10df1ed50bacd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 7c179507-20a7-4fa3-993b-f79b3e7949ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwiGHD_IAMFQZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e0d-337623ce79dc53c864632c72;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:06:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM3hc6Jfl5pDWPikIlcQOexIScQavqJh9h-N-EvIGNpicWJwHMPKIA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 19:29:47 GMT
age: 5011
etag: "596c3c084ae3d850a5dc28e549b4e22f2b8cc71f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SjV-J5oBG_0qHy-SE7_K9kj_MMjAee4JZva3thJf8On3ejAA1n1tfg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:53:04 GMT
age: 82814
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7783 bytes)
Hash
7a3b1551512640bb8f5e7deb80c32272
75805b9f03aef14cfad025259936ae5f217d25ca
5baa90853202e78cf9b59e9ab597e16ccfbf143d7e124583e64dc1ad1ee2c2df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7783
x-amzn-requestid: eaa7cde1-278b-439c-a2f5-434e09103104
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apyLrFN3IAMFhYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a30b0-3942d79623c15adf2142acbc;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:18:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4KMDp6y64_gcd9DBy_8UriOb2jOxXZwXgok3w2duHZgMDbYENmMvIA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 19:19:22 GMT
age: 5636
etag: "75805b9f03aef14cfad025259936ae5f217d25ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7619 bytes)
Hash
308da46611df43543d31ca502986bea2
0bf4de356c3a64785fe116161cb931b3b2476f5d
63996962e2763dcf2e0ae5e43aa12dfd8f8677082bb1cdf63528dfd00404f3e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7619
x-amzn-requestid: 67308248-e660-4294-aafe-5f178970f822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHlcHHfIAMFyGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658622-5b1ee875554a05eb1e8a6f16;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Qn6QTO-5bR2vT6wtmHT2zVZX556_FUz6ImAWK3O8hc8xSJ9XmNM96w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:48:46 GMT
age: 83072
etag: "0bf4de356c3a64785fe116161cb931b3b2476f5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 09:11:34 GMT
age: 42104
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6909 bytes)
Hash
eaf06d0fb99703abfd57b962eb21ce96
ce73b0ad22139bec863ed990e3d3af4bdc3df288
a226250245611193be882c92f2d9920cb6ceeb12823b48c0b9c8fa2aba1c8c0d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6909
x-amzn-requestid: 7c500c29-f514-491c-b2fe-a732a546925f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: awWpEEYHoAMFWdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635cd16d-6d9c4c5c41f4fcd16cabda59;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wf0k3Di2KCCXHIo68FTdztfEbq_A8t7xCE608dP64CVIdFxSEHTijw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:50 GMT
age: 81148
etag: "ce73b0ad22139bec863ed990e3d3af4bdc3df288"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

up1igo.com/rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH&svrid=-48&flavor=post&vi=KPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&bp=3&app=893c324bd7e5ac65&crc=1975190945&en=zgefxirc&end=1

164.92.140.107

404 Not Found

315 B

URL HTTP/1.1
up1igo.com/rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH&svrid=-48&flavor=post&vi=KPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&bp=3&app=893c324bd7e5ac65&crc=1975190945&en=zgefxirc&end=1
IP
164.92.140.107:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

POST /rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH&svrid=-48&flavor=post&vi=KPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&bp=3&app=893c324bd7e5ac65&crc=1975190945&en=zgefxirc&end=1 HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Security-Request: required
Content-Type: text/plain;charset=UTF-8
Content-Length: 6038
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99; dtCookie=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH; rxVisitor=166768159549702TVAK3UU074O3QFTEVJSBFT8S1M0DAB; dtPC=-48$281595493_62h-vKPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0e0; rxvt=1667683396234|1667681595498; dtLatC=33; dtSa=-; cdContextId=2; bmuid=1667681595599-CB6E0C95-FF7B-45EB-83ED-419CE75E4530; s_fid=4C0E7C2AC20058DF-2D4ADD3699523D5F; s_cc=true; cdSNum=1667681597815-sjn0000113-bc457816-9462-4d63-9e58-942e5e65dc05

HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 20:53:19 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b6f44f22426e7b7587c6aea4d5b1d7d0
c7c6adcb84334b70a3c098a58e73a79916fb975d
41ef58851ca43c41fc24a53d6db46d8858ddfea322c95990611da857ed8ec593

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 11:27:51 GMT
Expires: Fri, 11 Nov 2022 11:27:50 GMT
Etag: "c7c6adcb84334b70a3c098a58e73a79916fb975d"
Cache-Control: max-age=483870,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76587a6bbacb0b49-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b6f44f22426e7b7587c6aea4d5b1d7d0
c7c6adcb84334b70a3c098a58e73a79916fb975d
41ef58851ca43c41fc24a53d6db46d8858ddfea322c95990611da857ed8ec593

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 20:53:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 11:27:51 GMT
Expires: Fri, 11 Nov 2022 11:27:50 GMT
Etag: "c7c6adcb84334b70a3c098a58e73a79916fb975d"
Cache-Control: max-age=483870,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76587a6bb8e10b06-OSL

mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681597390&z=1&Q=1&Y=1&X=57d254fd63694912e77270b92d34c017

34.67.142.127

200 OK

0 B

URL HTTP/2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681597390&z=1&Q=1&Y=1&X=57d254fd63694912e77270b92d34c017
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681597390&z=1&Q=1&Y=1&X=57d254fd63694912e77270b92d34c017 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2992
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 20:53:19 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: http://up1igo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
X-Firefox-Spdy: h2

mtb-app.quantummetric.com/?s=c3618fad5ccef82d26c333d481b6b735&H=ae3c5661461b2faded8fa0f8&Q=3

34.67.142.127

200 OK

50 B

URL HTTP/2
mtb-app.quantummetric.com/?s=c3618fad5ccef82d26c333d481b6b735&H=ae3c5661461b2faded8fa0f8&Q=3
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
50 B (50 bytes)
Hash
e7216d542023258c6c9d2da8ca3bc51c
da037d6db0fbe6f309c0afcedca5033638d4e253
131608ec884c52d801e117af9238303a4123d16104df040545f3c73ddd7e4c42

HTTP Headers

GET /?s=c3618fad5ccef82d26c333d481b6b735&H=ae3c5661461b2faded8fa0f8&Q=3 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Cookie: s=c3618fad5ccef82d26c333d481b6b735; U=1a92519428b0c2e28d56f0dcd5cec742
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 20:53:19 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: http://up1igo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
content-encoding: gzip
X-Firefox-Spdy: h2

mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681598186&H=ae3c5661461b2faded8fa0f8&s=c3618fad5ccef82d26c333d481b6b735&z=1&S=602&N=2&P=1

34.67.142.127

200 OK

0 B

URL HTTP/2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681598186&H=ae3c5661461b2faded8fa0f8&s=c3618fad5ccef82d26c333d481b6b735&z=1&S=602&N=2&P=1
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681598186&H=ae3c5661461b2faded8fa0f8&s=c3618fad5ccef82d26c333d481b6b735&z=1&S=602&N=2&P=1 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 99
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Cookie: s=c3618fad5ccef82d26c333d481b6b735; U=1a92519428b0c2e28d56f0dcd5cec742
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 20:53:19 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: http://up1igo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
X-Firefox-Spdy: h2

log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1667681597815-sjn0000113-bc457816-9462-4d63-9e58-942e5e65dc05&csid=00d0ae34-16f5-4ee4-9e80-becdf0fd8f25&ds=js&sdkVer=2.19.2.465.37bfd51

52.238.253.184

204 No Content

0 B

URL HTTP/2
log-5d65a0ab.us.v2.we-stats.com/api/v1/sendLogs?cid=mufasa&cdsnum=1667681597815-sjn0000113-bc457816-9462-4d63-9e58-942e5e65dc05&csid=00d0ae34-16f5-4ee4-9e80-becdf0fd8f25&ds=js&sdkVer=2.19.2.465.37bfd51
IP
52.238.253.184:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v1/sendLogs?cid=mufasa&cdsnum=1667681597815-sjn0000113-bc457816-9462-4d63-9e58-942e5e65dc05&csid=00d0ae34-16f5-4ee4-9e80-becdf0fd8f25&ds=js&sdkVer=2.19.2.465.37bfd51 HTTP/1.1
Host: log-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1360
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Sat, 05 Nov 2022 20:53:20 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

164.92.140.107

404 Not Found

315 B

URL HTTP/1.1
up1igo.com/rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH&svrid=-48&flavor=post&vi=KPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&bp=3&app=893c324bd7e5ac65&crc=551592004&en=zgefxirc&end=1
IP
164.92.140.107:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

POST /rb_edeadee0-0165-4b9e-a91f-0085183ac4e1?type=js3&sn=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH&svrid=-48&flavor=post&vi=KPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0&modifiedSince=1658643030046&rf=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&bp=3&app=893c324bd7e5ac65&crc=551592004&en=zgefxirc&end=1 HTTP/1.1
Host: up1igo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Security-Request: required
Content-Type: text/plain;charset=UTF-8
Content-Length: 4588
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/YBA%20M&T/login.php
Cookie: PHPSESSID=d211455c0481275704d1d763f0e70b99; dtCookie=v_4_srv_-2D48_sn_VF4M7TC4NDLGLFKL18UGG7RH434UFHTH; rxVisitor=166768159549702TVAK3UU074O3QFTEVJSBFT8S1M0DAB; dtPC=-48$281595493_62h-vKPFRRNFWHHFCBKKAEORPNHQODLKLMNIC-0e0; rxvt=1667683396234|1667681595498; dtLatC=33; dtSa=-; cdContextId=2; bmuid=1667681595599-CB6E0C95-FF7B-45EB-83ED-419CE75E4530; s_fid=4C0E7C2AC20058DF-2D4ADD3699523D5F; s_cc=true; cdSNum=1667681597815-sjn0000113-bc457816-9462-4d63-9e58-942e5e65dc05; QuantumMetricSessionID=c3618fad5ccef82d26c333d481b6b735; QuantumMetricUserID=1a92519428b0c2e28d56f0dcd5cec742

HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 20:53:21 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa

52.141.217.134

200 OK

690 B

URL HTTP/2
wup-5d65a0ab.us.v2.we-stats.com/client/v3.1/web/wup?cid=mufasa
IP
52.141.217.134:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with very long lines (690), with no line terminators
Size
690 B (690 bytes)
Hash
3ae96abdaf3a9f511b675fc600718df3
d4e5b604bd2a26bc92045bf12f3133f3eeb747c1
e4f54c30f054be15a4089e5bebcbd07b2ace356e594b30b0b9b8b9d59fc9f591

HTTP Headers

POST /client/v3.1/web/wup?cid=mufasa HTTP/1.1
Host: wup-5d65a0ab.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2596
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 690
date: Sat, 05 Nov 2022 20:53:22 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: c1eb4d46-b633-4734-902e-c19a5220f9e0
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681602388&H=ae3c5661461b2faded8fa0f8&s=c3618fad5ccef82d26c333d481b6b735&z=1&S=805&N=7&P=2

34.67.142.127

200 OK

0 B

URL HTTP/2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681602388&H=ae3c5661461b2faded8fa0f8&s=c3618fad5ccef82d26c333d481b6b735&z=1&S=805&N=7&P=2
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681602388&H=ae3c5661461b2faded8fa0f8&s=c3618fad5ccef82d26c333d481b6b735&z=1&S=805&N=7&P=2 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 133
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Cookie: s=c3618fad5ccef82d26c333d481b6b735; U=1a92519428b0c2e28d56f0dcd5cec742
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 20:53:24 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: http://up1igo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
X-Firefox-Spdy: h2

mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681602521&H=ae3c5661461b2faded8fa0f8&s=c3618fad5ccef82d26c333d481b6b735&z=1&Q=2&S=127&N=1

34.67.142.127

200 OK

0 B

URL HTTP/2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681602521&H=ae3c5661461b2faded8fa0f8&s=c3618fad5ccef82d26c333d481b6b735&z=1&Q=2&S=127&N=1
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681602521&H=ae3c5661461b2faded8fa0f8&s=c3618fad5ccef82d26c333d481b6b735&z=1&Q=2&S=127&N=1 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 85
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Cookie: s=c3618fad5ccef82d26c333d481b6b735; U=1a92519428b0c2e28d56f0dcd5cec742
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 20:53:24 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: http://up1igo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
X-Firefox-Spdy: h2

mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681597388&z=1&S=0&N=0&P=0

34.67.142.127

200 OK

0 B

URL HTTP/2
mtb-app.quantummetric.com/?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681597388&z=1&S=0&N=0&P=0
IP
34.67.142.127:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /?T=B&u=http%3A%2F%2Fup1igo.com%2FYBA%2520M%26T%2Flogin.php&t=1667681596860&v=1667681597388&z=1&S=0&N=0&P=0 HTTP/1.1
Host: mtb-app.quantummetric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 382
Origin: http://up1igo.com
Connection: keep-alive
Referer: http://up1igo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 20:53:19 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: http://up1igo.com
access-control-allow-credentials: true
set-cookie: s=c3618fad5ccef82d26c333d481b6b735;path=/;samesite=none;secure
U=1a92519428b0c2e28d56f0dcd5cec742;path=/;expires=Sun, 05 Nov 2023 20:53:19 GMT;samesite=none;secure
strict-transport-security: max-age=31536000; includeSubDomains;
x-robots-tag: noindex
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations