Report - uprisecapital.co.za/

Report Overview

Submitted URL
uprisecapital.co.za/
IP
169.239.217.27
ASN
#327979 DIAMATRIX
Submitted
2022-09-07 13:02:17
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	8.2 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
t.co	569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	640 B	539 B	104.244.42.133
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.149.28.179
asset.mtb.com	246397	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	16 kB	54.230.111.27
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.0 kB	93.184.220.29
ocsp.entrust.net	1208	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	3.9 kB	104.110.10.32
sp.analytics.yahoo.com	816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.8 kB	212.82.100.181
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
uprisecapital.co.za	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	511 kB	169.239.217.27
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
locations.mtb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	1.7 kB	104.18.116.52
bid.g.doubleclick.net	497	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	809 B	142.251.1.156
bat.bing.com	387	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	773 B	722 B	13.107.21.200
analytics.twitter.com	526	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	643 B	559 B	104.244.42.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-07	medium	uprisecapital.co.za/	Phishing
2022-09-07	medium	uprisecapital.co.za/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js	Phishing
2022-09-07	medium	uprisecapital.co.za/images/fszullhwyai6bvj.jpeg	Phishing
2022-09-07	medium	uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff	Phishing
2022-09-07	medium	uprisecapital.co.za/images/fszullhwyai6bvj-desktop-720x816-update.jpeg	Phishing
2022-09-07	medium	uprisecapital.co.za/font/mandtbaltoweb-light.woff	Phishing
2022-09-07	medium	uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff	Phishing
2022-09-07	medium	uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff	Phishing
2022-09-07	medium	uprisecapital.co.za/font/mandtbaltoweb-book.woff	Phishing
2022-09-07	medium	uprisecapital.co.za/font/mandtbaltoweb-medium.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	uprisecapital.co.za/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js	55 kB	2023-03-07	2023-03-07
Pretty URL uprisecapital.co.za/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js IP 169.239.217.27 ASN #327979 DIAMATRIX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:16 Last Seen2023-03-07 14:00:21 Times Seen1 Hash 4972a954887e6f0877b11eb6cee43715 8933e5db7ca2883f6ed88afa1fb70d6317d419dc 079e31acf3c5f77a737dca19021a17d184c86f7036f6cd9986e5fdce3a6f119b Loading...

HTTP Transactions (47)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4365
Expires: Wed, 07 Sep 2022 14:14:51 GMT
Date: Wed, 07 Sep 2022 13:02:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 12:04:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f4X7QcJ-trD8Pm9YMdvWTpxFSxAA_4zSk32Gu7vHnh43VWQe-VKSFw==
Age: 3446

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uh6ezqq5lDJi3uswZq9gLkeNdJZWf32zs7pzTDHYfZHgOhYoyry5rQ==
age: 33332
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 13:02:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

uprisecapital.co.za/

169.239.217.27

200 OK

14 kB

URL HTTP/1.1
uprisecapital.co.za/
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Size
14 kB (13557 bytes)
Hash
b145ffcf42210e91023f765e60685a0d
27edf93e112a43545edf01de6f5a00d42fb40fb5
00bd3ae14995e70f498af0d51d391540b762b4d635e74ca6f334e23bb1fd2fad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:06 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:06 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Length: 13557
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
f435c938837834f3d8d39977c42c7c37
1aed952add99e4af79a1fcb588aaf9d7d9a031d1
ec9866dcbe3003d0e925276c5330f1720fb0fe5699f57eeb223b6c13d16d38ef

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3513
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:06 GMT
Last-Modified: Wed, 07 Sep 2022 12:03:33 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 12:38:18 GMT
Expires: Wed, 07 Sep 2022 12:58:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U9JgZk7_XlRg1J8kn9oJB0AxMwgnb1O21ioelsO_Z1n8H2vs3kASfg==
Age: 1428

t.co/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f

104.244.42.133

200 OK

43 B

URL HTTP/2
t.co/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f
IP
104.244.42.133:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:06 GMT
server: tsa_o
set-cookie: muc_ads=126f15bf-7dad-4db8-ab4c-6ef78fa06869; Max-Age=63072000; Expires=Fri, 06 Sep 2024 13:02:06 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=0
x-response-time: 109
x-connection-hash: fe815067b604c1537c8bba9676959fb729beea48cecc6ef04a87d900388c8f87
X-Firefox-Spdy: h2

uprisecapital.co.za/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js

169.239.217.27

200 OK

14 kB

URL HTTP/1.1
uprisecapital.co.za/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Size
14 kB (13557 bytes)
Hash
b145ffcf42210e91023f765e60685a0d
27edf93e112a43545edf01de6f5a00d42fb40fb5
00bd3ae14995e70f498af0d51d391540b762b4d635e74ca6f334e23bb1fd2fad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.js HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:06 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:06 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Length: 13557
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:07 GMT
Last-Modified: Wed, 07 Sep 2022 11:57:33 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

uprisecapital.co.za/css/clientlib-base.css

169.239.217.27

200 OK

57 kB

URL HTTP/1.1
uprisecapital.co.za/css/clientlib-base.css
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
ASCII text, with very long lines (1334)
Size
57 kB (57387 bytes)
Hash
7a1fbdb4c3914c92b4e326228e49a29b
7e673bc7254e65ef19a2d35c4be13dadbdfda0dd
abacd92c4fd35f9a62dde5c9c98d112ac07a65584db661ffcf47135bb8b5f6c9

HTTP Headers

GET /css/clientlib-base.css HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 06 Jun 2022 12:10:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:06 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Length: 57387
Keep-Alive: timeout=5, max=100
Content-Type: text/css

locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg

104.18.116.52

200 OK

568 B

URL HTTP/2
locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg
IP
104.18.116.52:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (564)
Size
568 B (568 bytes)
Hash
c16a3f3b20927f9e6f7528182f845c04
574d873533eb2c64cbdb9ea3e0acb5ec6faaffe8
8410635c0b7e1b3a1fa82e4e04a4578d44aa6b8505c4494bf4a280304bdc5a77

HTTP Headers

GET /permanent-b0b701/assets/images/chevron_down.8adc6731.svg HTTP/1.1
Host: locations.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:07 GMT
content-type: image/svg+xml
content-length: 568
cache-control: max-age=31536000
content-encoding: gzip
etag: "050cee664fbeeeea1650f8360bc400ef"-gzip
last-modified: Fri, 27 Aug 2021 20:52:43 GMT
owner: sitescog-19087
strict-transport-security: max-age=31536000; includeSubDomains
surrogate-key: locations.mtb.com locations.mtb.com%2Fpermanent-b0b701%2Fassets%2Fimages%2Fchevron_down.8adc6731.svg
vary: Accept-Encoding
x-amz-id-2: I3JyrMQSEEnZXS1w2eWnTavMpOugPYxG/GfrU/kdM73Wuyt538GMG63ddlskmUwOmPflTGOXumc=
x-amz-request-id: N6WM4QNFDKBA64PF
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-yext-site: us2
x-yext-subendpoint: static
cf-cache-status: HIT
age: 20784
accept-ranges: bytes
set-cookie: __cf_bm=zLPoBkX6.iV3b8sk99KI9..bVuoZt5I9E1KHUT354tI-1662555727-0-Ae6qHBMJI1KkGHyMFoorX4yXhHuyEAnj7cQqy0/aL4xjnP+mE/5faSU4IrI/u59DEbh6qAoS5A1t5UJUfpjHG/Q=; path=/; expires=Wed, 07-Sep-22 13:32:07 GMT; domain=.locations.mtb.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 746fa310ced9b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bid.g.doubleclick.net/xbbe/pixel?d=KAE

142.251.1.156

200 OK

0 B

URL HTTP/2
bid.g.doubleclick.net/xbbe/pixel?d=KAE
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xbbe/pixel?d=KAE HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Sep 2022 13:02:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Sep-2022 13:17:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Sep 2022 13:02:07 GMT
cache-control: private
X-Firefox-Spdy: h2

uprisecapital.co.za/images/white%20logo.png

169.239.217.27

200 OK

4.9 kB

URL HTTP/1.1
uprisecapital.co.za/images/white%20logo.png
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
PNG image data, 174 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4936 bytes)
Hash
c0147602bcf486443b17ad6f3e31b2af
5b1b036726ede6f2186c0e85ad1a201f560ecd64
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652

HTTP Headers

GET /images/white%20logo.png HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:28:20 GMT
Accept-Ranges: bytes
Content-Length: 4936
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

uprisecapital.co.za/images/fszullhwyai6bvj.jpeg

169.239.217.27

200 OK

25 kB

URL HTTP/1.1
uprisecapital.co.za/images/fszullhwyai6bvj.jpeg
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x515, components 3\012- data
Size
25 kB (25445 bytes)
Hash
3a5916dca245b69e7c855544502df33d
2f0b613afd3be67343b5c7fa5af78cf51f66fbfc
a06dcffedaadc56b236deaf03906e025341b8fe314430247de506bd37237d42e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /images/fszullhwyai6bvj.jpeg HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:28:30 GMT
Accept-Ranges: bytes
Content-Length: 25445
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

push.services.mozilla.com/

54.149.28.179

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.28.179:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bBaJsjseeDKrNSzub/HYBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MoTOZJXvsPeWnKTCCtP5Su2b19s=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221662555434050%22

143.204.55.115

200 OK

4.7 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221662555434050%22
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (22383), with no line terminators
Size
4.7 kB (4698 bytes)
Hash
5ad3a2aec2cbd1e9b8a332d419c82d95
3ebc46ec45fa29bac3abb2103a7a7e7baaf469fa
792d93653dcb7717cff83fdc6cf7216dfdfcba8a4823d301ab418c4b7f942e11

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221662555434050%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 13:01:59 GMT
Expires: Wed, 07 Sep 2022 14:01:58 GMT
Last-Modified: Wed, 07 Sep 2022 12:57:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9NokISm3J4dJAtyRd1D9oSq432W8NAEsyU7vj9IgJdth5Xdygw3GyQ==
Age: 8

uprisecapital.co.za/images/equal-housing-lender-logo.png

169.239.217.27

200 OK

1.5 kB

URL HTTP/1.1
uprisecapital.co.za/images/equal-housing-lender-logo.png
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
PNG image data, 23 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1509 bytes)
Hash
df5acca843cd10a9f0b683403207812f
40e3af1ed5c19e8caf85eb9d5a11c92e1e7ed624
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3

HTTP Headers

GET /images/equal-housing-lender-logo.png HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 06 Jun 2022 11:28:08 GMT
Accept-Ranges: bytes
Content-Length: 1509
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Content-Type: image/png

uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff

169.239.217.27

200 OK

55 kB

URL HTTP/1.1
uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Size
55 kB (54973 bytes)
Hash
4972a954887e6f0877b11eb6cee43715
8933e5db7ca2883f6ed88afa1fb70d6317d419dc
079e31acf3c5f77a737dca19021a17d184c86f7036f6cd9986e5fdce3a6f119b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: Accept-Encoding,User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

uprisecapital.co.za/images/fszullhwyai6bvj-desktop-720x816-update.jpeg

169.239.217.27

200 OK

26 kB

URL HTTP/1.1
uprisecapital.co.za/images/fszullhwyai6bvj-desktop-720x816-update.jpeg
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x816, components 3\012- data
Size
26 kB (26353 bytes)
Hash
9ce5649d1be7c13d4c0fc9c9b254de70
53be7aebce6d6489b6849dbfc50e212d39b83423
ed305c6fbe8bfbc0a34f339f2430f89e03d49cf628945a0c126896d96760f86c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /images/fszullhwyai6bvj-desktop-720x816-update.jpeg HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 06 Jun 2022 11:28:36 GMT
Accept-Ranges: bytes
Content-Length: 26353
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg

uprisecapital.co.za/font/mandtbaltoweb-light.woff

169.239.217.27

200 OK

66 kB

URL HTTP/1.1
uprisecapital.co.za/font/mandtbaltoweb-light.woff
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Size
66 kB (66170 bytes)
Hash
2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /font/mandtbaltoweb-light.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:08 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:30:42 GMT
Accept-Ranges: bytes
Content-Length: 66170
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:08 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff

uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff

169.239.217.27

200 OK

55 kB

URL HTTP/1.1
uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Size
55 kB (54973 bytes)
Hash
4972a954887e6f0877b11eb6cee43715
8933e5db7ca2883f6ed88afa1fb70d6317d419dc
079e31acf3c5f77a737dca19021a17d184c86f7036f6cd9986e5fdce3a6f119b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: Accept-Encoding,User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff

169.239.217.27

200 OK

55 kB

URL HTTP/1.1
uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Size
55 kB (54973 bytes)
Hash
4972a954887e6f0877b11eb6cee43715
8933e5db7ca2883f6ed88afa1fb70d6317d419dc
079e31acf3c5f77a737dca19021a17d184c86f7036f6cd9986e5fdce3a6f119b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: Accept-Encoding,User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

uprisecapital.co.za/font/mandtbaltoweb-book.woff

169.239.217.27

200 OK

68 kB

URL HTTP/1.1
uprisecapital.co.za/font/mandtbaltoweb-book.woff
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Size
68 kB (67671 bytes)
Hash
6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /font/mandtbaltoweb-book.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:08 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:30:16 GMT
Accept-Ranges: bytes
Content-Length: 67671
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:08 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
269b278e69394e36714e217f0561ae58
f4d601cec67f06f680c408924f02c17021df763e
630690d76a70361a00f41806aff7b75acdee917deb66dfe6c503e08f00d815be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "630690D76A70361A00F41806AFF7B75ACDEE917DEB66DFE6C503E08F00D815BE"
Last-Modified: Wed, 07 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2140
Expires: Wed, 07 Sep 2022 13:37:48 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive

bat.bing.com/action/0?ti=5564484&Ver=2&mid=8d543f60-2178-4b31-aa8d-de8c2909eb6a&sid=95e342a0e59211eca7eb6b0062c4e687&vid=95e3a450e59211eca66abb68daa7f629&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=2134&sh=1200&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fwww3.mtb.com%2Flog-in&r=https%3A%2F%2Fwww3.mtb.com%2F&lt=4467&mtp=10&evt=pageLoad&msclkid=N&sv=1&rn=506915

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=5564484&Ver=2&mid=8d543f60-2178-4b31-aa8d-de8c2909eb6a&sid=95e342a0e59211eca7eb6b0062c4e687&vid=95e3a450e59211eca66abb68daa7f629&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=2134&sh=1200&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fwww3.mtb.com%2Flog-in&r=https%3A%2F%2Fwww3.mtb.com%2F&lt=4467&mtp=10&evt=pageLoad&msclkid=N&sv=1&rn=506915
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=5564484&Ver=2&mid=8d543f60-2178-4b31-aa8d-de8c2909eb6a&sid=95e342a0e59211eca7eb6b0062c4e687&vid=95e3a450e59211eca66abb68daa7f629&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=2134&sh=1200&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fwww3.mtb.com%2Flog-in&r=https%3A%2F%2Fwww3.mtb.com%2F&lt=4467&mtp=10&evt=pageLoad&msclkid=N&sv=1&rn=506915 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=298E0F970DA56C2618651D8F0C506DF8; domain=.bing.com; expires=Mon, 02-Oct-2023 13:02:08 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15EAEBE322D647E1A594153D43B4DF43 Ref B: OSL30EDGE0507 Ref C: 2022-09-07T13:02:08Z
date: Wed, 07 Sep 2022 13:02:07 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
934d84879aada6a72078add66e7c419d
ffaf06f515a2b3d77cd76a5faeb698e41f88c39e
17cf78d20c4bcc195270e0ea4300ee5551c3b58187f9e6e8d9f32bd2db061273

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4865
Cache-Control: max-age=124648
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:08 GMT
Etag: "6317c737-138"
Expires: Thu, 08 Sep 2022 23:39:36 GMT
Last-Modified: Tue, 06 Sep 2022 22:18:31 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 312

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1585 bytes)
Hash
ad843af3ead8ff8288ef9cdc0481dbe9
a85a86509645ac70ed81646164f445cc2683be77
a53bffe092f5c2a6519e7d692bfd151bb82b4950b9d92f934d68cb91c70987e1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "A53BFFE092F5C2A6519E7D692BFD151BB82B4950B9D92F934D68CB91C70987E1"
Last-Modified: Wed, 07 Sep 2022 02:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=2898
Expires: Wed, 07 Sep 2022 13:50:26 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6214 bytes)
Hash
f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:10:03 GMT
age: 28325
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8462 bytes)
Hash
70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: d75d69c1-87be-47e2-8684-3c9a25edee2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYpFL-IAMFukQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd0-1c6d025672cc490734bb54e4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yzw88Z7aubNEll7UXkvaIWbftL95Y0UDTMnOEh_uhKqWgNycBA9Adw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:22 GMT
age: 55246
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13523 bytes)
Hash
f754103a24f76f89b092a30c13f2d5d5
800998b57db224e881f26b245baa4da9626d9f0a
2d535af5239ad8c836cb8545ae6bcc957b3ebcf5ae3abe60fb4281c9e268b0be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13523
x-amzn-requestid: 10df7b4c-540c-4706-a511-5ff96a3aeb9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDikTETaIAMFk6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317b14e-4afbd43f3d8117aa10e91f64;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 20:45:02 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dDCQ13zMHNL9RVL9bvUVut-AfDpiTNaj8798O5T20k0hiSkL2t3KjA==
via: 1.1 1dd804267731601ebefbfc73a35de7a8.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:15 GMT
etag: "800998b57db224e881f26b245baa4da9626d9f0a"
content-type: image/jpeg
age: 54653
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4805 bytes)
Hash
4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 6db42fa4-5a04-4368-b5cb-ea8f70d83ead
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XmxSRFp7oAMFb3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c2f41-1df42bd2265554de5f47932e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 03:15:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KQ1yb69_uETJJlEIcwsR165zqZuiklGuj3Nn-tyta0e_q8BGqs3cXg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:24 GMT
age: 54644
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32c4c11-63fc-45cc-8135-a07269f9cfff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10271 bytes)
Hash
e394af6d0aec5b71edd498560f9ec203
b01d56a5089b4603c0457635cb27fb3e674f65d1
95a5f3cf75273226304f1bda382bb4e6b3b1b93102680e088679cd6ab456d9b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32c4c11-63fc-45cc-8135-a07269f9cfff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: 9e4b6ad9-d5bb-41f4-9c44-6825559f9c76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDsC-G3LoAMFRfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317c079-482e37871987d52023a82d4d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:49:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 28L4Qiki8GQVRN5gWNSd5ZZyHTYWj-KryMkJg9er8NTQYCmsdZG8_g==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:11:45 GMT
age: 53423
etag: "b01d56a5089b4603c0457635cb27fb3e674f65d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12661 bytes)
Hash
79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:38:56 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 51792
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Jun%202022%2012%3A17%3A55%20GMT&n=-8&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Jun%202022%2012%3A17%3A55%20GMT&n=-8&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&d=Mon%2C%2006%20Jun%202022%2012%3A17%3A55%20GMT&n=-8&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:08 GMT
expires: Wed, 07 Sep 2022 13:02:08 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBFCWGGMCEOWjE9tdjJYC7mxsS14qdykFEgEBAQHnGWMiYwAAAAAA_eMAAA&S=AQAAAvoDtHczf9-o9M2oOt76WhQ; Expires=Thu, 7 Sep 2023 19:02:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:08 GMT
expires: Wed, 07 Sep 2022 13:02:08 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBFCWGGMCEM7yMoJkhasjLwk4QzX4jLsFEgEBAQHnGWMiYwAAAAAA_eMAAA&S=AQAAAlTmbW_4gXqQx00jNDHkWzs; Expires=Thu, 7 Sep 2023 19:02:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10087193&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&tagmgr=tealium%2Cgtm

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10087193&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&tagmgr=tealium%2Cgtm
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10087193&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&tagmgr=tealium%2Cgtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:08 GMT
expires: Wed, 07 Sep 2022 13:02:08 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBFCWGGMCEAP7mhhnJtqKcoyiNRn5ZdcFEgEBAQHnGWMiYwAAAAAA_eMAAA&S=AQAAAmgbkO0rijjDKIEQzAPMlbo; Expires=Thu, 7 Sep 2023 19:02:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

asset.mtb.com/Documents/html/homepage/favicon.ico

54.230.111.27

200 OK

15 kB

URL HTTP/2
asset.mtb.com/Documents/html/homepage/favicon.ico
IP
54.230.111.27:0
ASN
#16509 AMAZON-02

File type
PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
15 kB (14862 bytes)
Hash
e82f458a5c1c5353a97401eccc925613
949d6c8d06ca14b52f496c20f63fae269b6708c2
cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3

HTTP Headers

GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/x-icon
content-length: 14862
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Wed, 07 Sep 2022 12:14:36 GMT
last-modified: Wed, 04 May 2022 18:18:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "3dce-5de33a8b9cac0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TEJXlSOQKsWTozh0e3DtVSO1EqyylFsIk__Or0IoLdFIvW1Waiqivg==
age: 2851
X-Firefox-Spdy: h2

analytics.twitter.com/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f

104.244.42.3

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f
IP
104.244.42.3:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:08 GMT
server: tsa_o
set-cookie: personalization_id="v1_Tr3yCOdw6oGcqfmlh9BPfg=="; Max-Age=63072000; Expires=Fri, 06 Sep 2024 13:02:08 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 67c3197fa7bc30379c4d432e2782a4c9a67f1a2f72f0248823e566e6ce9f70bf
X-Firefox-Spdy: h2

uprisecapital.co.za/font/mandtbaltoweb-medium.woff

169.239.217.27

200 OK

64 kB

URL HTTP/1.1
uprisecapital.co.za/font/mandtbaltoweb-medium.woff
IP
169.239.217.27:0
ASN
#327979 DIAMATRIX

File type
Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Size
64 kB (64318 bytes)
Hash
b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /font/mandtbaltoweb-medium.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:08 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:30:54 GMT
Accept-Ranges: bytes
Content-Length: 64318
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:08 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (47)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type