r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4365
Expires: Wed, 07 Sep 2022 14:14:51 GMT
Date: Wed, 07 Sep 2022 13:02:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 12:04:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f4X7QcJ-trD8Pm9YMdvWTpxFSxAA_4zSk32Gu7vHnh43VWQe-VKSFw==
Age: 3446
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uh6ezqq5lDJi3uswZq9gLkeNdJZWf32zs7pzTDHYfZHgOhYoyry5rQ==
age: 33332
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 13:02:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
uprisecapital.co.za/
169.239.217.27200 OK 14 kB IP 169.239.217.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Hash b145ffcf42210e91023f765e60685a0d
27edf93e112a43545edf01de6f5a00d42fb40fb5
00bd3ae14995e70f498af0d51d391540b762b4d635e74ca6f334e23bb1fd2fad
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:06 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:06 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Length: 13557
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f435c938837834f3d8d39977c42c7c37
1aed952add99e4af79a1fcb588aaf9d7d9a031d1
ec9866dcbe3003d0e925276c5330f1720fb0fe5699f57eeb223b6c13d16d38ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3513
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:06 GMT
Last-Modified: Wed, 07 Sep 2022 12:03:33 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 12:38:18 GMT
Expires: Wed, 07 Sep 2022 12:58:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U9JgZk7_XlRg1J8kn9oJB0AxMwgnb1O21ioelsO_Z1n8H2vs3kASfg==
Age: 1428
t.co/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:06 GMT
server: tsa_o
set-cookie: muc_ads=126f15bf-7dad-4db8-ab4c-6ef78fa06869; Max-Age=63072000; Expires=Fri, 06 Sep 2024 13:02:06 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=0
x-response-time: 109
x-connection-hash: fe815067b604c1537c8bba9676959fb729beea48cecc6ef04a87d900388c8f87
X-Firefox-Spdy: h2
uprisecapital.co.za/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
169.239.217.27200 OK 14 kB URL HTTP/1.1 uprisecapital.co.za/etc.clientlibs/mtb-web/clientlibs/clientlib-base.js
IP 169.239.217.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Hash b145ffcf42210e91023f765e60685a0d
27edf93e112a43545edf01de6f5a00d42fb40fb5
00bd3ae14995e70f498af0d51d391540b762b4d635e74ca6f334e23bb1fd2fad
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/mtb-web/clientlibs/clientlib-base.js HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:06 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:06 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Length: 13557
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:07 GMT
Last-Modified: Wed, 07 Sep 2022 11:57:33 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
uprisecapital.co.za/css/clientlib-base.css
169.239.217.27200 OK 57 kB URL HTTP/1.1 uprisecapital.co.za/css/clientlib-base.css
IP 169.239.217.27:0
File type ASCII text, with very long lines (1334)
Hash 7a1fbdb4c3914c92b4e326228e49a29b
7e673bc7254e65ef19a2d35c4be13dadbdfda0dd
abacd92c4fd35f9a62dde5c9c98d112ac07a65584db661ffcf47135bb8b5f6c9
GET /css/clientlib-base.css HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 06 Jun 2022 12:10:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:06 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Length: 57387
Keep-Alive: timeout=5, max=100
Content-Type: text/css
locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg
104.18.116.52200 OK 568 B URL HTTP/2 locations.mtb.com/permanent-b0b701/assets/images/chevron_down.8adc6731.svg
IP 104.18.116.52:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (564)
Hash c16a3f3b20927f9e6f7528182f845c04
574d873533eb2c64cbdb9ea3e0acb5ec6faaffe8
8410635c0b7e1b3a1fa82e4e04a4578d44aa6b8505c4494bf4a280304bdc5a77
GET /permanent-b0b701/assets/images/chevron_down.8adc6731.svg HTTP/1.1
Host: locations.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:07 GMT
content-type: image/svg+xml
content-length: 568
cache-control: max-age=31536000
content-encoding: gzip
etag: "050cee664fbeeeea1650f8360bc400ef"-gzip
last-modified: Fri, 27 Aug 2021 20:52:43 GMT
owner: sitescog-19087
strict-transport-security: max-age=31536000; includeSubDomains
surrogate-key: locations.mtb.com locations.mtb.com%2Fpermanent-b0b701%2Fassets%2Fimages%2Fchevron_down.8adc6731.svg
vary: Accept-Encoding
x-amz-id-2: I3JyrMQSEEnZXS1w2eWnTavMpOugPYxG/GfrU/kdM73Wuyt538GMG63ddlskmUwOmPflTGOXumc=
x-amz-request-id: N6WM4QNFDKBA64PF
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-yext-site: us2
x-yext-subendpoint: static
cf-cache-status: HIT
age: 20784
accept-ranges: bytes
set-cookie: __cf_bm=zLPoBkX6.iV3b8sk99KI9..bVuoZt5I9E1KHUT354tI-1662555727-0-Ae6qHBMJI1KkGHyMFoorX4yXhHuyEAnj7cQqy0/aL4xjnP+mE/5faSU4IrI/u59DEbh6qAoS5A1t5UJUfpjHG/Q=; path=/; expires=Wed, 07-Sep-22 13:32:07 GMT; domain=.locations.mtb.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 746fa310ced9b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bid.g.doubleclick.net/xbbe/pixel?d=KAE
142.251.1.156200 OK 0 B URL HTTP/2 bid.g.doubleclick.net/xbbe/pixel?d=KAE
IP 142.251.1.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=KAE HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Sep 2022 13:02:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Sep-2022 13:17:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Sep 2022 13:02:07 GMT
cache-control: private
X-Firefox-Spdy: h2
uprisecapital.co.za/images/white%20logo.png
169.239.217.27200 OK 4.9 kB URL HTTP/1.1 uprisecapital.co.za/images/white%20logo.png
IP 169.239.217.27:0
File type PNG image data, 174 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash c0147602bcf486443b17ad6f3e31b2af
5b1b036726ede6f2186c0e85ad1a201f560ecd64
68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652
GET /images/white%20logo.png HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:28:20 GMT
Accept-Ranges: bytes
Content-Length: 4936
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
uprisecapital.co.za/images/fszullhwyai6bvj.jpeg
169.239.217.27200 OK 25 kB URL HTTP/1.1 uprisecapital.co.za/images/fszullhwyai6bvj.jpeg
IP 169.239.217.27:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x515, components 3\012- data
Hash 3a5916dca245b69e7c855544502df33d
2f0b613afd3be67343b5c7fa5af78cf51f66fbfc
a06dcffedaadc56b236deaf03906e025341b8fe314430247de506bd37237d42e
Analyzer Verdict Alert fortinet Phishing
GET /images/fszullhwyai6bvj.jpeg HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:28:30 GMT
Accept-Ranges: bytes
Content-Length: 25445
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
push.services.mozilla.com/
54.149.28.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.28.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bBaJsjseeDKrNSzub/HYBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MoTOZJXvsPeWnKTCCtP5Su2b19s=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221662555434050%22
143.204.55.115200 OK 4.7 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221662555434050%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (22383), with no line terminators
Hash 5ad3a2aec2cbd1e9b8a332d419c82d95
3ebc46ec45fa29bac3abb2103a7a7e7baaf469fa
792d93653dcb7717cff83fdc6cf7216dfdfcba8a4823d301ab418c4b7f942e11
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221662555434050%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 13:01:59 GMT
Expires: Wed, 07 Sep 2022 14:01:58 GMT
Last-Modified: Wed, 07 Sep 2022 12:57:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9NokISm3J4dJAtyRd1D9oSq432W8NAEsyU7vj9IgJdth5Xdygw3GyQ==
Age: 8
uprisecapital.co.za/images/equal-housing-lender-logo.png
169.239.217.27200 OK 1.5 kB URL HTTP/1.1 uprisecapital.co.za/images/equal-housing-lender-logo.png
IP 169.239.217.27:0
File type PNG image data, 23 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash df5acca843cd10a9f0b683403207812f
40e3af1ed5c19e8caf85eb9d5a11c92e1e7ed624
46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3
GET /images/equal-housing-lender-logo.png HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 06 Jun 2022 11:28:08 GMT
Accept-Ranges: bytes
Content-Length: 1509
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Content-Type: image/png
uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
169.239.217.27200 OK 55 kB URL HTTP/1.1 uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff
IP 169.239.217.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Hash 4972a954887e6f0877b11eb6cee43715
8933e5db7ca2883f6ed88afa1fb70d6317d419dc
079e31acf3c5f77a737dca19021a17d184c86f7036f6cd9986e5fdce3a6f119b
Analyzer Verdict Alert fortinet Phishing
GET /css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-light.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: Accept-Encoding,User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
uprisecapital.co.za/images/fszullhwyai6bvj-desktop-720x816-update.jpeg
169.239.217.27200 OK 26 kB URL HTTP/1.1 uprisecapital.co.za/images/fszullhwyai6bvj-desktop-720x816-update.jpeg
IP 169.239.217.27:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x816, components 3\012- data
Hash 9ce5649d1be7c13d4c0fc9c9b254de70
53be7aebce6d6489b6849dbfc50e212d39b83423
ed305c6fbe8bfbc0a34f339f2430f89e03d49cf628945a0c126896d96760f86c
Analyzer Verdict Alert fortinet Phishing
GET /images/fszullhwyai6bvj-desktop-720x816-update.jpeg HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uprisecapital.co.za/
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 06 Jun 2022 11:28:36 GMT
Accept-Ranges: bytes
Content-Length: 26353
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg
uprisecapital.co.za/font/mandtbaltoweb-light.woff
169.239.217.27200 OK 66 kB URL HTTP/1.1 uprisecapital.co.za/font/mandtbaltoweb-light.woff
IP 169.239.217.27:0
File type Web Open Font Format, TrueType, length 66170, version 1.0\012- data
Hash 2c232501b80100ac5022cb84380a6df4
79898c6b15d379850157a7b44d55d8694eb54b1f
18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a
Analyzer Verdict Alert fortinet Phishing
GET /font/mandtbaltoweb-light.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:08 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:30:42 GMT
Accept-Ranges: bytes
Content-Length: 66170
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:08 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff
uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
169.239.217.27200 OK 55 kB URL HTTP/1.1 uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff
IP 169.239.217.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Hash 4972a954887e6f0877b11eb6cee43715
8933e5db7ca2883f6ed88afa1fb70d6317d419dc
079e31acf3c5f77a737dca19021a17d184c86f7036f6cd9986e5fdce3a6f119b
Analyzer Verdict Alert fortinet Phishing
GET /css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-book.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: Accept-Encoding,User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
169.239.217.27200 OK 55 kB URL HTTP/1.1 uprisecapital.co.za/css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff
IP 169.239.217.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3134), with CRLF line terminators
Hash 4972a954887e6f0877b11eb6cee43715
8933e5db7ca2883f6ed88afa1fb70d6317d419dc
079e31acf3c5f77a737dca19021a17d184c86f7036f6cd9986e5fdce3a6f119b
Analyzer Verdict Alert fortinet Phishing
GET /css/clientlib-site/resources/fonts/MTB_Balto/Webfonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:07 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:07 GMT
Vary: Accept-Encoding,User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
uprisecapital.co.za/font/mandtbaltoweb-book.woff
169.239.217.27200 OK 68 kB URL HTTP/1.1 uprisecapital.co.za/font/mandtbaltoweb-book.woff
IP 169.239.217.27:0
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
Analyzer Verdict Alert fortinet Phishing
GET /font/mandtbaltoweb-book.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:08 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:30:16 GMT
Accept-Ranges: bytes
Content-Length: 67671
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:08 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 269b278e69394e36714e217f0561ae58
f4d601cec67f06f680c408924f02c17021df763e
630690d76a70361a00f41806aff7b75acdee917deb66dfe6c503e08f00d815be
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "630690D76A70361A00F41806AFF7B75ACDEE917DEB66DFE6C503E08F00D815BE"
Last-Modified: Wed, 07 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2140
Expires: Wed, 07 Sep 2022 13:37:48 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive
bat.bing.com/action/0?ti=5564484&Ver=2&mid=8d543f60-2178-4b31-aa8d-de8c2909eb6a&sid=95e342a0e59211eca7eb6b0062c4e687&vid=95e3a450e59211eca66abb68daa7f629&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=2134&sh=1200&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fwww3.mtb.com%2Flog-in&r=https%3A%2F%2Fwww3.mtb.com%2F<=4467&mtp=10&evt=pageLoad&msclkid=N&sv=1&rn=506915
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5564484&Ver=2&mid=8d543f60-2178-4b31-aa8d-de8c2909eb6a&sid=95e342a0e59211eca7eb6b0062c4e687&vid=95e3a450e59211eca66abb68daa7f629&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=2134&sh=1200&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fwww3.mtb.com%2Flog-in&r=https%3A%2F%2Fwww3.mtb.com%2F<=4467&mtp=10&evt=pageLoad&msclkid=N&sv=1&rn=506915
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5564484&Ver=2&mid=8d543f60-2178-4b31-aa8d-de8c2909eb6a&sid=95e342a0e59211eca7eb6b0062c4e687&vid=95e3a450e59211eca66abb68daa7f629&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=2134&sh=1200&sc=24&tl=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&p=https%3A%2F%2Fwww3.mtb.com%2Flog-in&r=https%3A%2F%2Fwww3.mtb.com%2F<=4467&mtp=10&evt=pageLoad&msclkid=N&sv=1&rn=506915 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=298E0F970DA56C2618651D8F0C506DF8; domain=.bing.com; expires=Mon, 02-Oct-2023 13:02:08 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15EAEBE322D647E1A594153D43B4DF43 Ref B: OSL30EDGE0507 Ref C: 2022-09-07T13:02:08Z
date: Wed, 07 Sep 2022 13:02:07 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 934d84879aada6a72078add66e7c419d
ffaf06f515a2b3d77cd76a5faeb698e41f88c39e
17cf78d20c4bcc195270e0ea4300ee5551c3b58187f9e6e8d9f32bd2db061273
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4865
Cache-Control: max-age=124648
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:02:08 GMT
Etag: "6317c737-138"
Expires: Thu, 08 Sep 2022 23:39:36 GMT
Last-Modified: Tue, 06 Sep 2022 22:18:31 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 312
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ad843af3ead8ff8288ef9cdc0481dbe9
a85a86509645ac70ed81646164f445cc2683be77
a53bffe092f5c2a6519e7d692bfd151bb82b4950b9d92f934d68cb91c70987e1
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "A53BFFE092F5C2A6519E7D692BFD151BB82B4950B9D92F934D68CB91C70987E1"
Last-Modified: Wed, 07 Sep 2022 02:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=2898
Expires: Wed, 07 Sep 2022 13:50:26 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4991
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:02:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:10:03 GMT
age: 28325
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: d75d69c1-87be-47e2-8684-3c9a25edee2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYpFL-IAMFukQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd0-1c6d025672cc490734bb54e4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yzw88Z7aubNEll7UXkvaIWbftL95Y0UDTMnOEh_uhKqWgNycBA9Adw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:22 GMT
age: 55246
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f754103a24f76f89b092a30c13f2d5d5
800998b57db224e881f26b245baa4da9626d9f0a
2d535af5239ad8c836cb8545ae6bcc957b3ebcf5ae3abe60fb4281c9e268b0be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13523
x-amzn-requestid: 10df7b4c-540c-4706-a511-5ff96a3aeb9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDikTETaIAMFk6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317b14e-4afbd43f3d8117aa10e91f64;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 20:45:02 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dDCQ13zMHNL9RVL9bvUVut-AfDpiTNaj8798O5T20k0hiSkL2t3KjA==
via: 1.1 1dd804267731601ebefbfc73a35de7a8.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:15 GMT
etag: "800998b57db224e881f26b245baa4da9626d9f0a"
content-type: image/jpeg
age: 54653
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 6db42fa4-5a04-4368-b5cb-ea8f70d83ead
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XmxSRFp7oAMFb3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c2f41-1df42bd2265554de5f47932e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 03:15:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KQ1yb69_uETJJlEIcwsR165zqZuiklGuj3Nn-tyta0e_q8BGqs3cXg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:24 GMT
age: 54644
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32c4c11-63fc-45cc-8135-a07269f9cfff.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32c4c11-63fc-45cc-8135-a07269f9cfff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e394af6d0aec5b71edd498560f9ec203
b01d56a5089b4603c0457635cb27fb3e674f65d1
95a5f3cf75273226304f1bda382bb4e6b3b1b93102680e088679cd6ab456d9b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32c4c11-63fc-45cc-8135-a07269f9cfff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: 9e4b6ad9-d5bb-41f4-9c44-6825559f9c76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDsC-G3LoAMFRfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317c079-482e37871987d52023a82d4d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:49:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 28L4Qiki8GQVRN5gWNSd5ZZyHTYWj-KryMkJg9er8NTQYCmsdZG8_g==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:11:45 GMT
age: 53423
etag: "b01d56a5089b4603c0457635cb27fb3e674f65d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:38:56 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 51792
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Jun%202022%2012%3A17%3A55%20GMT&n=-8&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Jun%202022%2012%3A17%3A55%20GMT&n=-8&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Mon%2C%2006%20Jun%202022%2012%3A17%3A55%20GMT&n=-8&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:08 GMT
expires: Wed, 07 Sep 2022 13:02:08 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBFCWGGMCEOWjE9tdjJYC7mxsS14qdykFEgEBAQHnGWMiYwAAAAAA_eMAAA&S=AQAAAvoDtHczf9-o9M2oOt76WhQ; Expires=Thu, 7 Sep 2023 19:02:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10108773&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&et=custom&tagmgr=tealium%2Cgtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:08 GMT
expires: Wed, 07 Sep 2022 13:02:08 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBFCWGGMCEM7yMoJkhasjLwk4QzX4jLsFEgEBAQHnGWMiYwAAAAAA_eMAAA&S=AQAAAlTmbW_4gXqQx00jNDHkWzs; Expires=Thu, 7 Sep 2023 19:02:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10087193&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&tagmgr=tealium%2Cgtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10087193&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&tagmgr=tealium%2Cgtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=Log%20in%20to%20M%26T%20Online%20Banking%20or%20Commercial%20Treasury%20Center&.yp=10087193&f=https%3A%2F%2Fwww3.mtb.com%2Flog-in&e=https%3A%2F%2Fwww3.mtb.com%2F&enc=UTF-8&yv=1.12.0&tagmgr=tealium%2Cgtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:08 GMT
expires: Wed, 07 Sep 2022 13:02:08 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBFCWGGMCEAP7mhhnJtqKcoyiNRn5ZdcFEgEBAQHnGWMiYwAAAAAA_eMAAA&S=AQAAAmgbkO0rijjDKIEQzAPMlbo; Expires=Thu, 7 Sep 2023 19:02:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
asset.mtb.com/Documents/html/homepage/favicon.ico
54.230.111.27200 OK 15 kB URL HTTP/2 asset.mtb.com/Documents/html/homepage/favicon.ico
IP 54.230.111.27:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash e82f458a5c1c5353a97401eccc925613
949d6c8d06ca14b52f496c20f63fae269b6708c2
cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 14862
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Wed, 07 Sep 2022 12:14:36 GMT
last-modified: Wed, 04 May 2022 18:18:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "3dce-5de33a8b9cac0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TEJXlSOQKsWTozh0e3DtVSO1EqyylFsIk__Or0IoLdFIvW1Waiqivg==
age: 2851
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f
104.244.42.3200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f
IP 104.244.42.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nvk8o&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww3.mtb.com%2Flog-in&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=daef07b9-8bc9-4df6-82f5-a91985a9483f HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uprisecapital.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:02:08 GMT
server: tsa_o
set-cookie: personalization_id="v1_Tr3yCOdw6oGcqfmlh9BPfg=="; Max-Age=63072000; Expires=Fri, 06 Sep 2024 13:02:08 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 67c3197fa7bc30379c4d432e2782a4c9a67f1a2f72f0248823e566e6ce9f70bf
X-Firefox-Spdy: h2
uprisecapital.co.za/font/mandtbaltoweb-medium.woff
169.239.217.27200 OK 64 kB URL HTTP/1.1 uprisecapital.co.za/font/mandtbaltoweb-medium.woff
IP 169.239.217.27:0
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
Analyzer Verdict Alert fortinet Phishing
GET /font/mandtbaltoweb-medium.woff HTTP/1.1
Host: uprisecapital.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uprisecapital.co.za/css/clientlib-base.css
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:02:08 GMT
Server: Apache
Last-Modified: Mon, 06 Jun 2022 11:30:54 GMT
Accept-Ranges: bytes
Content-Length: 64318
Cache-Control: max-age=86400
Expires: Thu, 08 Sep 2022 13:02:08 GMT
Vary: User-Agent
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff