Submitted URL: http://upscapital1.tk
Effective URL: https://upscapital1.tk/
Submission: On February 19 via api from US

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 25 HTTP transactions.
The main IP is 2606:4700:3031::681b:9dc1, located in United States and belongs to CLOUDFLARENET, US. The main domain is upscapital1.tk.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 11th 2020. Valid for: 8 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 192.0.77.2 2635 (AUTOMATTIC)
1 46.105.201.240 16276 (OVH)
1 198.27.80.143 16276 (OVH)
25 5
Domain
Subdomains
Transfer
20 wp.com
41 KB
3 upscapital1.tk
7 KB
2 histats.com
5 KB
1 cloudflare.com
7 KB
25 4
Domain Requested by
20 i2.wp.com upscapital1.tk
3 upscapital1.tk 1 redirects upscapital1.tk
1 s4.histats.com s10.histats.com
1 s10.histats.com upscapital1.tk
1 cdnjs.cloudflare.com upscapital1.tk
25 5

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-02-11 -
2020-10-09
8 months
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-05 -
2020-06-12
6 months
*.wp.com
Go Daddy Secure Certificate Authority - G2
2018-04-10 -
2020-05-11
2 years
histats.com
Let's Encrypt Authority X3
2019-12-27 -
2020-03-26
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • http://upscapital1.tk/
  • https://upscapital1.tk/
37 KB
4 KB
Document
General
Full URL
https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9dc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.0.17
Resource Hash
55bbb9c3c4ccd8a2fbf3d9bff8f23e22f95e2da2979b1f7029c0992e0be24e50

Request headers

:method
GET
:authority
upscapital1.tk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 19 Feb 2020 23:15:15 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d15d417ee991d2ea25be8b9711220cc6f1582154115; expires=Fri, 20-Mar-20 23:15:15 GMT; path=/; domain=.upscapital1.tk; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
x-powered-by
EasyEngine v4.0.17
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
567bf1133866177a-FRA
content-encoding
br

Redirect headers

Date
Wed, 19 Feb 2020 23:15:15 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Thu, 20 Feb 2020 00:15:15 GMT
Location
https://upscapital1.tk/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
567bf112f88ad725-FRA
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css
30 KB
7 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 23:15:15 GMT
content-encoding
br
cf-cache-status
HIT
age
1093726
cf-ray
567bf1143e11c2d1-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:12 GMT
server
cloudflare
etag
W/"5afd4910-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Mon, 08 Feb 2021 23:15:15 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
style.css?v=0.4
/assets/css
7 KB
2 KB
Stylesheet
General
Full URL
https://upscapital1.tk/assets/css/style.css?v=0.4
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9dc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.0.17
Resource Hash
bf0c6c79ca28accca0842490f9c09b2a52255efdc4e45cdfba43da787280436d

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 23:15:15 GMT
content-encoding
br
etag
W/"5e1f7f64-1dc5"
cf-cache-status
REVALIDATED
last-modified
Wed, 15 Jan 2020 21:08:52 GMT
server
cloudflare
x-powered-by
EasyEngine v4.0.17
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=86400, must-revalidate
cf-ray
567bf11439f8177a-FRA
expires
Thu, 20 Feb 2020 23:15:15 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/GJU-S1t2r1M
696 B
970 B
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/GJU-S1t2r1M/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
68e0d3adacb34169bf1004d9a4e88178283d6a1e75ad3cce93daa8a5faa1c12e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1281
last-modified
Mon, 03 Feb 2020 09:01:03 GMT
server
nginx
etag
"c7682ba8a7268f7a"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/GJU-S1t2r1M/mqdefault.jpg>; rel="canonical"
content-length
696
expires
Wed, 02 Feb 2022 21:01:03 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/HHgn3F2J_bg
3 KB
3 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/HHgn3F2J_bg/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5a694b9428fa62e97cfc6b28318a5ee98ec5b3ce4b592003f4771e27222edb67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 3
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
266
last-modified
Mon, 20 Jan 2020 18:02:40 GMT
server
nginx
etag
"0d204ecc09f9943f"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/HHgn3F2J_bg/mqdefault.jpg>; rel="canonical"
content-length
3022
expires
Thu, 20 Jan 2022 06:02:40 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/q0hyYWKXF0Q
2 KB
3 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/q0hyYWKXF0Q/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
cbbbdbeb5d9bbbb093176a5c306312e19d6d81d6f3fe31f86d05d9c01d3a03a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 7
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
2208
last-modified
Fri, 22 Nov 2019 07:28:28 GMT
server
nginx
etag
"937adc86fcedae12"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/q0hyYWKXF0Q/mqdefault.jpg>; rel="canonical"
content-length
2512
expires
Sun, 21 Nov 2021 19:28:28 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/MRvKL8FnrtU
1 KB
1 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/MRvKL8FnrtU/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5f2fd541365ddc5f76afd2282244cbdee5393f3e71ea9557c95344fc135e9c35
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1466
last-modified
Sun, 02 Feb 2020 14:38:03 GMT
server
nginx
etag
"10e85eb123b4d54f"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/MRvKL8FnrtU/mqdefault.jpg>; rel="canonical"
content-length
1096
expires
Wed, 02 Feb 2022 02:38:03 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/4h9o0Gujuoc
2 KB
3 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/4h9o0Gujuoc/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
4cc9a8d852e4baeda2d69e421552703948e1d340261b3d2c2b0834c89071c2b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 7
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1831
last-modified
Tue, 04 Feb 2020 18:41:05 GMT
server
nginx
etag
"20c62ee9a22cc2f1"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/4h9o0Gujuoc/mqdefault.jpg>; rel="canonical"
content-length
2546
expires
Fri, 04 Feb 2022 06:41:05 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/E9j9E217LkQ
826 B
992 B
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/E9j9E217LkQ/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3ed3c0a636ae8d469f8cc0a7d60cb8759a6c71ceef5e0a5603e26ef1923d2b8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
857
last-modified
Thu, 16 Jan 2020 00:29:56 GMT
server
nginx
etag
"3b6126128dc06ebc"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/E9j9E217LkQ/mqdefault.jpg>; rel="canonical"
content-length
826
expires
Sat, 15 Jan 2022 12:29:56 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/DyDfgMOUjCI
1 KB
1 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/DyDfgMOUjCI/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
73d13dfbb3516de8a3ec8c5a569cf8cdc1265b5684533ac98fff76527fcf4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 8
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1548
last-modified
Tue, 07 Jan 2020 17:43:10 GMT
server
nginx
etag
"c7ae8c1afce1d718"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/DyDfgMOUjCI/mqdefault.jpg>; rel="canonical"
content-length
1090
expires
Fri, 07 Jan 2022 05:43:10 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/wXhTHyIgQ_U
3 KB
3 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/wXhTHyIgQ_U/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
6554a1e7975779cb2241df7522c0f79f92041cfa8222ae122ed33b150f506634
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 3
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1790
last-modified
Fri, 03 Jan 2020 19:49:25 GMT
server
nginx
etag
"b332f5168b20134e"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/wXhTHyIgQ_U/mqdefault.jpg>; rel="canonical"
content-length
2654
expires
Mon, 03 Jan 2022 07:49:25 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/SlPhMPnQ58k
1 KB
1 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/SlPhMPnQ58k/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
fbae2a14002656088774ba996255403efc94d4e40943af98fe0fb43de6c85c98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 4
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1771
last-modified
Fri, 08 Nov 2019 17:33:51 GMT
server
nginx
etag
"b07b34ac7deae1c5"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/SlPhMPnQ58k/mqdefault.jpg>; rel="canonical"
content-length
1150
expires
Mon, 08 Nov 2021 05:33:51 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/mT1JPfGc7ds
2 KB
2 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/mT1JPfGc7ds/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ba2468c5d9f32ef7feade9703217cf5d840aa6928f1530c80812cc79be15d941
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 3
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1802
last-modified
Thu, 16 Jan 2020 00:29:56 GMT
server
nginx
etag
"df1b3bf10fef9203"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/mT1JPfGc7ds/mqdefault.jpg>; rel="canonical"
content-length
2114
expires
Sat, 15 Jan 2022 12:29:56 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/EgBJmlPo8Xw
270 B
441 B
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/EgBJmlPo8Xw/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
895dd780dd0beb8a8fbe870a5051f23b954a6cee0f1d4b396baef32eff5c2d67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 8
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1015
last-modified
Fri, 24 Jan 2020 10:56:10 GMT
server
nginx
etag
"fdc043d10aa20626"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/EgBJmlPo8Xw/mqdefault.jpg>; rel="canonical"
content-length
270
expires
Sun, 23 Jan 2022 22:56:10 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/jW3aJ-3SEVU
3 KB
3 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/jW3aJ-3SEVU/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
68ed4dd377bfeaa02148f00fdd90fcc56c11d808ad4d96b8c53496a09d01791e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 7
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
2122
last-modified
Tue, 28 Jan 2020 03:26:28 GMT
server
nginx
etag
"1aacde92a34781cf"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/jW3aJ-3SEVU/mqdefault.jpg>; rel="canonical"
content-length
3064
expires
Thu, 27 Jan 2022 15:26:28 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/uLHqpjW3aDs
2 KB
2 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/uLHqpjW3aDs/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
c9b074767447fda7fcaf745ea2943d20fbdfad8fed7149e692a37a174eeb5fd5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 7
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
877
last-modified
Fri, 10 Jan 2020 05:49:01 GMT
server
nginx
etag
"3e9a554981c36a14"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/uLHqpjW3aDs/mqdefault.jpg>; rel="canonical"
content-length
1932
expires
Sun, 09 Jan 2022 17:49:01 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/XejVB_fba04
3 KB
3 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/XejVB_fba04/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
9ae98fd70899c4c39caf50348b435495b2d1b22d7b051f34cdc136d8730bf47b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1854
last-modified
Fri, 17 Jan 2020 15:54:31 GMT
server
nginx
etag
"11d4336c017fd70b"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/XejVB_fba04/mqdefault.jpg>; rel="canonical"
content-length
2762
expires
Mon, 17 Jan 2022 03:54:31 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/oygrmJFKYZY
2 KB
2 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/oygrmJFKYZY/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
fe591263a8055667813a59876f9d9ba4759f375141fe38fbe749ec4f4f5dede0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 7
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1910
last-modified
Sat, 04 Jan 2020 14:21:06 GMT
server
nginx
etag
"37873d06dd88db6b"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/oygrmJFKYZY/mqdefault.jpg>; rel="canonical"
content-length
1708
expires
Tue, 04 Jan 2022 02:21:06 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/1AhwyO7TH2A
2 KB
2 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/1AhwyO7TH2A/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3a67c033f7e7ff0ce6e08688a9d1b0fe0e19a4e199d4f667bdc2f059aa00a185
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 4
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1919
last-modified
Thu, 16 Jan 2020 00:29:56 GMT
server
nginx
etag
"bc06c8d4a07a876d"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/1AhwyO7TH2A/mqdefault.jpg>; rel="canonical"
content-length
1544
expires
Sat, 15 Jan 2022 12:29:56 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/w2Ov5jzm3j8
2 KB
3 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/w2Ov5jzm3j8/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
baf53ca8b9a4cfa4a7a3935b67f5411b99b412f519098bc2119da856e2185ada
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 1
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
2022
last-modified
Tue, 07 Jan 2020 15:07:44 GMT
server
nginx
etag
"5139a51f0928a37a"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/w2Ov5jzm3j8/mqdefault.jpg>; rel="canonical"
content-length
2474
expires
Fri, 07 Jan 2022 03:07:44 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/fHI8X4OXluQ
2 KB
2 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/fHI8X4OXluQ/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
dba4323d7710ac677b274ce06921ee3c727127e113854f22439e56473e7855f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 4
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1785
last-modified
Tue, 04 Feb 2020 09:53:04 GMT
server
nginx
etag
"47b830789275a775"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/fHI8X4OXluQ/mqdefault.jpg>; rel="canonical"
content-length
2248
expires
Thu, 03 Feb 2022 21:53:04 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/Y2E71oe0aSM
2 KB
3 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/Y2E71oe0aSM/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
14bb46a0c368b09f0ee244225886e471cc1363df10f78a0e0bb197ba9e208619
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 2
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
2083
last-modified
Mon, 17 Feb 2020 18:57:46 GMT
server
nginx
etag
"d44f572135797c56"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/Y2E71oe0aSM/mqdefault.jpg>; rel="canonical"
content-length
2484
expires
Thu, 17 Feb 2022 06:57:46 GMT
mqdefault.jpg?resize=100,100
i2.wp.com/ytimg.googleusercontent.com/vi/9HDEHj2yzew
2 KB
2 KB
Image
General
Full URL
https://i2.wp.com/ytimg.googleusercontent.com/vi/9HDEHj2yzew/mqdefault.jpg?resize=100,100
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e5031363aa7a1549537abaa8dd2d4e5bc498ca88878510388c5ba7d1e5ff5315
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Wed, 19 Feb 2020 23:15:15 GMT
x-content-type-options
nosniff
x-bytes-saved
1746
last-modified
Mon, 17 Feb 2020 23:11:15 GMT
server
nginx
etag
"1b8e42d4a6a02c8f"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://ytimg.googleusercontent.com/vi/9HDEHj2yzew/mqdefault.jpg>; rel="canonical"
content-length
1658
expires
Thu, 17 Feb 2022 11:11:15 GMT
js15_as.js
s10.histats.com
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: upscapital1.tk
URL: https://upscapital1.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 23:05:24 GMT
content-encoding
br
last-modified
Thu, 06 Dec 2018 14:12:12 GMT
x-cdn-pop-ip
51.254.41.128/26
etag
W/"-139234964"
x-cacheable
Matched cache
content-type
text/javascript
status
200
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4333
x-request-id
32774
0.php?4368192&@f16&@g1&@h1&@i1&@j1582154115455&@k0&@l1&@mOffer%20Free%20Download%20Hindi%20Mp3%20and%20Hindi%20Movie%20-%20Gaana&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-166526053&@b3:1582154115&...
s4.histats.com/stats
49 B
320 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4368192&@f16&@g1&@h1&@i1&@j1582154115455&@k0&@l1&@mOffer%20Free%20Download%20Hindi%20Mp3%20and%20Hindi%20Movie%20-%20Gaana&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-166526053&@b3:1582154115&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fupscapital1.tk%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
81418b98974b7dbf87da58a6f161b79ce30d15ff80adfee33ff5b653a7722d00

Request headers

Referer
https://upscapital1.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 19 Feb 2020 23:15:15 GMT
Connection
close
Content-Length
49
Content-Type
text/html;charset=UTF-8

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://upscapital1.tk/
  • https://upscapital1.tk/

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

8 Cookies

Domain/Path Name / Value
upscapital1.tk/ Name: HstCns4368192
Value: 1
upscapital1.tk/ Name: HstCnv4368192
Value: 1
upscapital1.tk/ Name: HstPt4368192
Value: 1
upscapital1.tk/ Name: HstPn4368192
Value: 1
upscapital1.tk/ Name: HstCmu4368192
Value: 1582154115455
upscapital1.tk/ Name: HstCla4368192
Value: 1582154115455
upscapital1.tk/ Name: HstCfa4368192
Value: 1582154115455
.upscapital1.tk/ Name: __cfduid
Value: d15d417ee991d2ea25be8b9711220cc6f1582154115

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

cdnjs.cloudflare.com
i2.wp.com
s10.histats.com
s4.histats.com
upscapital1.tk


192.0.77.2
198.27.80.143
2606:4700:3031::681b:9dc1
2606:4700::6811:4104
46.105.201.240

14bb46a0c368b09f0ee244225886e471cc1363df10f78a0e0bb197ba9e208619
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
3a67c033f7e7ff0ce6e08688a9d1b0fe0e19a4e199d4f667bdc2f059aa00a185
3ed3c0a636ae8d469f8cc0a7d60cb8759a6c71ceef5e0a5603e26ef1923d2b8a
4cc9a8d852e4baeda2d69e421552703948e1d340261b3d2c2b0834c89071c2b1
55bbb9c3c4ccd8a2fbf3d9bff8f23e22f95e2da2979b1f7029c0992e0be24e50
5a694b9428fa62e97cfc6b28318a5ee98ec5b3ce4b592003f4771e27222edb67
5f2fd541365ddc5f76afd2282244cbdee5393f3e71ea9557c95344fc135e9c35
6554a1e7975779cb2241df7522c0f79f92041cfa8222ae122ed33b150f506634
68e0d3adacb34169bf1004d9a4e88178283d6a1e75ad3cce93daa8a5faa1c12e
68ed4dd377bfeaa02148f00fdd90fcc56c11d808ad4d96b8c53496a09d01791e
73d13dfbb3516de8a3ec8c5a569cf8cdc1265b5684533ac98fff76527fcf4ed6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81418b98974b7dbf87da58a6f161b79ce30d15ff80adfee33ff5b653a7722d00
895dd780dd0beb8a8fbe870a5051f23b954a6cee0f1d4b396baef32eff5c2d67
9ae98fd70899c4c39caf50348b435495b2d1b22d7b051f34cdc136d8730bf47b
ba2468c5d9f32ef7feade9703217cf5d840aa6928f1530c80812cc79be15d941
baf53ca8b9a4cfa4a7a3935b67f5411b99b412f519098bc2119da856e2185ada
bf0c6c79ca28accca0842490f9c09b2a52255efdc4e45cdfba43da787280436d
c9b074767447fda7fcaf745ea2943d20fbdfad8fed7149e692a37a174eeb5fd5
cbbbdbeb5d9bbbb093176a5c306312e19d6d81d6f3fe31f86d05d9c01d3a03a6
dba4323d7710ac677b274ce06921ee3c727127e113854f22439e56473e7855f3
e5031363aa7a1549537abaa8dd2d4e5bc498ca88878510388c5ba7d1e5ff5315
fbae2a14002656088774ba996255403efc94d4e40943af98fe0fb43de6c85c98
fe591263a8055667813a59876f9d9ba4759f375141fe38fbe749ec4f4f5dede0