| r3.o.lencr.org/ |  23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash8f33f56c329fe0b1570d2ee3e000ce4e b11fcecd7cc1210d3f3b4e1426a37d3cd138119e ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20476
Expires: Thu, 09 Mar 2023 22:02:41 GMT
Date: Thu, 09 Mar 2023 16:21:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash7989fc4a69327c765a7e4e68f46c169b 1f3e8e6e9e640c3d99ec52dc947b68fa9c1d335b b15c98c58fae6a49e831bc0db617bedf8538bbfa011a84553debdcbe461433d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B15C98C58FAE6A49E831BC0DB617BEDF8538BBFA011A84553DEBDCBE461433D0"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19018
Expires: Thu, 09 Mar 2023 21:38:23 GMT
Date: Thu, 09 Mar 2023 16:21:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash6d096b44c5db01960a5d03dbb2a238c0 8e818de0e82041f2d9edeb14ddaf3916983b3729 8c69b4883e45e3e993ffdf24922c6ff7f0131f1eece0c3d0016137ca29f48d04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C69B4883E45E3E993FFDF24922C6FF7F0131F1EECE0C3D0016137CA29F48D04"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12526
Expires: Thu, 09 Mar 2023 19:50:11 GMT
Date: Thu, 09 Mar 2023 16:21:25 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashed282214b024a7895d90e229e92bb1cc 1f447aa59287ce2b45860a1a909d005a41305f77 a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Mar 2023 16:08:57 GMT
content-type: application/json
age: 748
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7eyrT73P0K8bjGJsG4aJmV5exEHPh34BCFt3fT5dVs0DGNf+UjPOQ+82roEMejWMgFUXAQX8Zi7NvwZHZt8o0g==
x-amz-request-id: EA4B7CWAW14BMVP6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Mar 2023 15:36:05 GMT
age: 2720
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash7eab263adc54e4ffe2eedbf321dffe92 04c18cbb4c8cbbf7bc9af0d2f47450c0c6aff278 3858694afa4dc7ac33b9eec868c48298a745916fbf9828b16b6add592fe13536
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3858694AFA4DC7AC33B9EEC868C48298A745916FBF9828B16B6ADD592FE13536"
Last-Modified: Thu, 09 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Mar 2023 22:21:25 GMT
Date: Thu, 09 Mar 2023 16:21:25 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:25 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.5.1.min.js | 69.16.175.42 | 200 OK | 31 kB |
URL HTTP/2code.jquery.com/jquery-3.5.1.min.js IP69.16.175.42:0
File typeASCII text, with very long lines (65451) Hash3700d0b271343804b9b9aa1c13efa521 3d6b03dbd74872ca3dfbb0529f6c80943788f918 fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gpt-chat.info
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 16:21:25 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1678378885.dop010.sk1.t,1678378885.cds228.sk1.hn,1678378885.cds208.sk1.c
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashadc69022d7993accb38a273b7a49b376 84a21279057627466a417699e46154e4c05ba639 a658be3e011097b0c705cb4deca825fe9ee4a01c342bec1797280fc3de516644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js | 142.250.74.42 | 200 OK | 5.4 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP142.250.74.42:0
File typeASCII text, with very long lines (2134) Hash30ca3165d143baf2835023bfcf463450 62c662c0873b79a314c040fef28dcd29abb14480 4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Mar 2023 17:57:59 GMT
expires: Wed, 06 Mar 2024 17:57:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 167006
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashdb83c9144d7c3dfd9d65004a5f3eb53f 0e08ecd359f24f50aa4502da7ab34d657cd60b3f 7d2dd5d19ab5101ec348edf477aaa9d52903873168013fa7603bf8e9999fa45b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Mar 2023 16:12:30 GMT
age: 535
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashbc9a86b8d3035b57b58750f8896202e8 1485042fff689cadbf0c7a540f430993f23d45e3 b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12818
Expires: Thu, 09 Mar 2023 19:55:03 GMT
Date: Thu, 09 Mar 2023 16:21:25 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 52.24.53.237 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.24.53.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LDFLzgcOhOG3DHFI/Y8Hyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QTo/rFEnGhKDXj9Ecdi4SdRsVhU=
|
|
| gpt-chat.info/images/dapp-uniswap.png |  31.31.198.226 | 200 OK | 10 kB |
URL HTTP/2gpt-chat.info/images/dapp-uniswap.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hash1948962ad395727d902bd6b5fcd01807 f7e85e096b084ef6d9f550afbcd702fd889031a5 ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/dapp-uniswap.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 10268
last-modified: Tue, 22 Dec 2020 16:02:50 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/dapp-opensea.png | 31.31.198.226 | 200 OK | 6.5 kB |
URL HTTP/2gpt-chat.info/images/dapp-opensea.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hashf82776f839cec899c9c87a680226aabf 43f5dedb6216cb02ee568fcb66cb19fc296c3a85 c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/dapp-opensea.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 6533
last-modified: Tue, 22 Dec 2020 16:02:50 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/dapp-uport.png | 31.31.198.226 | 200 OK | 10 kB |
URL HTTP/2gpt-chat.info/images/dapp-uport.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hash16454a0744a195b774a515fa063abb29 72434fbb478894dc4bc1e9ad4cfa2a6c3cc1c206 1ee651e0237ec42c6d1eb8cf3bee9949512367aa4a26e21a866c03e3635a5666
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/dapp-uport.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 9983
last-modified: Tue, 22 Dec 2020 16:02:50 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/dapp-airswap.png | 31.31.198.226 | 200 OK | 4.3 kB |
URL HTTP/2gpt-chat.info/images/dapp-airswap.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hash5498e401207ba1a34ea2e5b3f8162eb9 731d85e00919a4f2de5d0e20bdeb1626bd042870 42a08e8647eb764688b88195b6b074d7541834c1d2adf98cafc75813bac54bcb
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/dapp-airswap.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 4278
last-modified: Tue, 22 Dec 2020 16:02:50 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/css/webflow.css | 31.31.198.226 | 200 OK | 110 kB |
URL HTTP/2gpt-chat.info/css/webflow.css IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typeUnicode text, UTF-8 text, with very long lines (26393) Size110 kB (110483 bytes) Hashf561ebeee0ef506afd5ea16c524afa98 d31ecad2b4d748bd604995a457bdb4dbf3ed6a5d 86f568a21f55cb886e0e21011077eb81f5fe6ae0d2a5d1270d2cc41d9d34cd80
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | |
GET /css/webflow.css HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: text/css
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/dapp-maker.png | 31.31.198.226 | 200 OK | 6.9 kB |
URL HTTP/2gpt-chat.info/images/dapp-maker.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hash720871ca002e89a10d26e5c516066311 8648fe12645cd5c3473a73faba1d42cef78de444 f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/dapp-maker.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 6852
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/dapp-gitcoin.png | 31.31.198.226 | 200 OK | 8.0 kB |
URL HTTP/2gpt-chat.info/images/dapp-gitcoin.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hashc710e9a5c39e89136a73edf0a1c99abe aca40362b7d87533d00250e102ba852d19e2231c 7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/dapp-gitcoin.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 7998
last-modified: Tue, 22 Dec 2020 16:02:50 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/dapp-bounties.png | 31.31.198.226 | 200 OK | 13 kB |
URL HTTP/2gpt-chat.info/images/dapp-bounties.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hasha374ca0917c641f8f32c959425a59041 28f02de55f7a72da842584d7ec2f0d312c8cf5cc f86c80827c07a5514e161e0a6e26866031b41163dd5014e987e4390dcde28beb
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/dapp-bounties.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 12775
last-modified: Tue, 22 Dec 2020 16:02:50 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/dapp-compound.png | 31.31.198.226 | 200 OK | 11 kB |
URL HTTP/2gpt-chat.info/images/dapp-compound.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hash3818f9cfccbd94fad91a10d3c5ee356c 7c6af849177aa8bf6ef9bcbf801dc375e1997900 20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/dapp-compound.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 11355
last-modified: Tue, 22 Dec 2020 16:02:50 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/fonts/CircularXXWeb-Book.woff | 31.31.198.226 | 200 OK | 102 kB |
URL HTTP/2gpt-chat.info/fonts/CircularXXWeb-Book.woff IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typeWeb Open Font Format, TrueType, length 102361, version 3.0\012- data Size102 kB (102361 bytes) Hash9bcc857659bb569274c0947e22916e6b 83b51ec50d77d1c09e511803c729be28f3b907e9 fb9adde1a41784df0581da48ddd8321897cf4abc33717e8de170d0150971f858
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /fonts/CircularXXWeb-Book.woff HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gpt-chat.info/css/metamask-staging.webflow.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: font/woff
content-length: 102361
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashd23c9f32ca35fb2d81fb59e1852d8a1e c05a9c014548600def3764d0e55b5663728f0254 20c10282ad2ab21f7fed87b0841019acddc3bda3845fabd3cc41d4548c1b1686
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Changa+One:400,400italic | 142.250.74.106 | 200 OK | 8.2 kB |
URL HTTP/2fonts.googleapis.com/css?family=Changa+One:400,400italic IP142.250.74.106:0
Hash2261f7dba002a37b8fa144a32e31a8dd 95d7c38679bd810c9fb18778e6e6dc02f25b3b5f d1f6e0422e52bb13d4ad90667f979f9f1a3ee9f2f2c03c2e6332c0179373a53b
GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Mar 2023 16:21:26 GMT
date: Thu, 09 Mar 2023 16:21:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/css/normalize.css | 31.31.198.226 | 200 OK | 107 kB |
URL HTTP/2gpt-chat.info/css/normalize.css IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
Size107 kB (106672 bytes) Hash1a454c8d14442cdeec025e8606bf00d8 d810ecc3fb065a5e6f0371b0732a6565776a70ec fb253714c36514bb8e3de8bfa975c5dfecf54c96d28b8bfbb9cb70836f46bf8e
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | |
GET /css/normalize.css HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: text/css
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/mm-shop-hoodie.png | 31.31.198.226 | 200 OK | 248 kB |
URL HTTP/2gpt-chat.info/images/mm-shop-hoodie.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 786 x 786, 8-bit/color RGBA, non-interlaced\012- data Size248 kB (248235 bytes) Hash7534036998c32e6fbe3f79b53a6e3454 744cfcfbce4c9ffd9d8df6b284f0de45df7f4aa4 ead4f9f5e42c4ad7ffd754811836a324116e4960c847d298a319f9aa01734dc5
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | |
GET /images/mm-shop-hoodie.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 248235
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/logo.js | 31.31.198.226 | 200 OK | 601 kB |
IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
Size601 kB (600871 bytes) Hashb3ae337cc079a95365cd9fd629e254e7 877022e031ab001817a52ed927a88d460bb6cdd8 de22c1d9386883a53697fd280dd2048e6a2cd965cd5b447dcbd33fc60a554fac
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /logo.js HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: application/javascript
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/js/webflow.js | 31.31.198.226 | 200 OK | 246 kB |
URL HTTP/2gpt-chat.info/js/webflow.js IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
Size246 kB (245618 bytes) Hash7d8825886fdf61abe216d64aa0e39861 bcc59540da6f1ac4dcefb273fda6e6d106f461a5 38a4c1bf6577f8a13148ff79864658d77bf4e0e8f7f0d957f9a4edaaa5ab6d0d
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /js/webflow.js HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: application/javascript
last-modified: Tue, 22 Dec 2020 16:02:54 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 | 216.58.207.227 | 200 OK | 8.4 kB |
URL HTTP/2fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data Hash141119ae119bf7ca75e10ef82f66e442 adebf435aa078db3c116cb9faae15f2ad81d3ac5 c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gpt-chat.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Mar 2023 13:04:24 GMT
expires: Thu, 07 Mar 2024 13:04:24 GMT
cache-control: public, max-age=31536000
age: 98222
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashfbb97b19dce42f7387d0de43d9968c85 a9f5673974c16e19afbc189ee4e0fbda8dc1a6f6 b80f1b8336e9b19f2db649e39ff988b5f05e35efff2ca53126ac6ca04f4e8bbe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/s/player/21246a91/www-widgetapi.vflset/www-widgetapi.js | 216.58.207.238 | 200 OK | 63 kB |
URL HTTP/2www.youtube.com/s/player/21246a91/www-widgetapi.vflset/www-widgetapi.js IP216.58.207.238:0
File typeASCII text, with very long lines (591) Hashd715a1fbdc52b9bc57b9baa095752eec dab6c49f966379b2caf73feb5e2cfe6d272e7cf7 0ef72909d991ad4c7c54b6c65c58363a444ce301eaeec0c10a9d5ac6829f00c3
GET /s/player/21246a91/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.embedly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 62983
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Mar 2023 14:42:56 GMT
expires: Fri, 08 Mar 2024 14:42:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Mar 2023 01:18:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 5910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash96ac59c359dbcfc2598a2d34e84da6bb 8b79e6498c3b8509d9608d5f406f455115dbc474 cedb401f633f4f12cdf23f20cc3ccedc3ca4c416ff892248797388426df1c318
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= |  104.16.86.5 | 200 OK | 3.8 kB |
URL HTTP/1.1forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP104.16.86.5:0
File typeUnicode text, UTF-8 text, with very long lines (12478), with no line terminators Hash758f3f64e9913dd279447b82779c7a12 dfcffcfc8fe6c9bb5fcdc725a8227b284fc631de 0cf9a9423bf7695fa78f49960bcda020728a8d6db847f154a8f6ce0bfb0c383d
GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 16:21:26 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace: 2B8CD6B7629462FE00BE158793C8ECD27AC004949D000000000000000000
X-Origin-Hublet: na1
Vary: origin
X-HubSpot-Correlation-Id: e2bddd98-c2d8-4d9a-82b0-c5185f4be6d2
Content-Disposition: attachment; filename=no-rfd.txt
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: false
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 7a54a6aa48961c0a-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| gpt-chat.info/images/webclip.png | 31.31.198.226 | 200 OK | 12 kB |
URL HTTP/2gpt-chat.info/images/webclip.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data Hash48400a28770e10dd52a8c0e539aeb282 151bcd0c431ed79f30193731de564106a5b11956 27712ebee35bae5474f124f7cbf6cb2ca60d5121e561d284c9f11a4e69efd663
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/webclip.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 11764
last-modified: Tue, 22 Dec 2020 16:02:50 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/favicon.png | 31.31.198.226 | 200 OK | 1.5 kB |
URL HTTP/2gpt-chat.info/images/favicon.png IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Hashb7919ea38a8beed9b4763858c4f7412b 1aa57bcd7ca8a0c3352923c9ee06c472f23d5b63 214080adac9969108cb602cb68617e332db1288e95e18c29c10f9396c6d3744c
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Generic Crypto/Wallet | | openphish | Crypto/Wallet | |
GET /images/favicon.png HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/png
content-length: 1532
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/mm-logo.svg | 31.31.198.226 | 200 OK | 3.8 kB |
URL HTTP/2gpt-chat.info/images/mm-logo.svg IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
Hashdd6d61a70612496a9b2f5df451ef61a5 ca0a0ecfd7a4aa9d6e320392898209f295dc35a3 5e853a2d2bfa63dc9069ecdb0754b354e43e9d5ecaae9312ccfedb7c504c3383
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /images/mm-logo.svg HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true | 216.58.211.4 | 200 OK | 614 B |
URL HTTP/2www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true IP216.58.211.4:0
File typeASCII text, with very long lines (1008), with no line terminators Hash173645ade0412220ff14e6571b77b1ae 6c15ec3268f89096cb28bb11e9433887244678ac f62c0c3e066ef816e6f15a7de296c07876e86551bd0c51375915822d9ca6a908
GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 09 Mar 2023 16:21:27 GMT
date: Thu, 09 Mar 2023 16:21:27 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/ | 31.31.198.226 | 200 OK | 636 kB |
IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
Size636 kB (636357 bytes) Hash4ed28a08bc4f6f1b5589b49e51eeb3eb ff5e27c481d98ea041b66b6879b712a36c3e5140 4adcdfeab5abfeeeb400ef3783fbddfd5399e4074cfa4cb686aedb5033cc3d03
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET / HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:25 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 22 Dec 2020 20:48:14 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 280 B |
IP192.229.221.95:0
Hasheae690bc627128028c5076f9e3f16f3e 23cfda8cd77502ba4d5c417e5aa9e4bb7f2425ed cdb87c9c225f5956b07d974a690de7431c6f0b4198aa04388f93caccd2501041
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4409
Cache-Control: max-age=137088
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Etag: "64096ace-118"
Expires: Sat, 11 Mar 2023 06:26:15 GMT
Last-Modified: Thu, 09 Mar 2023 05:12:46 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 280
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash54939002388023971ddb6b7e7ad53403 21f73b23a35299dfbae64d57dd2762625a9a09f5 8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12504
Expires: Thu, 09 Mar 2023 19:49:51 GMT
Date: Thu, 09 Mar 2023 16:21:27 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash54939002388023971ddb6b7e7ad53403 21f73b23a35299dfbae64d57dd2762625a9a09f5 8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12504
Expires: Thu, 09 Mar 2023 19:49:51 GMT
Date: Thu, 09 Mar 2023 16:21:27 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash54939002388023971ddb6b7e7ad53403 21f73b23a35299dfbae64d57dd2762625a9a09f5 8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12504
Expires: Thu, 09 Mar 2023 19:49:51 GMT
Date: Thu, 09 Mar 2023 16:21:27 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcd029abcba5db74cecb02bad1a036c43 bc714ee0389e279919dde08149be61c4dc9ab0a7 10ae90728b38f7aeba134961a7b80c68c213a09eeef618ef3d66f3305b19834e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4770
x-amzn-requestid: 963dae3d-8336-4a5b-8b25-c3617f946d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BUZkWFhLIAMF6FQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6404d61b-1b705b460f7539f97c3dd7e5;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 17:49:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: HM56vjzUqmaOjBHUlhgopx3n5qjLe3x6v-AleC5P9ZRCJt5ndUZSsw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 22:35:48 GMT
age: 63939
etag: "bc714ee0389e279919dde08149be61c4dc9ab0a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd541504b5777fedb1a4b99770ca977e0 1acb5b7a05f617c8fc7cd6fe420ab72646bfc306 34dfdf8d3d5fa6fed1a6eca3c852301dae86f3765f824d93c26980fb8ac519c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4785
x-amzn-requestid: 57be76f4-6f1b-45d2-bfc1-fc573c56489a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeJEhZIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff8d-5e469b5f2c0adfd619e0e7b4;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: jl-Ed8eQYVXZpU-veP1wAdNiiwQe-ZlApp8BsN7vx7pLBL4FVceI8A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "1acb5b7a05f617c8fc7cd6fe420ab72646bfc306"
content-type: image/jpeg
age: 66960
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626e2c33-8f9d-461c-874b-6e24d45c4cc2.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626e2c33-8f9d-461c-874b-6e24d45c4cc2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4b8e30bb39aa250f6c2df08389a4e145 642f9f6fafe2c8025703faf03b808d4bea113bcc 9c6d4ae7fc960846400f4df2c574758b5844df8f5a6d2c0f914bd370aba4ba52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626e2c33-8f9d-461c-874b-6e24d45c4cc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8716
x-amzn-requestid: 40087886-c4fe-4a66-b8ba-20a2125112b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BfKV3E71IAMFpew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64092425-221d2dbe33c80377171dd984;Sampled=0
x-amzn-remapped-date: Thu, 09 Mar 2023 00:11:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: vLvJ1N-7Ksrj6pgZnxtfw4AEnDIRBbwQz-ZhKt8UpuqRLdTxBdpDlA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Mar 2023 00:14:35 GMT
age: 58012
etag: "642f9f6fafe2c8025703faf03b808d4bea113bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F834c2aef-aac4-479f-968e-6e2512e6b3a7.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F834c2aef-aac4-479f-968e-6e2512e6b3a7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0a2b1e2520b334c727a108a6ef9e3a5b bb9f22ac357ef47cac278a35acfec2a3c45b9778 44395dbddf288edbb6e450aedbdbef228904b39ff4816a11113be7e5c7f209b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F834c2aef-aac4-479f-968e-6e2512e6b3a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0596691a-f410-4aaf-9b05-f9e24f776901
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeKGgGIAMF4UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff8d-4a4a6e5e1ba9967f11131c82;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 1XWxXaZjyNC3WJc099cqyObZeW32Ir4ufa9mGOKLLtrAJJwBu6nydw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "bb9f22ac357ef47cac278a35acfec2a3c45b9778"
content-type: image/jpeg
age: 66960
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f251f5-acf0-4b4d-b332-663948096581.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f251f5-acf0-4b4d-b332-663948096581.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashbee21e24a8563f58779bdc1dd5f09d40 97f1a22ca2e5621bf4d6a6d5af5459f71aadfe09 681cf2c408b6de05f18388da19c691c5e4a28f5a82b04c0e788517b89906d89a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f251f5-acf0-4b4d-b332-663948096581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9137
x-amzn-requestid: 0cd2a550-d932-4991-9226-9274b0b54d8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BS76gHSPIAMFy2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64044042-73c2be3e28070ef400cf6a79;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 07:09:54 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 8jl_47JNTn8sWtv3GqDyDKjWrsALnUhbf2R-U8RRjP2Ll_J7wiBDnw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Mar 2023 11:25:05 GMT
age: 17782
etag: "97f1a22ca2e5621bf4d6a6d5af5459f71aadfe09"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash636ad724875a1b8f978d351d851af52d 61075cafcbfe1c763ab0b1c79540d42e7ae63942 382228b2396099885438936cd087a9bfa2d272160475859123f8a7ec7f5f34c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7206
x-amzn-requestid: bc793a8e-f967-4a1b-81d2-be45c56bd93b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BPorOF-CIAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6402ee47-3e38c6af4234bd164a429258;Sampled=0
x-amzn-remapped-date: Sat, 04 Mar 2023 07:07:51 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Xb2s4bB3o_N7MZTbTBeHvSP-1P_LdQiXcRKYiaZ-s9JAomhrUYyqUg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 20:05:39 GMT
age: 72948
etag: "61075cafcbfe1c763ab0b1c79540d42e7ae63942"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1bc9c5661aa5ec36ec92993a723d2aae ea393967dc66a0f9897b9be5a823111013111db9 96279c8c1018eb092c9f618350c6f8f8a4b8169a49147ca7017b6e5a7dbeed77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash2726a99d56af46f79cf560fe62596ac0 201fc47519cbcd943a300778561166fed4079994 9ff6f14d89812e00e47973ad388e8de4182440de558ed6d3def3007bc779ce2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 280 B |
IP192.229.221.95:0
Hasheae690bc627128028c5076f9e3f16f3e 23cfda8cd77502ba4d5c417e5aa9e4bb7f2425ed cdb87c9c225f5956b07d974a690de7431c6f0b4198aa04388f93caccd2501041
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5022
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Last-Modified: Thu, 09 Mar 2023 14:57:45 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 280
|
|
| static.doubleclick.net/instream/ad_status.js | 142.250.74.38 | 200 OK | 29 B |
URL HTTP/2static.doubleclick.net/instream/ad_status.js IP142.250.74.38:0
Hash1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Mar 2023 16:12:25 GMT
expires: Thu, 09 Mar 2023 16:27:25 GMT
cache-control: public, max-age=900
age: 542
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 280 B |
IP192.229.221.95:0
Hasheae690bc627128028c5076f9e3f16f3e 23cfda8cd77502ba4d5c417e5aa9e4bb7f2425ed cdb87c9c225f5956b07d974a690de7431c6f0b4198aa04388f93caccd2501041
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4407
Cache-Control: max-age=137086
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Etag: "64096ace-118"
Expires: Sat, 11 Mar 2023 06:26:13 GMT
Last-Modified: Thu, 09 Mar 2023 05:12:46 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 280 B |
IP192.229.221.95:0
Hasheae690bc627128028c5076f9e3f16f3e 23cfda8cd77502ba4d5c417e5aa9e4bb7f2425ed cdb87c9c225f5956b07d974a690de7431c6f0b4198aa04388f93caccd2501041
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5035
Cache-Control: max-age=137714
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Etag: "64096ace-118"
Expires: Sat, 11 Mar 2023 06:36:41 GMT
Last-Modified: Thu, 09 Mar 2023 05:12:46 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 280
|
|
| googleads.g.doubleclick.net/pagead/id | 142.250.74.2 | 302 Found | 0 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id IP142.250.74.2:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 09 Mar 2023 16:21:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 172.217.21.170 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP172.217.21.170:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 09 Mar 2023 16:21:27 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1bc9c5661aa5ec36ec92993a723d2aae ea393967dc66a0f9897b9be5a823111013111db9 96279c8c1018eb092c9f618350c6f8f8a4b8169a49147ca7017b6e5a7dbeed77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash7b7049a6f7f2cb41f99c789aac094e37 8cfd0d8c33a5a3d726cc68ff9008553476bc442f f42386e4da540ef7be0e053091a1e13f8a2638cdc131d92e773dac20db651b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 172.217.21.170 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP172.217.21.170:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash79fb96fadd0077a80d44cfeb8369f307 19f1f2404d45cbe49a0bdf0359c88de61fe32fd1 cc676bd0e072409ff4d841382cea2ed975c912c54fadfd10324405d61734925f
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 09 Mar 2023 16:21:27 GMT
server: ESF
cache-control: private
content-length: 31093
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashc772d100110646b009e72c0d4effd747 13c1fac99cb4cdf9ab5015fefce1a6e2c758cefa 8308dd2e35bc8b9db99077aad747ba34e6b17d9de10c9c4e50e6ca9867720d79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| exceptions.hubspot.com/csp/report?resource=FormsNext/static-2.34/html/recaptcha.html&cfRay=7a54a6aef7171c06-IAD | 104.19.155.83 | 204 No Content | 0 B |
URL HTTP/2exceptions.hubspot.com/csp/report?resource=FormsNext/static-2.34/html/recaptcha.html&cfRay=7a54a6aef7171c06-IAD IP104.19.155.83:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/report?resource=FormsNext/static-2.34/html/recaptcha.html&cfRay=7a54a6aef7171c06-IAD HTTP/1.1
Host: exceptions.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 324
Origin: https://app.hubspot.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Thu, 09 Mar 2023 16:21:27 GMT
x-hubspot-correlation-id: 533b0683-0c06-49c2-8497-c750f7f009b7
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=4rvgP6nSQI.o1N5Q.vMzE.Zo_oebuNPMbhofqzjUbGA-1678378887-0-AVIQ9rE3GXxVYkTwxwZQrai76kLVmXsZmN7mAltJPHZj8e/GHAm4lVLUhJTHjLxvgbp+l5ktmpF/ANGJsyjExos=; path=/; expires=Thu, 09-Mar-23 16:51:27 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpixUOEy7C2GE7rmwfEvG%2FyakLzS9cX%2Bp4GHYF97EZVJiODUEQYuxHJHUNlYrZ6BwVEWyZsUClS0L1Tnd16sJJgJY4GExwX%2F68%2Fchx7ZgWZVsV6b3drwgpdinctGcqPtwE0gh2IM0Uw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a54a6affe54067b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi/YVgfHZMFFFQ/maxresdefault.jpg | 142.250.74.54 | 200 OK | 83 kB |
URL HTTP/2i.ytimg.com/vi/YVgfHZMFFFQ/maxresdefault.jpg IP142.250.74.54:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data Hasha2bff26aa5b9abac6fc57c8759011cd1 507616459659065dc17d7662d8337a800c20ddff d7fd5afdd732dcfc52b067c4948158f4a6db333bdc18035bd79b03544c1e9c04
GET /vi/YVgfHZMFFFQ/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 83294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Mar 2023 16:16:35 GMT
expires: Thu, 09 Mar 2023 18:16:35 GMT
cache-control: public, max-age=7200
etag: "1582837014"
content-type: image/jpeg
vary: Origin
age: 292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| exceptions.hubspot.com/csp/report?resource=FormsNext/static-2.34/html/recaptcha.html&cfRay=7a54a6aef7171c06-IAD | 104.19.155.83 | 204 No Content | 0 B |
URL HTTP/2exceptions.hubspot.com/csp/report?resource=FormsNext/static-2.34/html/recaptcha.html&cfRay=7a54a6aef7171c06-IAD IP104.19.155.83:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp/report?resource=FormsNext/static-2.34/html/recaptcha.html&cfRay=7a54a6aef7171c06-IAD HTTP/1.1
Host: exceptions.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 324
Origin: https://app.hubspot.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Thu, 09 Mar 2023 16:21:27 GMT
x-hubspot-correlation-id: bfb37d0e-b627-4290-8aa1-a8a3a2f85fb9
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=dT7FBWEjKpn5eSMws7jaaF8IjASigusfyx1Jb4cqjaI-1678378887-0-AdVbYHmJ4e1FWFWI8NoYhM7tytCsp3RlMpeSySVtqMNQCFP+ZQItY3SiFPRbcSBkCbZZfXvlgj4d3FAa1B9RMSs=; path=/; expires=Thu, 09-Mar-23 16:51:27 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGXkYwh5pTLcULoICkKzm5mwnA%2Bc9EtqwrHTFr%2BclCSw21Dm4jM6PIVj%2Bk8YlzC3u5G3MPr0HeBBryXiaXz8EGBAbSjofUlE9o26iZFzCCylauZW%2ByJiiKo0LmBqvSCjkXga3ofrYks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a54a6b03e88067b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashbfe8ae7d8a4c1ad3c41c359b26288d93 3b8c99fd49e98733d9699a69b6011f769ca91734 9d38c08e8c62fe5da677d1b62554fcf21da1b5c38a06b9861a059718ba9c8e29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash4a2b94ee282f02783c1d367bbf5c951d 641d991f77a9039c1602bcb27025fdc1e11aaa76 091bf1d9b383ffd3118cdb35854f756ad70991361916e6ef93e38f83f8d70729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/ytc/AL5GRJXPtZBliofzZGBiXPY2WrU6OxA-rRH-kQQJlpiJ=s68-c-k-c0x00ffffff-no-rj | 142.250.74.129 | 200 OK | 2.7 kB |
URL HTTP/2yt3.ggpht.com/ytc/AL5GRJXPtZBliofzZGBiXPY2WrU6OxA-rRH-kQQJlpiJ=s68-c-k-c0x00ffffff-no-rj IP142.250.74.129:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data Hash6b9680c9e0e4b8f66f2eb05e767c68eb 1bac27e970d3f77973c4e877f56acc1b844885bd 73360daef1e2781c6fe96e9150f10f2e4bbfe239940e15aa93cad4a901e10ce7
GET /ytc/AL5GRJXPtZBliofzZGBiXPY2WrU6OxA-rRH-kQQJlpiJ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2716
x-xss-protection: 0
date: Thu, 09 Mar 2023 15:26:38 GMT
expires: Fri, 03 Feb 2023 13:11:59 GMT
cache-control: public, max-age=86400, no-transform
age: 3289
etag: "v1c"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash4a2b94ee282f02783c1d367bbf5c951d 641d991f77a9039c1602bcb27025fdc1e11aaa76 091bf1d9b383ffd3118cdb35854f756ad70991361916e6ef93e38f83f8d70729
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 16:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 172.217.21.170 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP172.217.21.170:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 09 Mar 2023 16:21:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 172.217.21.170 | 200 OK | 114 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP172.217.21.170:0
File typeJSON data\012- , ASCII text, with no line terminators Hash4b427797f82644e979c59eaec72a3e15 99d80da4fd5bc9a7999553b1cb6e42fcc38d3bc1 84809556f1c876d9eb998173eb4dfa0e1e2e9d459da98c33818e6d7889c1558c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1352
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 09 Mar 2023 16:21:28 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| app.hubspot.com/forms-next-v2-captcha | 104.19.154.83 | 200 OK | 0 B |
URL HTTP/2app.hubspot.com/forms-next-v2-captcha IP104.19.154.83:0
GET /forms-next-v2-captcha HTTP/1.1
Host: app.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 16:21:27 GMT
content-type: text/html; charset=utf-8
cf-ray: 7a54a6aebca71c06-OSL
age: 608
cache-control: max-age=0, no-cache, no-store
etag: W/"a5022c82eff235a78f2a19b2077c892f"
last-modified: Fri, 26 Jan 2018 04:28:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
cache-tag: staticjsapp-FormsNextv2-web-prod,staticjsapp-prod
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=FormsNext/static-2.34/html/recaptcha.html&cfRay=7a54a6aef7171c06-IAD
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7a54a6aebca71c06&resource=FormsNext/static-2.34/html/recaptcha.html"
x-amz-cf-id: ixp5MF9OeOYfdDXOP9vA0JMqo-eDCwbR9jc04Yp9Z09RwrB13Bnl4A==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-version-id: z9bLV8d4.yruStD_kdZCmLp6b0cakt0u
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: FormsNext/static-2.34/html/recaptcha.html
x-hs-worker-debug-mode: false
set-cookie: __cf_bm=yro8C7zOjcbvw2l0gNbVPi7jZQHPxpEN42bDT8fwuF0-1678378887-0-AXN9R4xoPDx+OrUNpMtk4GOIwyeN2bl9VnqDYAXGwO1W45lfXYL2wYxRC9KJ6qLYPGj3DmAIm887EJsTOtzKoJ0=; path=/; expires=Thu, 09-Mar-23 16:51:27 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/forms/v2.js | 31.31.198.226 | 200 OK | 0 B |
URL HTTP/2gpt-chat.info/forms/v2.js IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /forms/v2.js HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: application/javascript
last-modified: Tue, 22 Dec 2020 16:02:54 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/wallet-illo.svg | 31.31.198.226 | 200 OK | 0 B |
URL HTTP/2gpt-chat.info/images/wallet-illo.svg IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /images/wallet-illo.svg HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.youtube.com/iframe_api | 216.58.207.238 | 200 OK | 0 B |
URL HTTP/2www.youtube.com/iframe_api IP216.58.207.238:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.embedly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 09 Mar 2023 16:21:26 GMT
date: Thu, 09 Mar 2023 16:21:26 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=7N-t8YDXm4k; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=n41TSL5Ihxg; Domain=.youtube.com; Expires=Tue, 05-Sep-2023 16:21:26 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+353; expires=Sat, 08-Mar-2025 16:21:26 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/Explore-illo.svg | 31.31.198.226 | 200 OK | 0 B |
URL HTTP/2gpt-chat.info/images/Explore-illo.svg IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /images/Explore-illo.svg HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/social-35.svg | 31.31.198.226 | 200 OK | 0 B |
URL HTTP/2gpt-chat.info/images/social-35.svg IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /images/social-35.svg HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Dec 2020 16:02:50 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gpt-chat.info/images/Browse-illo.svg | 31.31.198.226 | 200 OK | 0 B |
URL HTTP/2gpt-chat.info/images/Browse-illo.svg IP31.31.198.226:0 ASN#197695 Domain names registrar REG.RU, Ltd
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /images/Browse-illo.svg HTTP/1.1
Host: gpt-chat.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gpt-chat.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 16:21:26 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Dec 2020 16:02:52 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|